honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[cleanup] renaming classes 

mostly renamed `Secured....` classes to `Shield...` classes. applied to construct that replace other similar constructs either in es core or in other libraries. This will make it clear that the new constructs are coming from shield (in the logs). Also no need to call it "secured" as if shield replaces them, it's very likely they relate to security in one way or another :)

Original commit: elastic/x-pack-elasticsearch@f528a10b14
This commit is contained in:
uboness 2015-01-28 23:54:27 +01:00
parent dd5332500c
commit 5c175503b7
20 changed files with 72 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/main/java/org/elasticsearch/shield/ShieldModule.java
View File

@ -17,7 +17,7 @@ import org.elasticsearch.shield.rest.ShieldRestModule;
import org.elasticsearch.shield.license.LicenseModule;
import org.elasticsearch.shield.ssl.SSLModule;
import org.elasticsearch.shield.support.AbstractShieldModule;
import org.elasticsearch.shield.transport.SecuredTransportModule;
import org.elasticsearch.shield.transport.ShieldTransportModule;
/**
*
@ -36,7 +36,7 @@ public class ShieldModule extends AbstractShieldModule.Spawn {
if (clientMode) {
return ImmutableList.<Module>of(
new ShieldActionModule(settings),
new SecuredTransportModule(settings),
new ShieldTransportModule(settings),
new SSLModule(settings));
}
@ -47,7 +47,7 @@ public class ShieldModule extends AbstractShieldModule.Spawn {
new AuditTrailModule(settings),
new ShieldRestModule(settings),
new ShieldActionModule(settings),
new SecuredTransportModule(settings),
new ShieldTransportModule(settings),
new SignatureModule(settings),
new SSLModule(settings));
}

4
src/main/java/org/elasticsearch/shield/transport/SecuredClientTransportService.java → src/main/java/org/elasticsearch/shield/transport/ShieldClientTransportService.java
View File

@ -11,12 +11,12 @@ import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.threadpool.ThreadPool;
import org.elasticsearch.transport.*;
public class SecuredClientTransportService extends TransportService {
public class ShieldClientTransportService extends TransportService {
private final ClientTransportFilter clientFilter;
@Inject
public SecuredClientTransportService(Settings settings, Transport transport, ThreadPool threadPool, ClientTransportFilter clientFilter) {
public ShieldClientTransportService(Settings settings, Transport transport, ThreadPool threadPool, ClientTransportFilter clientFilter) {
super(settings, transport, threadPool);
this.clientFilter = clientFilter;
}

18
src/main/java/org/elasticsearch/shield/transport/SecuredServerTransportService.java → src/main/java/org/elasticsearch/shield/transport/ShieldServerTransportService.java
View File

