honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix all InetAddress forbidden apis and compile errors 

This commit also fixes test shard routing compilation error and disables local address check in
the Shield IPFilter. This will be addressed in a followup, see elastic/elasticsearch#487

Original commit: elastic/x-pack-elasticsearch@984df0b131
This commit is contained in:
jaymode 2015-08-20 18:36:08 -04:00
parent 64706aefe4
commit 7e552f393b
22 changed files with 133 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
marvel/src/main/java/org/elasticsearch/marvel/agent/support/AgentUtils.java
View File

@ -7,6 +7,7 @@ package org.elasticsearch.marvel.agent.support;
import org.elasticsearch.cluster.node.DiscoveryNode;
import org.elasticsearch.common.logging.ESLogger;
import org.elasticsearch.common.network.NetworkAddress;
import org.elasticsearch.common.transport.BoundTransportAddress;
import org.elasticsearch.common.transport.InetSocketTransportAddress;
import org.elasticsearch.common.xcontent.XContentBuilder;
@ -34,9 +35,9 @@ public class AgentUtils {
InetSocketAddress inetSocketAddress = address.address();
InetAddress inetAddress = inetSocketAddress.getAddress();
if (inetAddress != null) {
builder.field("ip", inetAddress.getHostAddress());
builder.field("host", inetAddress.getHostName());
builder.field("ip_port", inetAddress.getHostAddress() + ":" + inetSocketAddress.getPort());
builder.field("ip", NetworkAddress.formatAddress(inetAddress));
builder.field("host", inetSocketAddress.getHostString());
builder.field("ip_port", NetworkAddress.formatAddress(inetSocketAddress));
}
} else if (node.address().uniqueAddressTypeId() == 2) { // local transport
builder.field("ip_port", "_" + node.address()); // will end up being "_local[ID]"
@ -58,19 +59,6 @@ public class AgentUtils {
return builder;
}
public static String nodeDescription(DiscoveryNode node) {
StringBuilder builder = new StringBuilder().append("[").append(node.name()).append("]");
if (node.address().uniqueAddressTypeId() == 1) { // InetSocket
InetSocketTransportAddress address = (InetSocketTransportAddress) node.address();
InetSocketAddress inetSocketAddress = address.address();
InetAddress inetAddress = inetSocketAddress.getAddress();
if (inetAddress != null) {
builder.append("[").append(inetAddress.getHostAddress()).append(":").append(inetSocketAddress.getPort()).append("]");
}
}
return builder.toString();
}
public static String[] extractHostsFromAddress(BoundTransportAddress boundAddress, ESLogger logger) {
if (boundAddress == null || boundAddress.boundAddress() == null) {
logger.debug("local http server is not yet started. can't connect");
@ -89,13 +77,7 @@ public class AgentUtils {
return null;
}
String host = inetAddress.getHostAddress();
if (host.indexOf(":") >= 0) {
// ipv6
host = "[" + host + "]";
}
return new String[]{host + ":" + inetSocketAddress.getPort()};
return new String[]{ NetworkAddress.formatAddress(inetSocketAddress) };
}
public static URL parseHostWithPath(String host, String path) throws URISyntaxException, MalformedURLException {

1
marvel/src/test/java/org/elasticsearch/marvel/agent/exporter/HttpESExporterTests.java
View File

@ -33,6 +33,7 @@ import static org.elasticsearch.test.hamcrest.ElasticsearchAssertions.assertAcke
// Transport Client instantiation also calls the marvel plugin, which then fails to find modules
@ClusterScope(transportClientRatio = 0.0, scope = ESIntegTestCase.Scope.TEST, numDataNodes = 0, numClientNodes = 0)
@ESIntegTestCase.SuppressLocalMode
public class HttpESExporterTests extends ESIntegTestCase {
final static AtomicLong timeStampGenerator = new AtomicLong();

5
qa/smoke-test-watcher-with-shield/src/test/java/org/elasticsearch/smoketest/WatcherWithShieldIT.java
View File

@ -12,6 +12,7 @@ import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.BasicHttpClientConnectionManager;
import org.elasticsearch.client.support.Headers;
import org.elasticsearch.common.network.NetworkAddress;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.license.plugin.LicensePlugin;
import org.elasticsearch.shield.ShieldPlugin;
@ -48,7 +49,7 @@ public class WatcherWithShieldIT extends ESRestTestCase {
public void startWatcher() throws Exception {
try(CloseableHttpClient client = HttpClients.createMinimal(new BasicHttpClientConnectionManager())) {
InetSocketAddress address = cluster().httpAddresses()[0];
HttpPut request = new HttpPut(new URI("http", null, address.getAddress().getHostAddress(), address.getPort(), "/_watcher/_start", null, null));
HttpPut request = new HttpPut(new URI("http", null, NetworkAddress.formatAddress(address.getAddress()), address.getPort(), "/_watcher/_start", null, null));
String token = basicAuthHeaderValue(TEST_ADMIN_USERNAME, new SecuredString(TEST_ADMIN_PASSWORD.toCharArray()));
request.addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, token);
client.execute(request);
@ -59,7 +60,7 @@ public class WatcherWithShieldIT extends ESRestTestCase {
public void stopWatcher() throws Exception {
try(CloseableHttpClient client = HttpClients.createMinimal(new BasicHttpClientConnectionManager())) {
InetSocketAddress address = cluster().httpAddresses()[0];
HttpPut request = new HttpPut(new URI("http", null, address.getAddress().getHostAddress(), address.getPort(), "/_watcher/_stop", null, null));
HttpPut request = new HttpPut(new URI("http", null, NetworkAddress.formatAddress(address.getAddress()), address.getPort(), "/_watcher/_stop", null, null));
String token = basicAuthHeaderValue(TEST_ADMIN_USERNAME, new SecuredString(TEST_ADMIN_PASSWORD.toCharArray()));
request.addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, token);
client.execute(request);

18
shield/src/main/java/org/elasticsearch/shield/audit/index/IndexAuditTrail.java
View File

