You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by ud...@apache.org on 2016/07/22 21:42:43 UTC
incubator-geode git commit: GEODE-420: Fixing SSL Configuration for
Gateway WAN tests
Repository: incubator-geode
Updated Branches:
refs/heads/feature/GEODE-420 3a215caf3 -> 23933523d
GEODE-420: Fixing SSL Configuration for Gateway WAN tests
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/23933523
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/23933523
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/23933523
Branch: refs/heads/feature/GEODE-420
Commit: 23933523dc86a01ef4e842ce54fc2d4484c1f43a
Parents: 3a215ca
Author: Udo Kohlmeyer <uk...@pivotal.io>
Authored: Fri Jul 22 14:42:31 2016 -0700
Committer: Udo Kohlmeyer <uk...@pivotal.io>
Committed: Fri Jul 22 14:42:31 2016 -0700
----------------------------------------------------------------------
.../client/internal/ConnectionFactoryImpl.java | 1 -
.../internal/DistributionManager.java | 46 ++++++++++----------
.../gemfire/internal/admin/SSLConfig.java | 10 +++++
.../internal/net/SSLConfigurationFactory.java | 1 +
.../gemfire/internal/net/SocketCreator.java | 29 ++++++------
.../internal/net/SocketCreatorFactory.java | 37 +++++++++-------
.../gemfire/internal/tcp/Connection.java | 24 +++++-----
.../internal/JUnit4DistributedTestCase.java | 1 -
.../gemfire/internal/cache/wan/WANTestBase.java | 12 ++---
9 files changed, 88 insertions(+), 73 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/23933523/geode-core/src/main/java/com/gemstone/gemfire/cache/client/internal/ConnectionFactoryImpl.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/cache/client/internal/ConnectionFactoryImpl.java b/geode-core/src/main/java/com/gemstone/gemfire/cache/client/internal/ConnectionFactoryImpl.java
index 339300e..276b767 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/cache/client/internal/ConnectionFactoryImpl.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/cache/client/internal/ConnectionFactoryImpl.java
@@ -95,7 +95,6 @@ public class ConnectionFactoryImpl implements ConnectionFactory {
this.blackList = new ServerBlackList(pingInterval);
this.cancelCriterion = cancelCriterion;
this.pool = pool;
- InternalDistributedSystem internalDistributedSystem = InternalDistributedSystem.getConnectedInstance();
if (this.usedByGateway || (this.gatewaySender != null)) {
this.socketCreator = SocketCreatorFactory.getGatewaySSLSocketCreator();
if (sender!= null && !sender.getGatewayTransportFilters().isEmpty()) {
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/23933523/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionManager.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionManager.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionManager.java
index a3f3166..a83e270 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionManager.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionManager.java
@@ -503,7 +503,7 @@ public class DistributionManager
public static DistributionManager create(InternalDistributedSystem system)
{
- DistributionManager dm = null;
+ DistributionManager distributionManager = null;
try {
@@ -526,13 +526,13 @@ public class DistributionManager
long start = System.currentTimeMillis();
- dm = new DistributionManager(system, transport);
- dm.assertDistributionManagerType();
+ distributionManager = new DistributionManager(system, transport);
+ distributionManager.assertDistributionManagerType();
{
- InternalDistributedMember id = dm.getDistributionManagerId();
+ InternalDistributedMember id = distributionManager.getDistributionManagerId();
if (!"".equals(id.getName())) {
- for (InternalDistributedMember m: (List<InternalDistributedMember>)dm.getViewMembers()) {
+ for (InternalDistributedMember m: (List<InternalDistributedMember>)distributionManager.getViewMembers()) {
if (m.equals(id)) {
// I'm counting on the members returned by getViewMembers being ordered such that
// members that joined before us will precede us AND members that join after us
@@ -541,28 +541,28 @@ public class DistributionManager
break;
}
if (id.getName().equals(m.getName())) {
- if (dm.getMembershipManager().verifyMember(m, "member is using the name of " + id)) {
+ if (distributionManager.getMembershipManager().verifyMember(m, "member is using the name of " + id)) {
throw new IncompatibleSystemException("Member " + id + " could not join this distributed system because the existing member " + m + " used the same name. Set the \"name\" gemfire property to a unique value.");
}
}
}
}
- dm.addNewMember(id); // add ourselves
- dm.selectElder(); // ShutdownException could be thrown here
+ distributionManager.addNewMember(id); // add ourselves
+ distributionManager.selectElder(); // ShutdownException could be thrown here
}
// Send out a StartupMessage to the other members.