@ -9,8 +9,8 @@ import org.elasticsearch.cluster.node.DiscoveryNode;
import org.elasticsearch.common.collect.Maps;
import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.shield.transport.netty.NettySecuredTransport;
import org.elasticsearch.shield.transport.netty.SecuredMessageChannelHandler;
import org.elasticsearch.shield.transport.netty.ShieldNettyTransport;
import org.elasticsearch.shield.transport.netty.ShieldMessageChannelHandler;
import org.elasticsearch.threadpool.ThreadPool;
import org.elasticsearch.transport.*;
@ -19,7 +19,7 @@ import java.util.Map;
/**
*
*/
public class SecuredServerTransportService extends TransportService {
public class ShieldServerTransportService extends TransportService {
public static final String SETTING_NAME = "shield.type";
@ -29,10 +29,10 @@ public class SecuredServerTransportService extends TransportService {
private final Map<String, ServerTransportFilter> profileFilters;
@Inject
public SecuredServerTransportService(Settings settings, Transport transport, ThreadPool threadPool,
ServerTransportFilter.ClientProfile clientProfileFilter,
ServerTransportFilter.NodeProfile nodeProfileFilter,
ClientTransportFilter clientTransportFilter) {
public ShieldServerTransportService(Settings settings, Transport transport, ThreadPool threadPool,
ServerTransportFilter.ClientProfile clientProfileFilter,
ServerTransportFilter.NodeProfile nodeProfileFilter,
ClientTransportFilter clientTransportFilter) {
super(settings, transport, threadPool);
this.clientProfileFilter = clientProfileFilter;
this.nodeProfileFilter = nodeProfileFilter;
@ -62,7 +62,7 @@ public class SecuredServerTransportService extends TransportService {
}
private Map<String, ServerTransportFilter> initializeProfileFilters() {
if (!(transport instanceof NettySecuredTransport)) {
if (!(transport instanceof ShieldNettyTransport)) {
return null;
}
@ -150,7 +150,7 @@ public class SecuredServerTransportService extends TransportService {
@SuppressWarnings("unchecked")
public void messageReceived(TransportRequest request, TransportChannel channel) throws Exception {
try {
SecuredMessageChannelHandler.VisibleNettyTransportChannel nettyTransportChannel = (SecuredMessageChannelHandler.VisibleNettyTransportChannel) channel;
ShieldMessageChannelHandler.VisibleNettyTransportChannel nettyTransportChannel = (ShieldMessageChannelHandler.VisibleNettyTransportChannel) channel;
String profile = nettyTransportChannel.getProfile();
ServerTransportFilter filter = profileFilters.get(profile);
if (filter == null) {

18
src/main/java/org/elasticsearch/shield/transport/SecuredTransportModule.java → src/main/java/org/elasticsearch/shield/transport/ShieldTransportModule.java
View File

@ -13,16 +13,16 @@ import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.shield.ShieldPlugin;
import org.elasticsearch.shield.support.AbstractShieldModule;
import org.elasticsearch.shield.transport.filter.IPFilter;
import org.elasticsearch.shield.transport.netty.NettySecuredHttpServerTransportModule;
import org.elasticsearch.shield.transport.netty.NettySecuredTransportModule;
import org.elasticsearch.shield.transport.netty.ShieldNettyHttpServerTransportModule;
import org.elasticsearch.shield.transport.netty.ShieldNettyTransportModule;
import org.elasticsearch.transport.TransportModule;
/**
*
*/
public class SecuredTransportModule extends AbstractShieldModule.Spawn implements PreProcessModule {
public class ShieldTransportModule extends AbstractShieldModule.Spawn implements PreProcessModule {
public SecuredTransportModule(Settings settings) {
public ShieldTransportModule(Settings settings) {
super(settings);
}
@ -30,21 +30,21 @@ public class SecuredTransportModule extends AbstractShieldModule.Spawn implement
public Iterable<? extends Module> spawnModules(boolean clientMode) {
if (clientMode) {
return ImmutableList.of(new NettySecuredTransportModule(settings));
return ImmutableList.of(new ShieldNettyTransportModule(settings));
}
return ImmutableList.of(
new NettySecuredHttpServerTransportModule(settings),
new NettySecuredTransportModule(settings));
new ShieldNettyHttpServerTransportModule(settings),
new ShieldNettyTransportModule(settings));
}
@Override
public void processModule(Module module) {
if (module instanceof TransportModule) {
if (clientMode) {
((TransportModule) module).setTransportService(SecuredClientTransportService.class, ShieldPlugin.NAME);
((TransportModule) module).setTransportService(ShieldClientTransportService.class, ShieldPlugin.NAME);
} else {
((TransportModule) module).setTransportService(SecuredServerTransportService.class, ShieldPlugin.NAME);
((TransportModule) module).setTransportService(ShieldServerTransportService.class, ShieldPlugin.NAME);
}
}
}

4
src/main/java/org/elasticsearch/shield/transport/netty/NettyIPFilterUpstreamHandler.java → src/main/java/org/elasticsearch/shield/transport/netty/IPFilterNettyUpstreamHandler.java
View File

