You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by ud...@apache.org on 2016/09/06 19:01:46 UTC
[3/3] incubator-geode git commit: GEODE-1792: Amended tests to use comma delimited ciphers and protocols

GEODE-1792: Amended tests to use comma delimited ciphers and protocols


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/9626269f
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/9626269f
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/9626269f

Branch: refs/heads/feature/GEODE-1792
Commit: 9626269f305fbb55d4e7f4a19dd646d407c9c50b
Parents: d79a944
Author: Udo Kohlmeyer <uk...@pivotal.io>
Authored: Wed Sep 7 05:01:34 2016 +1000
Committer: Udo Kohlmeyer <uk...@pivotal.io>
Committed: Wed Sep 7 05:01:34 2016 +1000

----------------------------------------------------------------------
 .../internal/DistributionConfigImpl.java        | 10 ++---
 .../net/SSLConfigurationFactoryTest.java        | 42 +++++++++++++++++++-
 .../net/SocketCreatorFactoryJUnitTest.java      |  5 ++-
 .../ConnectToLocatorSSLDUnitTest.java           |  2 +-
 4 files changed, 48 insertions(+), 11 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9626269f/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java
index b272615..7b6b40d 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java
@@ -1470,10 +1470,6 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement
         continue;
       }
       Object propVal = me.getValue();
-      if(propName.equals(SSL_CIPHERS) || propName.equals(SSL_PROTOCOLS))
-      {
-        propVal = convertCommaDelimitedToSpaceDelimitedString((String)propVal);
-      }
       if (propVal != null && (propVal instanceof String)) { // weed out extraneous non-string properties
         this.setAttribute(propName, ((String) propVal).trim(), this.sourceMap.get(propName));
       }
@@ -2603,7 +2599,8 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement
 
   @Override
   public void setSSLProtocols(final String sslProtocols) {
-    this.sslProtocols = sslProtocols;
+    //This conversion is required due to backwards compatibility of the existing protocols code
+    this.sslProtocols = convertCommaDelimitedToSpaceDelimitedString(sslProtocols);
   }
 
   @Override
@@ -2613,7 +2610,8 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement
 
   @Override
   public void setSSLCiphers(final String sslCiphers) {
-    this.sslCiphers = sslCiphers;
+    //This conversion is required due to backwards compatibility of the existing cipher code
+    this.sslCiphers = convertCommaDelimitedToSpaceDelimitedString(sslCiphers);
   }
 
   @Override

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9626269f/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactoryTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactoryTest.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactoryTest.java
index 3cbe55e..bc142e2 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactoryTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactoryTest.java
@@ -42,6 +42,44 @@ public class SSLConfigurationFactoryTest extends JUnit4DistributedTestCase {
   }
 
   @Test
+  public void getSSLConfigWithCommaDelimitedProtocols() throws Exception {
+    Properties properties = new Properties();
+    properties.setProperty(SSL_ENABLED_COMPONENTS, "all");
+    properties.setProperty(SSL_KEYSTORE, "someKeyStore");
+    properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
+    properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
+    properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
+    properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
+    properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
+    properties.setProperty(SSL_CIPHERS, "Cipher1,Cipher2");
+    properties.setProperty(SSL_PROTOCOLS, "Protocol1,Protocol2");
+    DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
+    SSLConfigurationFactory.setDistributionConfig(distributionConfig);
+    for (SecurableComponent securableComponent : SecurableComponent.values()) {
+      assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableComponent), securableComponent, distributionConfig);
+    }
+  }
+
+  @Test
+  public void getSSLConfigWithCommaDelimitedCiphers() throws Exception {
+    Properties properties = new Properties();
+    properties.setProperty(SSL_ENABLED_COMPONENTS, "all");
+    properties.setProperty(SSL_KEYSTORE, "someKeyStore");
+    properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
+    properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
+    properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
+    properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
+    properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
+    properties.setProperty(SSL_CIPHERS, "Cipher1,Cipher2");
+    properties.setProperty(SSL_PROTOCOLS, "any");
+    DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
+    SSLConfigurationFactory.setDistributionConfig(distributionConfig);
+    for (SecurableComponent securableComponent : SecurableComponent.values()) {
+      assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableComponent), securableComponent, distributionConfig);
+    }
+  }
+
+  @Test
   public void getSSLConfigForComponentALL() throws Exception {
     Properties properties = new Properties();
     properties.setProperty(SSL_ENABLED_COMPONENTS, "all");
@@ -130,8 +168,8 @@ public class SSLConfigurationFactoryTest extends JUnit4DistributedTestCase {
     assertEquals(properties.getProperty(SSL_KEYSTORE_TYPE), sslConfig.getKeystoreType());
     assertEquals(properties.getProperty(SSL_TRUSTSTORE), sslConfig.getTruststore());
     assertEquals(properties.getProperty(SSL_TRUSTSTORE_PASSWORD), sslConfig.getTruststorePassword());
-    assertEquals(properties.getProperty(SSL_CIPHERS), sslConfig.getCiphers());
-    assertEquals(properties.getProperty(SSL_PROTOCOLS), sslConfig.getProtocols());
+    assertEquals(properties.getProperty(SSL_CIPHERS).replace(","," "), sslConfig.getCiphers());
+    assertEquals(properties.getProperty(SSL_PROTOCOLS).replace(","," "), sslConfig.getProtocols());
     assertEquals(getCorrectAlias(expectedSecurableComponent, properties), sslConfig.getAlias());
     assertEquals(requiresAuthentication(properties, expectedSecurableComponent), sslConfig.isRequireAuth());
     assertEquals(expectedSecurableComponent, sslConfig.getSecuredComponent());