- StartupOperation op = new StartupOperation(dm, transport);
+ StartupOperation op = new StartupOperation(distributionManager, transport);
try {
- if (!dm.sendStartupMessage(op, true)) {
+ if (!distributionManager.sendStartupMessage(op, true)) {
// We'll we didn't hear back from anyone else. We assume that
// we're the first one.
- if (dm.getOtherDistributionManagerIds().size() == 0) {
+ if (distributionManager.getOtherDistributionManagerIds().size() == 0) {
logger.info(LocalizedMessage.create(LocalizedStrings.DistributionManager_DIDNT_HEAR_BACK_FROM_ANY_OTHER_SYSTEM_I_AM_THE_FIRST_ONE));
} else if (transport.isMcastEnabled()) {
// perform a multicast ping test
- if (!dm.testMulticast()) {
+ if (!distributionManager.testMulticast()) {
logger.warn(LocalizedMessage.create(
LocalizedStrings.DistributionManager_RECEIVED_NO_STARTUP_RESPONSES_BUT_OTHER_MEMBERS_EXIST_MULTICAST_IS_NOT_RESPONSIVE));
}
@@ -576,32 +576,32 @@ public class DistributionManager
logger.fatal(ex.getMessage(), ex);
throw ex;
} finally {
- dm.readyToSendMsgs();
+ distributionManager.readyToSendMsgs();
}
if (logger.isInfoEnabled()) {
long delta = System.currentTimeMillis() - start;
Object[] logArgs = new Object[] {
- dm.getDistributionManagerId(),
+ distributionManager.getDistributionManagerId(),
transport,
- Integer.valueOf(dm.getOtherDistributionManagerIds().size()),
- dm.getOtherDistributionManagerIds(),
+ Integer.valueOf(distributionManager.getOtherDistributionManagerIds().size()),
+ distributionManager.getOtherDistributionManagerIds(),
(logger.isInfoEnabled(LogMarker.DM) ? " (VERBOSE, took " + delta + " ms)" : ""),
- ((dm.getDMType() == ADMIN_ONLY_DM_TYPE) ? " (admin only)" : (dm.getDMType() == LOCATOR_DM_TYPE) ? " (locator)" : "")
+ ((distributionManager.getDMType() == ADMIN_ONLY_DM_TYPE) ? " (admin only)" : (distributionManager.getDMType() == LOCATOR_DM_TYPE) ? " (locator)" : "")
};
logger.info(LogMarker.DM, LocalizedMessage.create(
LocalizedStrings.DistributionManager_DISTRIBUTIONMANAGER_0_STARTED_ON_1_THERE_WERE_2_OTHER_DMS_3_4_5, logArgs));
- MembershipLogger.logStartup(dm.getDistributionManagerId());
+ MembershipLogger.logStartup(distributionManager.getDistributionManagerId());
}
- return dm;
+ return distributionManager;
}
catch (RuntimeException r) {
- if (dm != null) {
+ if (distributionManager != null) {
if (logger.isDebugEnabled()) {
logger.debug("cleaning up incompletely started DistributionManager due to exception", r);
}
- dm.uncleanShutdown(true);
+ distributionManager.uncleanShutdown(true);
}
throw r;
}
@@ -2618,7 +2618,7 @@ public class DistributionManager
* Sends a startup message and waits for a response.
* Returns true if response received; false if it timed out or there are no peers.