@ -17,12 +17,12 @@ import java.net.InetSocketAddress;
*
*/
@ChannelHandler.Sharable
public class NettyIPFilterUpstreamHandler extends IpFilteringHandlerImpl {
public class IPFilterNettyUpstreamHandler extends IpFilteringHandlerImpl {
private final IPFilter filter;
private final String profile;
public NettyIPFilterUpstreamHandler(IPFilter filter, String profile) {
public IPFilterNettyUpstreamHandler(IPFilter filter, String profile) {
this.filter = filter;
this.profile = profile;
}

4
src/main/java/org/elasticsearch/shield/transport/netty/SecuredMessageChannelHandler.java → src/main/java/org/elasticsearch/shield/transport/netty/ShieldMessageChannelHandler.java
View File

@ -23,11 +23,11 @@ import org.elasticsearch.transport.netty.NettyTransportChannel;
import java.io.IOException;
import java.net.InetSocketAddress;
public class SecuredMessageChannelHandler extends MessageChannelHandler {
public class ShieldMessageChannelHandler extends MessageChannelHandler {
private final String profileName;
public SecuredMessageChannelHandler(NettyTransport nettyTransport, String profileName, ESLogger logger) {
public ShieldMessageChannelHandler(NettyTransport nettyTransport, String profileName, ESLogger logger) {
super(nettyTransport, logger);
this.profileName = profileName;
}

8
src/main/java/org/elasticsearch/shield/transport/netty/NettySecuredHttpServerTransport.java → src/main/java/org/elasticsearch/shield/transport/netty/ShieldNettyHttpServerTransport.java
View File

@ -21,15 +21,15 @@ import javax.net.ssl.SSLEngine;
/**
*
*/
public class NettySecuredHttpServerTransport extends NettyHttpServerTransport {
public class ShieldNettyHttpServerTransport extends NettyHttpServerTransport {
private final IPFilter ipFilter;
private final SSLService sslService;
private final boolean ssl;
@Inject
public NettySecuredHttpServerTransport(Settings settings, NetworkService networkService, BigArrays bigArrays,
IPFilter ipFilter, SSLService sslService) {
public ShieldNettyHttpServerTransport(Settings settings, NetworkService networkService, BigArrays bigArrays,
IPFilter ipFilter, SSLService sslService) {
super(settings, networkService, bigArrays);
this.ipFilter = ipFilter;
this.ssl = settings.getAsBoolean("shield.http.ssl", false);
@ -57,7 +57,7 @@ public class NettySecuredHttpServerTransport extends NettyHttpServerTransport {
pipeline.addFirst("ssl", new SslHandler(engine));
}
pipeline.addFirst("ipfilter", new NettyIPFilterUpstreamHandler(ipFilter, IPFilter.HTTP_PROFILE_NAME));
pipeline.addFirst("ipfilter", new IPFilterNettyUpstreamHandler(ipFilter, IPFilter.HTTP_PROFILE_NAME));
return pipeline;
}
}

6
src/main/java/org/elasticsearch/shield/transport/netty/NettySecuredHttpServerTransportModule.java → src/main/java/org/elasticsearch/shield/transport/netty/ShieldNettyHttpServerTransportModule.java
View File

@ -15,16 +15,16 @@ import org.elasticsearch.shield.support.AbstractShieldModule;
/**
*
*/
public class NettySecuredHttpServerTransportModule extends AbstractShieldModule implements PreProcessModule {
public class ShieldNettyHttpServerTransportModule extends AbstractShieldModule implements PreProcessModule {
public NettySecuredHttpServerTransportModule(Settings settings) {
public ShieldNettyHttpServerTransportModule(Settings settings) {
super(settings);
}
@Override
public void processModule(Module module) {
if (module instanceof HttpServerModule) {
((HttpServerModule) module).setHttpServerTransport(NettySecuredHttpServerTransport.class, ShieldPlugin.NAME);
((HttpServerModule) module).setHttpServerTransport(ShieldNettyHttpServerTransport.class, ShieldPlugin.NAME);
}
}