@ -27,6 +27,8 @@ import org.elasticsearch.common.collect.Tuple;
import org.elasticsearch.common.component.AbstractComponent;
import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.inject.Provider;
import org.elasticsearch.common.network.NetworkAddress;
import org.elasticsearch.common.network.NetworkUtils;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.InetSocketTransportAddress;
import org.elasticsearch.common.transport.TransportAddress;
@ -505,9 +507,9 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail {
msg.builder.field(Field.ORIGIN_TYPE, "rest");
SocketAddress address = request.getRemoteAddress();
if (address instanceof InetSocketAddress) {
msg.builder.field(Field.ORIGIN_ADDRESS, ((InetSocketAddress)request.getRemoteAddress()).getAddress().getHostAddress());
msg.builder.field(Field.ORIGIN_ADDRESS, NetworkAddress.formatAddress(((InetSocketAddress) request.getRemoteAddress()).getAddress()));
} else {
msg.builder.field(Field.ORIGIN_ADDRESS, request.getRemoteAddress());
msg.builder.field(Field.ORIGIN_ADDRESS, address);
}
msg.builder.field(Field.URI, request.uri());
@ -520,7 +522,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail {
Message msg = new Message().start();
common(layer, type, msg.builder);
msg.builder.field(Field.ORIGIN_ADDRESS, originAddress.getHostAddress());
msg.builder.field(Field.ORIGIN_ADDRESS, NetworkAddress.formatAddress(originAddress));
msg.builder.field(Field.TRANSPORT_PROFILE, profile);
msg.builder.field(Field.RULE, rule);
@ -542,7 +544,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail {
InetSocketAddress restAddress = RemoteHostHeader.restRemoteAddress(message);
if (restAddress != null) {
builder.field(Field.ORIGIN_TYPE, "rest");
builder.field(Field.ORIGIN_ADDRESS, restAddress.getAddress().getHostAddress());
builder.field(Field.ORIGIN_ADDRESS, NetworkAddress.formatAddress(restAddress.getAddress()));
return builder;
}
@ -551,7 +553,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail {
if (address != null) {
builder.field(Field.ORIGIN_TYPE, "transport");
if (address instanceof InetSocketTransportAddress) {
builder.field(Field.ORIGIN_ADDRESS, ((InetSocketTransportAddress) address).address().getAddress().getHostAddress());
builder.field(Field.ORIGIN_ADDRESS, NetworkAddress.formatAddress(((InetSocketTransportAddress) address).address().getAddress()));
} else {
builder.field(Field.ORIGIN_ADDRESS, address);
}
@ -613,7 +615,11 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail {
.put(clientSettings))
.build();
for (Tuple<String, Integer> pair : hostPortPairs) {
transportClient.addTransportAddress(new InetSocketTransportAddress(pair.v1(), pair.v2()));
try {
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getByName(pair.v1()), pair.v2()));
} catch (UnknownHostException e) {
throw new ElasticsearchException("could not find host {}", e, pair.v1());
}
}
this.client = transportClient;

19
shield/src/main/java/org/elasticsearch/shield/audit/logfile/LoggingAuditTrail.java
View File

@ -8,6 +8,7 @@ package org.elasticsearch.shield.audit.logfile;
import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.logging.ESLogger;
import org.elasticsearch.common.logging.Loggers;
import org.elasticsearch.common.network.NetworkAddress;
import org.elasticsearch.common.network.NetworkUtils;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.InetSocketTransportAddress;
@ -25,6 +26,7 @@ import org.elasticsearch.transport.TransportRequest;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import static org.elasticsearch.common.Strings.arrayToCommaDelimitedString;
import static org.elasticsearch.shield.audit.AuditUtil.indices;
@ -231,17 +233,24 @@ public class LoggingAuditTrail implements AuditTrail {
@Override
public void connectionGranted(InetAddress inetAddress, String profile, ShieldIpFilterRule rule) {
if (logger.isTraceEnabled()) {
logger.trace("{}[ip_filter] [connection_granted]\torigin_address=[{}], transport_profile=[{}], rule=[{}]", prefix, inetAddress.getHostAddress(), profile, rule);
logger.trace("{}[ip_filter] [connection_granted]\torigin_address=[{}], transport_profile=[{}], rule=[{}]", prefix, NetworkAddress.formatAddress(inetAddress), profile, rule);
}
}
@Override
public void connectionDenied(InetAddress inetAddress, String profile, ShieldIpFilterRule rule) {
logger.error("{}[ip_filter] [connection_denied]\torigin_address=[{}], transport_profile=[{}], rule=[{}]", prefix, inetAddress.getHostAddress(), profile, rule);
logger.error("{}[ip_filter] [connection_denied]\torigin_address=[{}], transport_profile=[{}], rule=[{}]", prefix, NetworkAddress.formatAddress(inetAddress), profile, rule);
}
private static String hostAttributes(RestRequest request) {
return "origin_address=[" + request.getRemoteAddress() + "]";
String formattedAddress;
SocketAddress socketAddress = request.getRemoteAddress();
if (socketAddress instanceof InetSocketAddress) {
formattedAddress = NetworkAddress.formatAddress(((InetSocketAddress) socketAddress).getAddress());
} else {
formattedAddress = socketAddress.toString();
}
return "origin_address=[" + formattedAddress + "]";
}
static String originAttributes(TransportMessage message, Transport transport) {
@ -250,7 +259,7 @@ public class LoggingAuditTrail implements AuditTrail {
// first checking if the message originated in a rest call
InetSocketAddress restAddress = RemoteHostHeader.restRemoteAddress(message);
if (restAddress != null) {
builder.append("origin_type=[rest], origin_address=[").append(restAddress).append("]");
builder.append("origin_type=[rest], origin_address=[").append(NetworkAddress.formatAddress(restAddress.getAddress())).append("]");
return builder.toString();
}
@ -259,7 +268,7 @@ public class LoggingAuditTrail implements AuditTrail {
if (address != null) {
builder.append("origin_type=[transport], ");
if (address instanceof InetSocketTransportAddress) {
builder.append("origin_address=[").append(((InetSocketTransportAddress) address).address()).append("]");
builder.append("origin_address=[").append(NetworkAddress.formatAddress(((InetSocketTransportAddress) address).address().getAddress())).append("]");
} else {
builder.append("origin_address=[").append(address).append("]");
}

13
shield/src/main/java/org/elasticsearch/shield/transport/filter/IPFilter.java
View File