*/
- protected boolean sendStartupMessage(StartupOperation op, boolean cancelOnTimeout)
+ protected boolean sendStartupMessage(StartupOperation startupOperation, boolean cancelOnTimeout)
throws InterruptedException
{
if (Thread.interrupted()) throw new InterruptedException();
@@ -2669,7 +2669,7 @@ public class DistributionManager
}
try {
- ok = op.sendStartupMessage(allOthers, STARTUP_TIMEOUT, equivs,
+ ok = startupOperation.sendStartupMessage(allOthers, STARTUP_TIMEOUT, equivs,
redundancyZone, enforceUniqueZone());
}
catch (Exception re) {
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/23933523/geode-core/src/main/java/com/gemstone/gemfire/internal/admin/SSLConfig.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/admin/SSLConfig.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/admin/SSLConfig.java
index 33a6e05..bb8638c 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/admin/SSLConfig.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/admin/SSLConfig.java
@@ -22,6 +22,7 @@ import java.util.Iterator;
import java.util.Properties;
import com.gemstone.gemfire.distributed.internal.DistributionConfig;
+import com.gemstone.gemfire.internal.net.SSLEnabledComponent;
import com.gemstone.gemfire.management.internal.SSLUtil;
/**
@@ -42,6 +43,7 @@ public class SSLConfig {
private String truststorePassword = DistributionConfig.DEFAULT_CLUSTER_SSL_TRUSTSTORE_PASSWORD;
private String truststoreType = DistributionConfig.DEFAULT_CLUSTER_SSL_KEYSTORE_TYPE;
private String alias = null;
+ private SSLEnabledComponent sslEnabledComponent = null;
/**
* SSL implementation-specific key-value pairs. Each key should be prefixed
@@ -161,6 +163,14 @@ public class SSLConfig {
}
}
+ public SSLEnabledComponent getSslEnabledComponent() {
+ return sslEnabledComponent;
+ }
+
+ public void setSslEnabledComponent(final SSLEnabledComponent sslEnabledComponent) {
+ this.sslEnabledComponent = sslEnabledComponent;
+ }
+
/**
* Returns a string representation of the object.
* @return a string representation of the object
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/23933523/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java
index a876975..f31c543 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java
@@ -60,6 +60,7 @@ public class SSLConfigurationFactory {
SSLConfig sslConfig = new SSLConfig();
configureClusterSSL(sslConfig, sslEnabledComponent);
String[] sslEnabledComponents = distributionConfig.getSSLEnabledComponents();
+ sslConfig.setSslEnabledComponent(sslEnabledComponent);
switch (sslEnabledComponent) {
case ALL: {
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/23933523/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java
index d00c9cf..b28a9eb 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java
@@ -348,22 +348,25 @@ public class SocketCreator {
private void initialize() {
try {
// set p2p values...
- if (this.sslConfig.isEnabled()) {
- System.setProperty("p2p.useSSL", "true");
- System.setProperty("p2p.oldIO", "true");
- System.setProperty("p2p.nodirectBuffers", "true");
+ if(SSLEnabledComponent.CLUSTER.equals(sslConfig.getSslEnabledComponent())){
+ if (this.sslConfig.isEnabled()) {
+ System.setProperty("p2p.useSSL", "true");
+ System.setProperty("p2p.oldIO", "true");
+ System.setProperty("p2p.nodirectBuffers", "true");
+ } else {
+ System.setProperty("p2p.useSSL", "false");
+ }
+ }
- try {
- if (sslContext == null) {
- sslContext = createAndConfigureSSLContext();
- SSLContext.setDefault(sslContext);
- }
- } catch (Exception e) {
- throw new GemFireConfigException("Error configuring GemFire ssl ", e);
+ try {
+ if (this.sslConfig.isEnabled() && sslContext == null) {
+ sslContext = createAndConfigureSSLContext();
+ SSLContext.setDefault(sslContext);
}
- } else {
- System.setProperty("p2p.useSSL", "false");
+ } catch (Exception e) {
+ throw new GemFireConfigException("Error configuring GemFire ssl ", e);
}
+
// make sure TCPConduit picks up p2p properties...