12
src/main/java/org/elasticsearch/shield/transport/netty/NettySecuredTransport.java → src/main/java/org/elasticsearch/shield/transport/netty/ShieldNettyTransport.java
View File

@ -25,7 +25,7 @@ import java.net.InetSocketAddress;
/**
*
*/
public class NettySecuredTransport extends NettyTransport {
public class ShieldNettyTransport extends NettyTransport {
public static final String HOSTNAME_VERIFICATION_SETTING = "shield.ssl.hostname_verification";
public static final String HOSTNAME_VERIFICATION_RESOLVE_NAME_SETTING = "shield.ssl.hostname_verification.resolve_name";
@ -35,8 +35,8 @@ public class NettySecuredTransport extends NettyTransport {
private final boolean ssl;
@Inject
public NettySecuredTransport(Settings settings, ThreadPool threadPool, NetworkService networkService, BigArrays bigArrays, Version version,
@Nullable IPFilter authenticator, SSLService sslService) {
public ShieldNettyTransport(Settings settings, ThreadPool threadPool, NetworkService networkService, BigArrays bigArrays, Version version,
@Nullable IPFilter authenticator, SSLService sslService) {
super(settings, threadPool, networkService, bigArrays, version);
this.authenticator = authenticator;
this.ssl = settings.getAsBoolean("shield.transport.ssl", false);
@ -78,9 +78,9 @@ public class NettySecuredTransport extends NettyTransport {
pipeline.addFirst("ssl", new SslHandler(serverEngine));
}
pipeline.replace("dispatcher", "dispatcher", new SecuredMessageChannelHandler(nettyTransport, name, logger));
pipeline.replace("dispatcher", "dispatcher", new ShieldMessageChannelHandler(nettyTransport, name, logger));
if (authenticator != null) {
pipeline.addFirst("ipfilter", new NettyIPFilterUpstreamHandler(authenticator, name));
pipeline.addFirst("ipfilter", new IPFilterNettyUpstreamHandler(authenticator, name));
}
return pipeline;
}
@ -98,7 +98,7 @@ public class NettySecuredTransport extends NettyTransport {
if (ssl) {
pipeline.addFirst("sslInitializer", new ClientSslHandlerInitializer());
}
pipeline.replace("dispatcher", "dispatcher", new SecuredMessageChannelHandler(nettyTransport, "default", logger));
pipeline.replace("dispatcher", "dispatcher", new ShieldMessageChannelHandler(nettyTransport, "default", logger));
return pipeline;
}

6
src/main/java/org/elasticsearch/shield/transport/netty/NettySecuredTransportModule.java → src/main/java/org/elasticsearch/shield/transport/netty/ShieldNettyTransportModule.java
View File

@ -15,16 +15,16 @@ import org.elasticsearch.transport.TransportModule;
/**
*
*/
public class NettySecuredTransportModule extends AbstractShieldModule implements PreProcessModule {
public class ShieldNettyTransportModule extends AbstractShieldModule implements PreProcessModule {
public NettySecuredTransportModule(Settings settings) {
public ShieldNettyTransportModule(Settings settings) {
super(settings);
}
@Override
public void processModule(Module module) {
if (module instanceof TransportModule) {
((TransportModule) module).setTransport(NettySecuredTransport.class, ShieldPlugin.NAME);
((TransportModule) module).setTransport(ShieldNettyTransport.class, ShieldPlugin.NAME);
}
}

3
src/test/java/org/elasticsearch/test/ShieldClearScrollTests.java → src/test/java/org/elasticsearch/integration/ShieldClearScrollTests.java
View File