@ -24,6 +24,7 @@ import org.elasticsearch.shield.audit.AuditTrail;
import org.elasticsearch.transport.Transport;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.*;
public class IPFilter extends AbstractLifecycleComponent<IPFilter> {
@ -188,9 +189,17 @@ public class IPFilter extends AbstractLifecycleComponent<IPFilter> {
return rules.toArray(new ShieldIpFilterRule[]{});
}
/**
* Checks if a user provided address is the same address that we are bound to. This is to prevent denying
* connections from the machine we are running on
*
* @param localAddress the InetAddress that this node is bound to. This should come from the transport
* @param address the address that is being evaluated to be blocked
* @return true if the address is not the same as the localAddress
*/
private boolean isLocalAddress(InetAddress localAddress, String address) {
return address.equals("127.0.0.1") || address.equals("localhost") || address.equals("::1") || address.startsWith("fe80::1") ||
address.equals(localAddress.getHostAddress()) || address.equals(localAddress.getHostName());
// FIXME add the correct behavior, see https://github.com/elastic/x-plugins/issues/487
return false;
}
private class ApplySettings implements NodeSettingsService.Listener {

2
shield/src/main/java/org/elasticsearch/shield/transport/netty/ShieldNettyTransport.java
View File

@ -6,6 +6,7 @@
package org.elasticsearch.shield.transport.netty;
import org.elasticsearch.Version;
import org.elasticsearch.common.SuppressForbidden;
import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.inject.internal.Nullable;
import org.elasticsearch.common.io.stream.NamedWriteableRegistry;
@ -178,6 +179,7 @@ public class ShieldNettyTransport extends NettyTransport {
ctx.sendDownstream(e);
}
@SuppressForbidden(reason = "need to use getHostName to resolve DNS name for SSL connections and hostname verification")
private String getHostname(InetSocketAddress inetSocketAddress) {
String hostname;
if (settings.getAsBoolean(HOSTNAME_VERIFICATION_RESOLVE_NAME_SETTING, true)) {

9
shield/src/test/java/org/elasticsearch/shield/audit/index/IndexAuditTrailTests.java
View File

@ -14,6 +14,7 @@ import org.elasticsearch.action.search.SearchResponse;
import org.elasticsearch.action.support.IndicesOptions;
import org.elasticsearch.client.Client;
import org.elasticsearch.common.inject.util.Providers;
import org.elasticsearch.common.network.NetworkAddress;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.BoundTransportAddress;
import org.elasticsearch.common.transport.DummyTransportAddress;
@ -149,7 +150,7 @@ public class IndexAuditTrailTests extends ShieldIntegTestCase {
.build();
}
};
cluster2 = new InternalTestCluster(randomLong(), createTempDir(), numNodes, numNodes, cluster2Name, cluster2SettingsSource, 0, false, SECOND_CLUSTER_NODE_PREFIX);
cluster2 = new InternalTestCluster("network", randomLong(), createTempDir(), numNodes, numNodes, cluster2Name, cluster2SettingsSource, 0, false, SECOND_CLUSTER_NODE_PREFIX);
cluster2.beforeTest(getRandom(), 0.5);
remoteClient = cluster2.client();
@ -160,7 +161,7 @@ public class IndexAuditTrailTests extends ShieldIntegTestCase {
Settings.Builder builder = Settings.builder()
.put(settings)
.put(ShieldPlugin.ENABLED_SETTING_NAME, useShield)
.put(remoteSettings(inet.address().getAddress().getHostAddress(), inet.address().getPort(), cluster2Name))
.put(remoteSettings(NetworkAddress.format(inet.address().getAddress()), inet.address().getPort(), cluster2Name))
.put("shield.audit.index.client.shield.user", ShieldSettingsSource.DEFAULT_USER_NAME + ":" + ShieldSettingsSource.DEFAULT_PASSWORD);
if (useSSL) {
@ -243,7 +244,7 @@ public class IndexAuditTrailTests extends ShieldIntegTestCase {
SearchHit hit = getIndexedAuditMessage();
assertAuditMessage(hit, "rest", "anonymous_access_denied");
assertThat("127.0.0.1", equalTo(hit.field("origin_address").getValue()));
assertThat(NetworkAddress.formatAddress(InetAddress.getLoopbackAddress()), equalTo(hit.field("origin_address").getValue()));
assertThat("_uri", equalTo(hit.field("uri").getValue()));
assertThat((String) hit.field("origin_type").getValue(), is("rest"));
assertThat(hit.field("request_body").getValue(), notNullValue());
@ -651,7 +652,7 @@ public class IndexAuditTrailTests extends ShieldIntegTestCase {
private RestRequest mockRestRequest() {
RestRequest request = mock(RestRequest.class);
when(request.getRemoteAddress()).thenReturn(new InetSocketAddress("127.0.0.1", 9200));
when(request.getRemoteAddress()).thenReturn(new InetSocketAddress(InetAddress.getLoopbackAddress(), 9200));
when(request.uri()).thenReturn("_uri");
return request;
}

2
shield/src/test/java/org/elasticsearch/shield/audit/index/RemoteIndexAuditTrailStartingTests.java
View File

@ -88,7 +88,7 @@ public class RemoteIndexAuditTrailStartingTests extends ShieldIntegTestCase {
return builder.build();
}
};
remoteCluster = new InternalTestCluster(randomLong(), createTempDir(), numNodes, numNodes, cluster2Name, cluster2SettingsSource, 0, false, SECOND_CLUSTER_NODE_PREFIX);
remoteCluster = new InternalTestCluster("network", randomLong(), createTempDir(), numNodes, numNodes, cluster2Name, cluster2SettingsSource, 0, false, SECOND_CLUSTER_NODE_PREFIX);
remoteCluster.beforeTest(getRandom(), 0.5);
}

53
shield/src/test/java/org/elasticsearch/shield/audit/logfile/LoggingAuditTrailTests.java
View File