com.gemstone.gemfire.internal.tcp.TCPConduit.init();
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/23933523/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreatorFactory.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreatorFactory.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreatorFactory.java
index 8a30f66..a89c9c1 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreatorFactory.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreatorFactory.java
@@ -31,19 +31,11 @@ import com.gemstone.gemfire.internal.admin.SSLConfig;
public class SocketCreatorFactory {
- private static SocketCreatorFactory instance = new SocketCreatorFactory();
+ private static SocketCreatorFactory instance = null;
private static final String NON_SSL = "Non_SSL";
private Map<SSLEnabledComponent, SocketCreator> socketCreators = new HashMap<>();
private DistributionConfig distributionConfig;
- private SocketCreatorFactory() {
- this(null);
- }
-
- private SocketCreatorFactory(DistributionConfig distributionConfig) {
- initializeSocketCreators(distributionConfig);
- }
-
/**
* Here we parse the distribution distributionConfig and setup the required SocketCreators
*/
@@ -54,15 +46,25 @@ public class SocketCreatorFactory {
this.distributionConfig = distributionConfig;
}
SSLConfigurationFactory.setDistributionConfig(this.distributionConfig);
+ initialize();
}
- private static SocketCreatorFactory getInstance() {
- if (instance == null) {
+ private synchronized static SocketCreatorFactory getInstance(boolean closing) {
+ if (instance == null && !closing) {
instance = new SocketCreatorFactory();
}
return instance;
}
+ private synchronized static SocketCreatorFactory getInstance() {
+ return getInstance(false);
+ }
+
+ private void initialize() {
+ //Hack... get a default cluster socket creator initialized
+ getClusterSSLSocketCreator();
+ }
+
public static SocketCreator getClusterSSLSocketCreator() {
SSLConfig sslConfigForComponent = SSLConfigurationFactory.getSSLConfigForComponent(SSLEnabledComponent.CLUSTER);
return getInstance().getOrCreateSocketCreatorForSSLEnabledComponent(SSLEnabledComponent.CLUSTER, sslConfigForComponent);
@@ -168,14 +170,17 @@ public class SocketCreatorFactory {
}
public static void close() {
- getInstance().clearSocketCreators();
- getInstance().distributionConfig = null;
- instance = null;
- SSLConfigurationFactory.close();
+ SocketCreatorFactory socketCreatorFactory = getInstance(true);
+ if (socketCreatorFactory != null) {
+ socketCreatorFactory.clearSocketCreators();
+ socketCreatorFactory.distributionConfig = null;
+ SocketCreatorFactory.instance = null;
+ SSLConfigurationFactory.close();
+ }
}
private synchronized void clearSocketCreators() {
- getInstance().socketCreators.clear();
+ socketCreators.clear();
}
public static SocketCreatorFactory setDistributionConfig(final DistributionConfig config) {
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/23933523/geode-core/src/main/java/com/gemstone/gemfire/internal/tcp/Connection.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/tcp/Connection.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/tcp/Connection.java
index aebc8bf..5307306 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/tcp/Connection.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/tcp/Connection.java
@@ -521,7 +521,7 @@ public class Connection implements Runnable {
/** creates a connection that we accepted (it was initiated by
* an explicit connect being done on the other side).
*/
- protected Connection(ConnectionTable t, Socket s)
+ protected Connection(ConnectionTable t, Socket socket)
throws IOException, ConnectionException
{
if (t == null) {
@@ -529,18 +529,18 @@ public class Connection implements Runnable {
}
this.isReceiver = true;
this.owner = t;
- this.socket = s;
+ this.socket = socket;
this.conduitIdStr = owner.getConduit().getId().toString();
this.handshakeRead = false;
this.handshakeCancelled = false;
this.connected = true;
try {
- s.setTcpNoDelay(true);
- s.setKeepAlive(true);
-// s.setSoLinger(true, (Integer.valueOf(System.getProperty("p2p.lingerTime", "5000"))).intValue());
- setSendBufferSize(s, SMALL_BUFFER_SIZE);