@ -3,7 +3,7 @@
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/
package org.elasticsearch.test;
package org.elasticsearch.integration;
import org.elasticsearch.ExceptionsHelper;
import org.elasticsearch.action.bulk.BulkRequestBuilder;
@ -14,6 +14,7 @@ import org.elasticsearch.action.search.MultiSearchResponse;
import org.elasticsearch.action.search.SearchPhaseExecutionException;
import org.elasticsearch.shield.authc.support.SecuredString;
import org.elasticsearch.shield.authz.AuthorizationException;
import org.elasticsearch.test.ShieldIntegrationTest;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;

4
src/test/java/org/elasticsearch/integration/ldap/AbstractAdLdapRealmTests.java
View File

@ -19,7 +19,7 @@ import org.elasticsearch.shield.authc.support.SecuredString;
import org.elasticsearch.shield.authc.support.UsernamePasswordToken;
import org.elasticsearch.shield.authc.support.ldap.SearchScope;
import org.elasticsearch.shield.authz.AuthorizationException;
import org.elasticsearch.shield.transport.netty.NettySecuredTransport;
import org.elasticsearch.shield.transport.netty.ShieldNettyTransport;
import org.elasticsearch.test.ShieldIntegrationTest;
import org.junit.BeforeClass;
import org.junit.Ignore;
@ -160,7 +160,7 @@ abstract public class AbstractAdLdapRealmTests extends ShieldIntegrationTest {
return settingsBuilder()
.put("shield.ssl.keystore.path", store.getPath())
.put("shield.ssl.keystore.password", password)
.put(NettySecuredTransport.HOSTNAME_VERIFICATION_SETTING, false)
.put(ShieldNettyTransport.HOSTNAME_VERIFICATION_SETTING, false)
.put("shield.ssl.truststore.path", store.getPath())
.put("shield.ssl.truststore.password", password).build();
}

8
src/test/java/org/elasticsearch/shield/ShieldPluginEnabledDisabledTests.java
View File

@ -15,8 +15,8 @@ import org.elasticsearch.node.internal.InternalNode;
import org.elasticsearch.plugins.Plugin;
import org.elasticsearch.shield.authc.support.SecuredString;
import org.elasticsearch.shield.authc.support.UsernamePasswordToken;
import org.elasticsearch.shield.transport.SecuredServerTransportService;
import org.elasticsearch.shield.transport.netty.NettySecuredTransport;
import org.elasticsearch.shield.transport.ShieldServerTransportService;
import org.elasticsearch.shield.transport.netty.ShieldNettyTransport;
import org.elasticsearch.test.ElasticsearchIntegrationTest.ClusterScope;
import org.elasticsearch.test.ShieldIntegrationTest;
import org.elasticsearch.test.ShieldSettingsSource;
@ -90,14 +90,14 @@ public class ShieldPluginEnabledDisabledTests extends ShieldIntegrationTest {
@Test
public void testTransportEnabledDisabled() throws Exception {
for (TransportService service : internalCluster().getInstances(TransportService.class)) {
Matcher<TransportService> matcher = instanceOf(SecuredServerTransportService.class);
Matcher<TransportService> matcher = instanceOf(ShieldServerTransportService.class);
if (!enabled) {
matcher = not(matcher);
}
assertThat(service, matcher);
}
for (Transport transport : internalCluster().getInstances(Transport.class)) {
Matcher<Transport> matcher = instanceOf(NettySecuredTransport.class);
Matcher<Transport> matcher = instanceOf(ShieldNettyTransport.class);
if (!enabled) {
matcher = not(matcher);
}

2
src/test/java/org/elasticsearch/shield/VersionCompatibilityTests.java
View File