@ -9,7 +9,7 @@ import org.elasticsearch.action.IndicesRequest;
import org.elasticsearch.action.support.IndicesOptions;
import org.elasticsearch.common.bytes.BytesArray;
import org.elasticsearch.common.bytes.BytesReference;
import org.elasticsearch.common.network.NetworkUtils;
import org.elasticsearch.common.network.NetworkAddress;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.*;
import org.elasticsearch.rest.RestRequest;
@ -24,6 +24,7 @@ import org.elasticsearch.transport.TransportMessage;
import org.junit.Before;
import org.junit.Test;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.util.List;
@ -146,7 +147,8 @@ public class LoggingAuditTrailTests extends ESTestCase {
@Test
public void testAnonymousAccessDenied_Rest() throws Exception {
RestRequest request = mock(RestRequest.class);
when(request.getRemoteAddress()).thenReturn(new InetSocketAddress("_hostname", 9200));
InetAddress address = forge("_hostname", randomBoolean() ? "127.0.0.1" : "::1");
when(request.getRemoteAddress()).thenReturn(new InetSocketAddress(address, 9200));
when(request.uri()).thenReturn("_uri");
String expectedMessage = prepareRestContent(request);
@ -160,11 +162,11 @@ public class LoggingAuditTrailTests extends ESTestCase {
break;
case WARN:
case INFO:
assertMsg(logger, Level.WARN, prefix + "[rest] [anonymous_access_denied]\torigin_address=[_hostname:9200], uri=[_uri]");
assertMsg(logger, Level.WARN, prefix + "[rest] [anonymous_access_denied]\torigin_address=[" + NetworkAddress.formatAddress(address) + "], uri=[_uri]");
break;
case DEBUG:
case TRACE:
assertMsg(logger, Level.DEBUG, prefix + "[rest] [anonymous_access_denied]\torigin_address=[_hostname:9200], uri=[_uri], request_body=[" + expectedMessage + "]");
assertMsg(logger, Level.DEBUG, prefix + "[rest] [anonymous_access_denied]\torigin_address=[" + NetworkAddress.formatAddress(address) + "], uri=[_uri], request_body=[" + expectedMessage + "]");
}
}
}
@ -231,7 +233,8 @@ public class LoggingAuditTrailTests extends ESTestCase {
public void testAuthenticationFailed_Rest() throws Exception {
for (Level level : Level.values()) {
RestRequest request = mock(RestRequest.class);
when(request.getRemoteAddress()).thenReturn(new InetSocketAddress("_hostname", 9200));
InetAddress address = forge("_hostname", randomBoolean() ? "127.0.0.1" : "::1");
when(request.getRemoteAddress()).thenReturn(new InetSocketAddress(address, 9200));
when(request.uri()).thenReturn("_uri");
String expectedMessage = prepareRestContent(request);
CapturingLogger logger = new CapturingLogger(level);
@ -241,11 +244,11 @@ public class LoggingAuditTrailTests extends ESTestCase {
case ERROR:
case WARN:
case INFO:
assertMsg(logger, Level.ERROR, prefix + "[rest] [authentication_failed]\torigin_address=[_hostname:9200], principal=[_principal], uri=[_uri]");
assertMsg(logger, Level.ERROR, prefix + "[rest] [authentication_failed]\torigin_address=[" + NetworkAddress.formatAddress(address) + "], principal=[_principal], uri=[_uri]");
break;
case DEBUG:
case TRACE:
assertMsg(logger, Level.DEBUG, prefix + "[rest] [authentication_failed]\torigin_address=[_hostname:9200], principal=[_principal], uri=[_uri], request_body=[" + expectedMessage + "]");
assertMsg(logger, Level.DEBUG, prefix + "[rest] [authentication_failed]\torigin_address=[" + NetworkAddress.formatAddress(address) + "], principal=[_principal], uri=[_uri], request_body=[" + expectedMessage + "]");
}
}
}
@ -254,7 +257,8 @@ public class LoggingAuditTrailTests extends ESTestCase {
public void testAuthenticationFailed_Rest_NoToken() throws Exception {
for (Level level : Level.values()) {
RestRequest request = mock(RestRequest.class);
when(request.getRemoteAddress()).thenReturn(new InetSocketAddress("_hostname", 9200));
InetAddress address = forge("_hostname", randomBoolean() ? "127.0.0.1" : "::1");
when(request.getRemoteAddress()).thenReturn(new InetSocketAddress(address, 9200));
when(request.uri()).thenReturn("_uri");
String expectedMessage = prepareRestContent(request);
CapturingLogger logger = new CapturingLogger(level);
@ -264,11 +268,11 @@ public class LoggingAuditTrailTests extends ESTestCase {
case ERROR:
case WARN:
case INFO:
assertMsg(logger, Level.ERROR, prefix + "[rest] [authentication_failed]\torigin_address=[_hostname:9200], uri=[_uri]");
assertMsg(logger, Level.ERROR, prefix + "[rest] [authentication_failed]\torigin_address=[" + NetworkAddress.formatAddress(address) + "], uri=[_uri]");
break;
case DEBUG:
case TRACE:
assertMsg(logger, Level.DEBUG, prefix + "[rest] [authentication_failed]\torigin_address=[_hostname:9200], uri=[_uri], request_body=[" + expectedMessage + "]");
assertMsg(logger, Level.DEBUG, prefix + "[rest] [authentication_failed]\torigin_address=[" + NetworkAddress.formatAddress(address) + "], uri=[_uri], request_body=[" + expectedMessage + "]");
}
}
}
@ -302,7 +306,8 @@ public class LoggingAuditTrailTests extends ESTestCase {
public void testAuthenticationFailed_Realm_Rest() throws Exception {
for (Level level : Level.values()) {
RestRequest request = mock(RestRequest.class);
when(request.getRemoteAddress()).thenReturn(new InetSocketAddress("_hostname", 9200));
InetAddress address = forge("_hostname", randomBoolean() ? "127.0.0.1" : "::1");
when(request.getRemoteAddress()).thenReturn(new InetSocketAddress(address, 9200));
when(request.uri()).thenReturn("_uri");
String expectedMessage = prepareRestContent(request);
CapturingLogger logger = new CapturingLogger(level);
@ -316,7 +321,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
assertEmptyLog(logger);
break;
case TRACE:
assertMsg(logger, Level.TRACE, prefix + "[rest] [authentication_failed]\trealm=[_realm], origin_address=[_hostname:9200], principal=[_principal], uri=[_uri], request_body=[" + expectedMessage + "]");
assertMsg(logger, Level.TRACE, prefix + "[rest] [authentication_failed]\trealm=[_realm], origin_address=[" + NetworkAddress.formatAddress(address) + "], principal=[_principal], uri=[_uri], request_body=[" + expectedMessage + "]");
}
}
}
@ -448,7 +453,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
switch (level) {
case ERROR:
assertMsg(logger, Level.ERROR, String.format(Locale.ROOT, prefix + "[ip_filter] [connection_denied]\torigin_address=[%s], transport_profile=[%s], rule=[deny %s]",
inetAddress.getHostAddress(), "default", "_all"));
NetworkAddress.formatAddress(inetAddress), "default", "_all"));
break;
case WARN:
case INFO:
@ -476,7 +481,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
case TRACE:
assertMsg(logger, Level.TRACE, String.format(Locale.ROOT,
prefix + "[ip_filter] [connection_granted]\torigin_address=[%s], transport_profile=[default], rule=[allow default:accept_all]",
inetAddress.getHostAddress()));
NetworkAddress.formatAddress(inetAddress)));
}
}
}
@ -487,7 +492,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
String text = LoggingAuditTrail.originAttributes(message, transport);;
InetSocketAddress restAddress = RemoteHostHeader.restRemoteAddress(message);
if (restAddress != null) {
assertThat(text, equalTo("origin_type=[rest], origin_address=[" + restAddress + "]"));
assertThat(text, equalTo("origin_type=[rest], origin_address=[" + NetworkAddress.formatAddress(restAddress.getAddress()) + "]"));
return;
}
TransportAddress address = message.remoteAddress();
@ -497,7 +502,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
}
if (address instanceof InetSocketTransportAddress) {
assertThat(text, equalTo("origin_type=[transport], origin_address=[" + ((InetSocketTransportAddress) address).address() + "]"));
assertThat(text, equalTo("origin_type=[transport], origin_address=[" + NetworkAddress.formatAddress(((InetSocketTransportAddress) address).address().getAddress()) + "]"));
} else {
assertThat(text, equalTo("origin_type=[transport], origin_address=[" + address + "]"));
}
@ -522,30 +527,36 @@ public class LoggingAuditTrailTests extends ESTestCase {
return content.expectedMessage();
}
/** creates address without any lookups. hostname can be null, for missing */
private static InetAddress forge(String hostname, String address) throws IOException {
byte bytes[] = InetAddress.getByName(address).getAddress();
return InetAddress.getByAddress(hostname, bytes);
}
private static class MockMessage extends TransportMessage<MockMessage> {
private MockMessage() {
private MockMessage() throws IOException {
if (randomBoolean()) {
if (randomBoolean()) {
remoteAddress(new LocalTransportAddress("local_host"));
} else {
remoteAddress(new InetSocketTransportAddress("remote_host", 1234));
remoteAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), 1234));
}
}
if (randomBoolean()) {
RemoteHostHeader.putRestRemoteAddress(this, InetSocketAddress.createUnresolved("localhost", 1234));
RemoteHostHeader.putRestRemoteAddress(this, new InetSocketAddress(forge("localhost", "127.0.0.1"), 1234));
}
}
}
private static class MockIndicesRequest extends TransportMessage<MockIndicesRequest> implements IndicesRequest {
private MockIndicesRequest() {
private MockIndicesRequest() throws IOException {
if (randomBoolean()) {
remoteAddress(new LocalTransportAddress("_host"));
}
if (randomBoolean()) {
RemoteHostHeader.putRestRemoteAddress(this, InetSocketAddress.createUnresolved("localhost", 1234));
RemoteHostHeader.putRestRemoteAddress(this, new InetSocketAddress(forge("localhost", "127.0.0.1"), 1234));
}
}