- setReceiveBufferSize(s);
+ socket.setTcpNoDelay(true);
+ socket.setKeepAlive(true);
+// socket.setSoLinger(true, (Integer.valueOf(System.getProperty("p2p.lingerTime", "5000"))).intValue());
+ setSendBufferSize(socket, SMALL_BUFFER_SIZE);
+ setReceiveBufferSize(socket);
}
catch (SocketException e) {
// unable to get the settings we want. Don't log an error because it will
@@ -548,12 +548,12 @@ public class Connection implements Runnable {
}
if (!useNIO()) {
try {
- //this.output = new BufferedOutputStream(s.getOutputStream(), SMALL_BUFFER_SIZE);
- this.output = s.getOutputStream();
+ //this.output = new BufferedOutputStream(socket.getOutputStream(), SMALL_BUFFER_SIZE);
+ this.output = socket.getOutputStream();
}
catch (IOException io) {
logger.fatal(LocalizedMessage.create(LocalizedStrings.Connection_UNABLE_TO_GET_P2P_CONNECTION_STREAMS), io);
- t.getSocketCloser().asyncClose(s, this.remoteAddr.toString(), null);
+ t.getSocketCloser().asyncClose(socket, this.remoteAddr.toString(), null);
throw io;
}
}
@@ -1205,7 +1205,9 @@ public class Connection implements Runnable {
DistributedMember remoteID,
boolean sharedResource)
throws IOException, DistributedSystemDisconnectedException
- {
+ {
+
+ //initialize a socket upfront. So that the
InternalDistributedMember remoteAddr = (InternalDistributedMember)remoteID;
if (t == null) {
throw new IllegalArgumentException(LocalizedStrings.Connection_CONNECTIONTABLE_IS_NULL.toLocalizedString());
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/23933523/geode-core/src/test/java/com/gemstone/gemfire/test/dunit/internal/JUnit4DistributedTestCase.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/test/dunit/internal/JUnit4DistributedTestCase.java b/geode-core/src/test/java/com/gemstone/gemfire/test/dunit/internal/JUnit4DistributedTestCase.java
index 68ce69d..cf3c240 100755
--- a/geode-core/src/test/java/com/gemstone/gemfire/test/dunit/internal/JUnit4DistributedTestCase.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/test/dunit/internal/JUnit4DistributedTestCase.java
@@ -166,7 +166,6 @@ public abstract class JUnit4DistributedTestCase implements DistributedTestFixtur
if (system == null || !system.isConnected()) {
// Figure out our distributed system properties
SocketCreatorFactory.close();
- SSLConfigurationFactory.close();
Properties p = DistributedTestUtils.getAllDistributedSystemProperties(props);
lastSystemCreatedInTest = getTestClass(); // used to be getDeclaringClass()
if (logPerTest) {
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/23933523/geode-wan/src/test/java/com/gemstone/gemfire/internal/cache/wan/WANTestBase.java
----------------------------------------------------------------------
diff --git a/geode-wan/src/test/java/com/gemstone/gemfire/internal/cache/wan/WANTestBase.java b/geode-wan/src/test/java/com/gemstone/gemfire/internal/cache/wan/WANTestBase.java
index 79648e1..266d03e 100644
--- a/geode-wan/src/test/java/com/gemstone/gemfire/internal/cache/wan/WANTestBase.java
+++ b/geode-wan/src/test/java/com/gemstone/gemfire/internal/cache/wan/WANTestBase.java
@@ -2023,18 +2023,14 @@ public class WANTestBase extends JUnit4DistributedTestCase {
}
public static int createReceiverWithSSL(int locPort) {
WANTestBase test = new WANTestBase();
- boolean gatewaySslenabled = true;
- String gatewaySslprotocols = "any";
- String gatewaySslciphers = "any";
- boolean gatewaySslRequireAuth = true;
Properties gemFireProps = test.getDistributedSystemProperties();
gemFireProps.put(LOG_LEVEL, LogWriterUtils.getDUnitLogLevel());
- gemFireProps.put(GATEWAY_SSL_ENABLED, String.valueOf(gatewaySslenabled));
- gemFireProps.put(GATEWAY_SSL_PROTOCOLS, gatewaySslprotocols);
- gemFireProps.put(GATEWAY_SSL_CIPHERS, gatewaySslciphers);
- gemFireProps.put(GATEWAY_SSL_REQUIRE_AUTHENTICATION, String.valueOf(gatewaySslRequireAuth));
+ gemFireProps.put(GATEWAY_SSL_ENABLED, "true");
+ gemFireProps.put(GATEWAY_SSL_PROTOCOLS, "any");
+ gemFireProps.put(GATEWAY_SSL_CIPHERS, "any");
+ gemFireProps.put(GATEWAY_SSL_REQUIRE_AUTHENTICATION, "true");
gemFireProps.put(GATEWAY_SSL_KEYSTORE_TYPE, "jks");
gemFireProps.put(GATEWAY_SSL_KEYSTORE,