@ -38,7 +38,7 @@ public class VersionCompatibilityTests extends ElasticsearchTestCase {
assertThat("Remove TransportProfileUtil class or bump the version, fixed in es core 1.5", Version.CURRENT.onOrBefore(Version.V_1_4_2), is(true));
/**
* see https://github.com/elasticsearch/elasticsearch/pull/9134 {@link org.elasticsearch.shield.transport.netty.SecuredMessageChannelHandler}
* see https://github.com/elasticsearch/elasticsearch/pull/9134 {@link org.elasticsearch.shield.transport.netty.ShieldMessageChannelHandler}
*/
assertThat("Cleanup SecuredMessageChannelHandler class and remove needless code, fixed in es core 1.5", Version.CURRENT.onOrBefore(Version.V_1_4_2), is(true));

2
src/test/java/org/elasticsearch/shield/transport/TransportFilterTests.java
View File

@ -43,7 +43,7 @@ public class TransportFilterTests extends ElasticsearchIntegrationTest {
return ImmutableSettings.settingsBuilder()
.put("plugins.load_classpath_plugins", false)
.put("plugin.types", InternalPlugin.class.getName())
.put(TransportModule.TRANSPORT_SERVICE_TYPE_KEY, SecuredServerTransportService.class.getName())
.put(TransportModule.TRANSPORT_SERVICE_TYPE_KEY, ShieldServerTransportService.class.getName())
.build();
}

6
src/test/java/org/elasticsearch/shield/transport/netty/NettyIPFilterUpstreamHandlerTests.java → src/test/java/org/elasticsearch/shield/transport/netty/IPFilterNettyUpstreamHandlerTests.java
View File

@ -23,9 +23,9 @@ import static org.hamcrest.Matchers.is;
/**
*
*/
public class NettyIPFilterUpstreamHandlerTests extends ElasticsearchTestCase {
public class IPFilterNettyUpstreamHandlerTests extends ElasticsearchTestCase {
private NettyIPFilterUpstreamHandler nettyUpstreamHandler;
private IPFilterNettyUpstreamHandler nettyUpstreamHandler;
@Before
public void init() throws Exception {
@ -36,7 +36,7 @@ public class NettyIPFilterUpstreamHandlerTests extends ElasticsearchTestCase {
IPFilter ipFilter = new IPFilter(settings, AuditTrail.NOOP);
nettyUpstreamHandler = new NettyIPFilterUpstreamHandler(ipFilter, IPFilter.HTTP_PROFILE_NAME);
nettyUpstreamHandler = new IPFilterNettyUpstreamHandler(ipFilter, IPFilter.HTTP_PROFILE_NAME);
}
@Test

10
src/test/java/org/elasticsearch/shield/transport/netty/IPHostnameVerificationIntegrationTests.java → src/test/java/org/elasticsearch/shield/transport/netty/IPHostnameVerificationTests.java
View File

@ -21,7 +21,7 @@ import static org.elasticsearch.common.settings.ImmutableSettings.settingsBuilde
import static org.hamcrest.CoreMatchers.is;
@ClusterScope(scope = ElasticsearchIntegrationTest.Scope.SUITE)
public class IPHostnameVerificationIntegrationTests extends ShieldIntegrationTest {
public class IPHostnameVerificationTests extends ShieldIntegrationTest {
static Path keystore;
@ -59,16 +59,16 @@ public class IPHostnameVerificationIntegrationTests extends ShieldIntegrationTes
.put("transport.host", "127.0.0.1")
.put("network.host", "127.0.0.1")
.put("shield.ssl.client.auth", "false")
.put(NettySecuredTransport.HOSTNAME_VERIFICATION_SETTING, true)
.put(NettySecuredTransport.HOSTNAME_VERIFICATION_RESOLVE_NAME_SETTING, false)
.put(ShieldNettyTransport.HOSTNAME_VERIFICATION_SETTING, true)
.put(ShieldNettyTransport.HOSTNAME_VERIFICATION_RESOLVE_NAME_SETTING, false)
.build();
}
@Override
protected Settings transportClientSettings() {
return ImmutableSettings.builder().put(super.transportClientSettings())
.put(NettySecuredTransport.HOSTNAME_VERIFICATION_SETTING, true)
.put(NettySecuredTransport.HOSTNAME_VERIFICATION_RESOLVE_NAME_SETTING, false)
.put(ShieldNettyTransport.HOSTNAME_VERIFICATION_SETTING, true)
.put(ShieldNettyTransport.HOSTNAME_VERIFICATION_RESOLVE_NAME_SETTING, false)
.put("shield.ssl.keystore.path", keystore.toAbsolutePath())
.put("shield.ssl.keystore.password", "testnode-ip-only")
.put("shield.ssl.truststore.path", keystore.toAbsolutePath())