3
shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java
View File

@ -28,6 +28,7 @@ import org.junit.Test;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import java.io.InputStream;
import java.net.InetAddress;
import java.nio.file.Files;
import java.nio.file.Path;
import java.security.KeyStore;
@ -109,7 +110,7 @@ public class PkiOptionalClientAuthTests extends ShieldIntegTestCase {
try (TransportClient client = TransportClient.builder().settings(settings).build()) {
client.addTransportAddress(new InetSocketTransportAddress("localhost", port));
client.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), port));
assertGreenClusterState(client);
}
}

3
shield/src/test/java/org/elasticsearch/shield/transport/ServerTransportFilterIntegrationTests.java
View File

@ -7,6 +7,7 @@ package org.elasticsearch.shield.transport;
import com.google.common.collect.ImmutableMap;
import org.elasticsearch.common.network.NetworkAddress;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.InetSocketTransportAddress;
import org.elasticsearch.common.transport.TransportAddress;
@ -86,7 +87,7 @@ public class ServerTransportFilterIntegrationTests extends ShieldIntegTestCase {
TransportAddress transportAddress = transport.boundAddress().publishAddress();
assertThat(transportAddress, instanceOf(InetSocketTransportAddress.class));
InetSocketAddress inetSocketAddress = ((InetSocketTransportAddress) transportAddress).address();
String unicastHost = inetSocketAddress.getHostName() + ":" + inetSocketAddress.getPort();
String unicastHost = NetworkAddress.formatAddress(inetSocketAddress);
// test that starting up a node works
Settings nodeSettings = settingsBuilder()

5
shield/src/test/java/org/elasticsearch/shield/transport/filter/IPFilterTests.java
View File

@ -44,12 +44,12 @@ public class IPFilterTests extends ESTestCase {
nodeSettingsService = mock(NodeSettingsService.class);
httpTransport = mock(HttpServerTransport.class);
InetSocketTransportAddress httpAddress = new InetSocketTransportAddress(InetAddress.getLoopbackAddress().getHostAddress(), 9200);
InetSocketTransportAddress httpAddress = new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), 9200);
when(httpTransport.boundAddress()).thenReturn(new BoundTransportAddress(httpAddress, httpAddress));
when(httpTransport.lifecycleState()).thenReturn(Lifecycle.State.STARTED);
transport = mock(Transport.class);
InetSocketTransportAddress address = new InetSocketTransportAddress(InetAddress.getLoopbackAddress().getHostAddress(), 9300);
InetSocketTransportAddress address = new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), 9300);
when(transport.boundAddress()).thenReturn(new BoundTransportAddress(address, address));
when(transport.lifecycleState()).thenReturn(Lifecycle.State.STARTED);
}
@ -171,6 +171,7 @@ public class IPFilterTests extends ESTestCase {
}
@Test
@AwaitsFix(bugUrl = "https://github.com/elastic/x-plugins/issues/487")
public void testThatLocalhostIsNeverRejected() throws Exception {
Settings settings = settingsBuilder()
.put("shield.transport.filter.deny", "127.0.0.1")

3
shield/src/test/java/org/elasticsearch/shield/transport/filter/IpFilteringIntegrationTests.java
View File

@ -19,6 +19,7 @@ import org.junit.Test;
import java.io.IOException;
import java.io.OutputStream;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
@ -70,7 +71,7 @@ public class IpFilteringIntegrationTests extends ShieldIntegTestCase {
@Test
public void testThatIpFilteringIsAppliedForProfile() throws Exception {
try (Socket socket = new Socket()){
trySocketConnection(socket, new InetSocketAddress("localhost", getProfilePort("client")));
trySocketConnection(socket, new InetSocketAddress(InetAddress.getLoopbackAddress(), getProfilePort("client")));
assertThat(socket.isClosed(), is(true));
}
}