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9626269f/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java
index 06de622..7c2b729 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java
@@ -157,7 +157,8 @@ public class SocketCreatorFactoryJUnitTest extends JSSESocketJUnitTest {
 
   @Test
   public void testNewSSLConfigSSLComponentCombinations2() {
-    Properties properties = configureSSLProperties(commaDelimitedString(SecurableComponent.CLUSTER.getConstant(), SecurableComponent.SERVER.getConstant(), SecurableComponent.HTTP_SERVICE.getConstant(), SecurableComponent.JMX.getConstant()));
+    Properties properties = configureSSLProperties(commaDelimitedString(SecurableComponent.CLUSTER.getConstant(), SecurableComponent.SERVER.getConstant(), SecurableComponent.HTTP_SERVICE
+      .getConstant(), SecurableComponent.JMX.getConstant()));
 
     DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
     SocketCreatorFactory.setDistributionConfig(distributionConfig);
@@ -216,7 +217,7 @@ public class SocketCreatorFactoryJUnitTest extends JSSESocketJUnitTest {
 
       properties.setProperty(MCAST_PORT, "0");
       properties.setProperty(SSL_REQUIRE_AUTHENTICATION, "true");
-      properties.setProperty(SSL_CIPHERS, "MD2withRSA,MD5withRSA,SHA1withRSA,SHA256withRSA,SHA384withRSA,SHA512withRS");
+      properties.setProperty(SSL_CIPHERS, "TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA");
       properties.setProperty(SSL_PROTOCOLS, "TLSv1,TLSv1.1,TLSv1.2");
       properties.setProperty(SSL_KEYSTORE, jks.getCanonicalPath());
       properties.setProperty(SSL_KEYSTORE_PASSWORD, "password");

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9626269f/geode-core/src/test/java/com/gemstone/gemfire/management/ConnectToLocatorSSLDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/ConnectToLocatorSSLDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/ConnectToLocatorSSLDUnitTest.java
index 75a0e82..048e304 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/ConnectToLocatorSSLDUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/ConnectToLocatorSSLDUnitTest.java
@@ -81,7 +81,7 @@ public class ConnectToLocatorSSLDUnitTest extends JUnit4DistributedTestCase {
     securityProps.setProperty(SSL_KEYSTORE_TYPE, "JKS");
     securityProps.setProperty(SSL_TRUSTSTORE, jks.getCanonicalPath());
     securityProps.setProperty(SSL_TRUSTSTORE_PASSWORD, "password");
-    securityProps.setProperty(SSL_PROTOCOLS, "TLSv1.2 TLSv1.1");
+    securityProps.setProperty(SSL_PROTOCOLS, "TLSv1.2,TLSv1.1");
 
     setUpLocatorAndConnect(securityProps);
   }