8
src/test/java/org/elasticsearch/shield/transport/netty/NettySecuredTransportTests.java → src/test/java/org/elasticsearch/shield/transport/netty/ShieldNettyTransportTests.java
View File

@ -28,7 +28,7 @@ import static org.elasticsearch.common.settings.ImmutableSettings.settingsBuilde
import static org.mockito.Mockito.mock;
import static org.hamcrest.Matchers.*;
public class NettySecuredTransportTests extends ElasticsearchTestCase {
public class ShieldNettyTransportTests extends ElasticsearchTestCase {
private SSLService sslService;
@ -44,7 +44,7 @@ public class NettySecuredTransportTests extends ElasticsearchTestCase {
@Test
public void testThatSSLCanBeDisabledByProfile() throws Exception {
Settings settings = ImmutableSettings.builder().put("shield.transport.ssl", true).build();
NettySecuredTransport transport = new NettySecuredTransport(settings, mock(ThreadPool.class), mock(NetworkService.class), mock(BigArrays.class), Version.CURRENT, null, sslService);
ShieldNettyTransport transport = new ShieldNettyTransport(settings, mock(ThreadPool.class), mock(NetworkService.class), mock(BigArrays.class), Version.CURRENT, null, sslService);
setOpenChannelsHandlerToMock(transport);
ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory("client", ImmutableSettings.builder().put("shield.ssl", false).build());
assertThat(factory.getPipeline().get(SslHandler.class), nullValue());
@ -53,7 +53,7 @@ public class NettySecuredTransportTests extends ElasticsearchTestCase {
@Test
public void testThatSSLCanBeEnabledByProfile() throws Exception {
Settings settings = ImmutableSettings.builder().put("shield.transport.ssl", false).build();
NettySecuredTransport transport = new NettySecuredTransport(settings, mock(ThreadPool.class), mock(NetworkService.class), mock(BigArrays.class), Version.CURRENT, null, sslService);
ShieldNettyTransport transport = new ShieldNettyTransport(settings, mock(ThreadPool.class), mock(NetworkService.class), mock(BigArrays.class), Version.CURRENT, null, sslService);
setOpenChannelsHandlerToMock(transport);
ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory("client", ImmutableSettings.builder().put("shield.ssl", true).build());
assertThat(factory.getPipeline().get(SslHandler.class), notNullValue());
@ -62,7 +62,7 @@ public class NettySecuredTransportTests extends ElasticsearchTestCase {
@Test
public void testThatProfileTakesDefaultSSLSetting() throws Exception {
Settings settings = ImmutableSettings.builder().put("shield.transport.ssl", true).build();
NettySecuredTransport transport = new NettySecuredTransport(settings, mock(ThreadPool.class), mock(NetworkService.class), mock(BigArrays.class), Version.CURRENT, null, sslService);
ShieldNettyTransport transport = new ShieldNettyTransport(settings, mock(ThreadPool.class), mock(NetworkService.class), mock(BigArrays.class), Version.CURRENT, null, sslService);
setOpenChannelsHandlerToMock(transport);
ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory("client", ImmutableSettings.EMPTY);
assertThat(factory.getPipeline().get(SslHandler.class), notNullValue());