5
shield/src/test/java/org/elasticsearch/shield/transport/netty/HandshakeWaitingHandlerTests.java
View File

@ -30,6 +30,7 @@ import javax.net.ssl.SSLException;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.net.BindException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.security.SecureRandom;
import java.util.ArrayList;
@ -187,7 +188,7 @@ public class HandshakeWaitingHandlerTests extends ESTestCase {
int maxTries = 10;
while (tries <= maxTries) {
try {
serverBootstrap.bind(new InetSocketAddress("localhost", randomPort));
serverBootstrap.bind(new InetSocketAddress(InetAddress.getLoopbackAddress(), randomPort));
break;
} catch (Throwable t) {
if (t.getCause() instanceof BindException) {
@ -245,7 +246,7 @@ public class HandshakeWaitingHandlerTests extends ESTestCase {
buffer.writeLong(SecureRandom.getInstance("SHA1PRNG").nextLong());
// Connect and wait, then immediately start writing
ChannelFuture future = bootstrap.connect(new InetSocketAddress("localhost", port));
ChannelFuture future = bootstrap.connect(new InetSocketAddress(InetAddress.getLoopbackAddress(), port));
future.awaitUninterruptibly();
Channel channel = future.getChannel();

2
shield/src/test/java/org/elasticsearch/shield/transport/netty/SslHostnameVerificationTests.java
View File

@ -78,7 +78,7 @@ public class SslHostnameVerificationTests extends ShieldIntegTestCase {
.build();
try (TransportClient client = TransportClient.builder().settings(settings).loadConfigSettings(false).build()) {
client.addTransportAddress(new InetSocketTransportAddress(inetSocketAddress.getHostName(), inetSocketAddress.getPort()));
client.addTransportAddress(new InetSocketTransportAddress(inetSocketAddress.getAddress(), inetSocketAddress.getPort()));
client.admin().cluster().prepareHealth().get();
fail("Expected a NoNodeAvailableException due to hostname verification failures");
}

31
shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslMultiPortTests.java
View File

@ -17,6 +17,7 @@ import org.elasticsearch.transport.Transport;
import org.junit.BeforeClass;
import org.junit.Test;
import java.net.InetAddress;
import java.nio.file.Files;
import java.nio.file.Path;
@ -111,7 +112,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
@Test
public void testThatStandardTransportClientCanConnectToNoClientAuthProfile() throws Exception {
try(TransportClient transportClient = createTransportClient(Settings.EMPTY)) {
transportClient.addTransportAddress(new InetSocketTransportAddress("localhost", getProfilePort("no_client_auth")));
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_client_auth")));
assertGreenClusterState(transportClient);
}
}
@ -126,7 +127,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
@Test(expected = NoNodeAvailableException.class)
public void testThatStandardTransportClientCannotConnectToClientProfile() throws Exception {
try(TransportClient transportClient = createTransportClient(Settings.EMPTY)) {
transportClient.addTransportAddress(new InetSocketTransportAddress("localhost", getProfilePort("client")));
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("client")));
transportClient.admin().cluster().prepareHealth().get();
}
}
@ -139,7 +140,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
@Test(expected = NoNodeAvailableException.class)
public void testThatStandardTransportClientCannotConnectToNoSslProfile() throws Exception {
try (TransportClient transportClient = createTransportClient(Settings.EMPTY)) {
transportClient.addTransportAddress(new InetSocketTransportAddress("localhost", getProfilePort("no_ssl")));
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_ssl")));
assertGreenClusterState(transportClient);
}
}
@ -153,7 +154,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
public void testThatProfileTransportClientCanConnectToClientProfile() throws Exception {
Settings settings = ShieldSettingsSource.getSSLSettingsForStore("/org/elasticsearch/shield/transport/ssl/certs/simple/testclient-client-profile.jks", "testclient-client-profile");
try (TransportClient transportClient = createTransportClient(settings)) {
transportClient.addTransportAddress(new InetSocketTransportAddress("localhost", getProfilePort("client")));
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("client")));
assertGreenClusterState(transportClient);
}
}
@ -168,7 +169,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
public void testThatProfileTransportClientCanConnectToNoClientAuthProfile() throws Exception {
Settings settings = ShieldSettingsSource.getSSLSettingsForStore("/org/elasticsearch/shield/transport/ssl/certs/simple/testclient-client-profile.jks", "testclient-client-profile");
try (TransportClient transportClient = createTransportClient(settings)) {
transportClient.addTransportAddress(new InetSocketTransportAddress("localhost", getProfilePort("no_client_auth")));
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_client_auth")));
assertGreenClusterState(transportClient);
}
}
@ -198,7 +199,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
public void testThatProfileTransportClientCannotConnectToNoSslProfile() throws Exception {
Settings settings = ShieldSettingsSource.getSSLSettingsForStore("/org/elasticsearch/shield/transport/ssl/certs/simple/testclient-client-profile.jks", "testclient-client-profile");
try (TransportClient transportClient = createTransportClient(settings)) {
transportClient.addTransportAddress(new InetSocketTransportAddress("localhost", getProfilePort("no_ssl")));
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_ssl")));
transportClient.admin().cluster().prepareHealth().get();
}
}
@ -215,7 +216,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("plugin.types", ShieldPlugin.class.getName())
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).loadConfigSettings(false).build()) {
transportClient.addTransportAddress(new InetSocketTransportAddress("localhost", getProfilePort("no_ssl")));
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_ssl")));
assertGreenClusterState(transportClient);
}
}
@ -251,7 +252,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("plugin.types", ShieldPlugin.class.getName())
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).loadConfigSettings(false).build()) {
transportClient.addTransportAddress(new InetSocketTransportAddress("localhost", getProfilePort("client")));
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("client")));
assertGreenClusterState(transportClient);
}
}
@ -269,7 +270,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("plugin.types", ShieldPlugin.class.getName())
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).loadConfigSettings(false).build()) {
transportClient.addTransportAddress(new InetSocketTransportAddress("localhost", getProfilePort("no_client_auth")));
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_client_auth")));
assertGreenClusterState(transportClient);
}
}
@ -291,7 +292,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("plugin.types", ShieldPlugin.class.getName())
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).loadConfigSettings(false).build()) {
transportClient.addTransportAddress(new InetSocketTransportAddress("localhost", getProfilePort("no_client_auth")));
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_client_auth")));
assertGreenClusterState(transportClient);
}
}
@ -314,7 +315,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("plugin.types", ShieldPlugin.class.getName())
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).loadConfigSettings(false).build()) {
transportClient.addTransportAddress(new InetSocketTransportAddress("localhost", getProfilePort("client")));
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("client")));
assertGreenClusterState(transportClient);
}
}
@ -359,7 +360,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("plugin.types", ShieldPlugin.class.getName())
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).loadConfigSettings(false).build()) {
transportClient.addTransportAddress(new InetSocketTransportAddress("localhost", getProfilePort("no_ssl")));
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_ssl")));
assertGreenClusterState(transportClient);
}
}
@ -399,7 +400,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("plugin.types", ShieldPlugin.class.getName())
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).loadConfigSettings(false).build()) {
transportClient.addTransportAddress(new InetSocketTransportAddress("localhost", getProfilePort("client")));
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("client")));
assertGreenClusterState(transportClient);
}
}
@ -419,7 +420,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("plugin.types", ShieldPlugin.class.getName())
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).loadConfigSettings(false).build()) {
transportClient.addTransportAddress(new InetSocketTransportAddress("localhost", getProfilePort("no_client_auth")));
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_client_auth")));
assertGreenClusterState(transportClient);
}
}
@ -439,7 +440,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("plugin.types", ShieldPlugin.class.getName())
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).loadConfigSettings(false).build()) {
transportClient.addTransportAddress(new InetSocketTransportAddress("localhost", getProfilePort("no_ssl")));
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_ssl")));
assertGreenClusterState(transportClient);
}
}

4
shield/src/test/java/org/elasticsearch/shield/tribe/TribeTests.java
View File

@ -62,7 +62,7 @@ public class TribeTests extends ShieldIntegTestCase {
String cluster2Name = clusterName(Scope.SUITE.name(), randomLong());
//no port conflicts as this test uses the global cluster and a suite cluster that gets manually created
ShieldSettingsSource cluster2SettingsSource = new ShieldSettingsSource(2, sslTransportEnabled, systemKey(), createTempDir(), Scope.SUITE);
cluster2 = new InternalTestCluster(randomLong(), createTempDir(), 2, 2, cluster2Name, cluster2SettingsSource, 0, false, SECOND_CLUSTER_NODE_PREFIX);
cluster2 = new InternalTestCluster("network", randomLong(), createTempDir(), 2, 2, cluster2Name, cluster2SettingsSource, 0, false, SECOND_CLUSTER_NODE_PREFIX);
assert tribeSettingsSource == null;
//given the low (2 and 1) number of nodes that the 2 SUITE clusters will have, we are not going to have port conflicts
@ -140,7 +140,7 @@ public class TribeTests extends ShieldIntegTestCase {
//we need to recreate the tribe node after each test otherwise ensureClusterSizeConsistency barfs
String tribeClusterName = clusterName(Scope.SUITE.name(), randomLong());
tribeNodeCluster = new InternalTestCluster(randomLong(), createTempDir(), 1, 1, tribeClusterName, tribeSettingsSource, 0, false, TRIBE_CLUSTER_NODE_PREFIX);
tribeNodeCluster = new InternalTestCluster("network", randomLong(), createTempDir(), 1, 1, tribeClusterName, tribeSettingsSource, 0, false, TRIBE_CLUSTER_NODE_PREFIX);
tribeNodeCluster.beforeTest(getRandom(), 0.5);
awaitSameNodeCounts();
}

8
watcher/src/test/java/org/elasticsearch/cluster/routing/TestShardRouting.java
View File

@ -12,20 +12,20 @@ package org.elasticsearch.cluster.routing;
public class TestShardRouting {
public static ShardRouting newShardRouting(String index, int shardId, String currentNodeId, boolean primary, ShardRoutingState state, long version) {
return new ShardRouting(index, shardId, currentNodeId, null, null, primary, state, version, null, AllocationId.newInitializing(), true);
return new ShardRouting(index, shardId, currentNodeId, null, null, primary, state, version, null, AllocationId.newInitializing(), true, ShardRouting.UNAVAILABLE_EXPECTED_SHARD_SIZE);
}
public static ShardRouting newShardRouting(String index, int shardId, String currentNodeId, String relocatingNodeId, boolean primary, ShardRoutingState state, long version) {
return new ShardRouting(index, shardId, currentNodeId, relocatingNodeId, null, primary, state, version, null, AllocationId.newInitializing(), true);
return new ShardRouting(index, shardId, currentNodeId, relocatingNodeId, null, primary, state, version, null, AllocationId.newInitializing(), true, ShardRouting.UNAVAILABLE_EXPECTED_SHARD_SIZE);
}
public static ShardRouting newShardRouting(String index, int shardId, String currentNodeId, String relocatingNodeId, RestoreSource restoreSource, boolean primary, ShardRoutingState state, long version) {
return new ShardRouting(index, shardId, currentNodeId, relocatingNodeId, restoreSource, primary, state, version, null, AllocationId.newInitializing(), true);
return new ShardRouting(index, shardId, currentNodeId, relocatingNodeId, restoreSource, primary, state, version, null, AllocationId.newInitializing(), true, ShardRouting.UNAVAILABLE_EXPECTED_SHARD_SIZE);
}
public static ShardRouting newShardRouting(String index, int shardId, String currentNodeId,
String relocatingNodeId, RestoreSource restoreSource, boolean primary, ShardRoutingState state, long version,
UnassignedInfo unassignedInfo) {
return new ShardRouting(index, shardId, currentNodeId, relocatingNodeId, restoreSource, primary, state, version, unassignedInfo, AllocationId.newInitializing(), true);
return new ShardRouting(index, shardId, currentNodeId, relocatingNodeId, restoreSource, primary, state, version, unassignedInfo, AllocationId.newInitializing(), true, ShardRouting.UNAVAILABLE_EXPECTED_SHARD_SIZE);
}
}

6
watcher/src/test/java/org/elasticsearch/watcher/input/http/HttpInputIntegrationTests.java
View File