8
src/test/java/org/elasticsearch/shield/transport/netty/SslHostnameVerificationIntegrationTests.java → src/test/java/org/elasticsearch/shield/transport/netty/SslHostnameVerificationTests.java
View File

@ -28,7 +28,7 @@ import static org.hamcrest.CoreMatchers.instanceOf;
import static org.hamcrest.CoreMatchers.is;
@ClusterScope(scope = Scope.SUITE)
public class SslHostnameVerificationIntegrationTests extends ShieldIntegrationTest {
public class SslHostnameVerificationTests extends ShieldIntegrationTest {
static Path keystore;
@ -56,14 +56,14 @@ public class SslHostnameVerificationIntegrationTests extends ShieldIntegrationTe
.put("shield.ssl.keystore.password", "testnode-no-subjaltname")
.put("shield.ssl.truststore.path", keystore.toAbsolutePath()) // settings for client truststore
.put("shield.ssl.truststore.password", "testnode-no-subjaltname")
.put(NettySecuredTransport.HOSTNAME_VERIFICATION_SETTING, false) // disable hostname verification as this test uses non-localhost addresses
.put(ShieldNettyTransport.HOSTNAME_VERIFICATION_SETTING, false) // disable hostname verification as this test uses non-localhost addresses
.build();
}
@Override
protected Settings transportClientSettings() {
return ImmutableSettings.builder().put(super.transportClientSettings())
.put(NettySecuredTransport.HOSTNAME_VERIFICATION_SETTING, false)
.put(ShieldNettyTransport.HOSTNAME_VERIFICATION_SETTING, false)
.put("shield.ssl.truststore.path", keystore.toAbsolutePath()) // settings for client truststore
.put("shield.ssl.truststore.password", "testnode-no-subjaltname")
.build();
@ -77,7 +77,7 @@ public class SslHostnameVerificationIntegrationTests extends ShieldIntegrationTe
InetSocketAddress inetSocketAddress = ((InetSocketTransportAddress) transportAddress).address();
Settings settings = ImmutableSettings.builder().put(transportClientSettings())
.put(NettySecuredTransport.HOSTNAME_VERIFICATION_SETTING, true)
.put(ShieldNettyTransport.HOSTNAME_VERIFICATION_SETTING, true)
.build();
try (TransportClient client = new TransportClient(settings, false)) {

6
src/test/java/org/elasticsearch/test/ShieldSettingsSource.java
View File

@ -17,7 +17,7 @@ import org.elasticsearch.shield.authc.support.SecuredString;
import org.elasticsearch.shield.authc.support.UsernamePasswordToken;
import org.elasticsearch.shield.signature.InternalSignatureService;
import org.elasticsearch.shield.test.ShieldTestUtils;
import org.elasticsearch.shield.transport.netty.NettySecuredTransport;
import org.elasticsearch.shield.transport.netty.ShieldNettyTransport;
import org.elasticsearch.test.discovery.ClusterDiscoveryConfiguration;
import java.io.File;
@ -223,8 +223,8 @@ public class ShieldSettingsSource extends ClusterDiscoveryConfiguration.UnicastZ
if (sslTransportEnabled) {
builder.put("shield.ssl.keystore.path", store.getPath())
.put("shield.ssl.keystore.password", password)
.put(NettySecuredTransport.HOSTNAME_VERIFICATION_SETTING, hostnameVerificationEnabled)
.put(NettySecuredTransport.HOSTNAME_VERIFICATION_RESOLVE_NAME_SETTING, hostnameVerificationResolveNameEnabled);
.put(ShieldNettyTransport.HOSTNAME_VERIFICATION_SETTING, hostnameVerificationEnabled)
.put(ShieldNettyTransport.HOSTNAME_VERIFICATION_RESOLVE_NAME_SETTING, hostnameVerificationResolveNameEnabled);
}
if (sslTransportEnabled && randomBoolean()) {