@ -57,7 +57,7 @@ public class HttpInputIntegrationTests extends AbstractWatcherIntegrationTests {
watcherClient().preparePutWatch("_name")
.setSource(watchBuilder()
.trigger(schedule(interval("5s")))
.input(httpInput(HttpRequestTemplate.builder(address.getHostName(), address.getPort())
.input(httpInput(HttpRequestTemplate.builder(address.getHostString(), address.getPort())
.path("/index/_search")
.body(jsonBuilder().startObject().field("size", 1).endObject())
.auth(shieldEnabled() ? new BasicAuth("test", "changeme".toCharArray()) : null)))
@ -78,7 +78,7 @@ public class HttpInputIntegrationTests extends AbstractWatcherIntegrationTests {
PutWatchResponse putWatchResponse = watcherClient().preparePutWatch("_name")
.setSource(watchBuilder()
.trigger(schedule(interval("1s")))
.input(httpInput(HttpRequestTemplate.builder(address.getHostName(), address.getPort())
.input(httpInput(HttpRequestTemplate.builder(address.getHostString(), address.getPort())
.path("/_cluster/stats")
.auth(shieldEnabled() ? new BasicAuth("test", "changeme".toCharArray()) : null)))
.condition(scriptCondition("ctx.payload.nodes.count.total >= 1"))
@ -106,7 +106,7 @@ public class HttpInputIntegrationTests extends AbstractWatcherIntegrationTests {
XContentBuilder body = jsonBuilder().prettyPrint().startObject()
.field("query").value(termQuery("field", "value"))
.endObject();
HttpRequestTemplate.Builder requestBuilder = HttpRequestTemplate.builder(address.getHostName(), address.getPort())
HttpRequestTemplate.Builder requestBuilder = HttpRequestTemplate.builder(address.getHostString(), address.getPort())
.path(Template.inline("/idx/_search"))
.body(body);
if (shieldEnabled()) {

9
watcher/src/test/java/org/elasticsearch/watcher/test/integration/NoMasterNodeTests.java
View File

@ -17,6 +17,7 @@ import org.elasticsearch.discovery.zen.elect.ElectMasterService;
import org.elasticsearch.discovery.zen.ping.ZenPing;
import org.elasticsearch.discovery.zen.ping.ZenPingService;
import org.elasticsearch.discovery.zen.ping.unicast.UnicastZenPing;
import org.elasticsearch.test.ESIntegTestCase.SuppressLocalMode;
import org.elasticsearch.test.ESIntegTestCase.ClusterScope;
import org.elasticsearch.test.discovery.ClusterDiscoveryConfiguration;
import org.elasticsearch.test.junit.annotations.TestLogging;
@ -51,6 +52,7 @@ import static org.hamcrest.core.Is.is;
@TestLogging("discovery:TRACE,watcher:TRACE")
@ClusterScope(scope = TEST, numClientNodes = 0, transportClientRatio = 0, randomDynamicTemplates = false, numDataNodes = 0)
@SuppressLocalMode
public class NoMasterNodeTests extends AbstractWatcherIntegrationTests {
private ClusterDiscoveryConfiguration.UnicastZen config;
@ -79,7 +81,8 @@ public class NoMasterNodeTests extends AbstractWatcherIntegrationTests {
@Test
public void testSimpleFailure() throws Exception {
config = new ClusterDiscoveryConfiguration.UnicastZen(2);
// we need 3 hosts here because we stop the master and start another - it doesn't restart the pre-existing node...
config = new ClusterDiscoveryConfiguration.UnicastZen(3, Settings.EMPTY);
internalCluster().startNodesAsync(2).get();
createIndex("my-index");
ensureWatcherStarted(false);
@ -132,7 +135,7 @@ public class NoMasterNodeTests extends AbstractWatcherIntegrationTests {
@Test
public void testDedicatedMasterNodeLayout() throws Exception {
// Only the master nodes are in the unicast nodes list:
config = new ClusterDiscoveryConfiguration.UnicastZen(3);
config = new ClusterDiscoveryConfiguration.UnicastZen(11, 3, Settings.EMPTY);
Settings settings = Settings.builder()
.put("node.data", false)
.put("node.master", true)
@ -187,7 +190,7 @@ public class NoMasterNodeTests extends AbstractWatcherIntegrationTests {
int numberOfFailures = scaledRandomIntBetween(2, 9);
int numberOfWatches = scaledRandomIntBetween(numberOfFailures, 12);
logger.info("number of failures [{}], number of watches [{}]", numberOfFailures, numberOfWatches);
config = new ClusterDiscoveryConfiguration.UnicastZen(2 + numberOfFailures);
config = new ClusterDiscoveryConfiguration.UnicastZen(2 + numberOfFailures, Settings.EMPTY);
internalCluster().startNodesAsync(2).get();
createIndex("my-index");
client().prepareIndex("my-index", "my-type").setSource("field", "value").get();

5
watcher/src/test/java/org/elasticsearch/watcher/test/rest/WatcherRestTestCase.java
View File

@ -11,6 +11,7 @@ import org.apache.http.client.methods.HttpPut;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.BasicHttpClientConnectionManager;
import org.elasticsearch.common.network.NetworkAddress;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.license.plugin.LicensePlugin;
import org.elasticsearch.node.Node;
@ -48,7 +49,7 @@ public abstract class WatcherRestTestCase extends ESRestTestCase {
public void startWatcher() throws Exception {
try(CloseableHttpClient client = HttpClients.createMinimal(new BasicHttpClientConnectionManager())) {
InetSocketAddress address = cluster().httpAddresses()[0];
HttpPut request = new HttpPut(new URI("http", null, address.getAddress().getHostAddress(), address.getPort(), "/_watcher/_start", null, null));
HttpPut request = new HttpPut(new URI("http", null, NetworkAddress.formatAddress(address.getAddress()), address.getPort(), "/_watcher/_start", null, null));
client.execute(request);
}
}
@ -57,7 +58,7 @@ public abstract class WatcherRestTestCase extends ESRestTestCase {
public void stopWatcher() throws Exception {
try(CloseableHttpClient client = HttpClients.createMinimal(new BasicHttpClientConnectionManager())) {
InetSocketAddress address = cluster().httpAddresses()[0];
HttpPut request = new HttpPut(new URI("http", null, address.getAddress().getHostAddress(), address.getPort(), "/_watcher/_stop", null, null));
HttpPut request = new HttpPut(new URI("http", null, NetworkAddress.formatAddress(address.getAddress()), address.getPort(), "/_watcher/_stop", null, null));
client.execute(request);
}
}