You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@flume.apache.org by Mike Percy <mp...@apache.org> on 2013/06/13 07:27:04 UTC

Re: Review Request: FLUME-997: Support secure transport mechanism

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/10190/#review21837
-----------------------------------------------------------

Ship it!


+1

Thanks for making the changes Joey and apologies for the long turnaround time. I'm about to commit this.

- Mike Percy


On April 30, 2013, 5:01 p.m., Joey Echeverria wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/10190/
> -----------------------------------------------------------
> 
> (Updated April 30, 2013, 5:01 p.m.)
> 
> 
> Review request for Flume and Mike Percy.
> 
> 
> Description
> -------
> 
> The patch adds support for SSL to AvroSource and AvroSink. The implementation compliments the recent addition of compression in FLUME-1915.
> 
> 
> This addresses bug FLUME-997.
>     https://issues.apache.org/jira/browse/FLUME-997
> 
> 
> Diffs
> -----
> 
>   flume-ng-core/src/main/java/org/apache/flume/source/AvroSource.java 517d545 
>   flume-ng-core/src/test/java/org/apache/flume/sink/TestAvroSink.java ac47ee9 
>   flume-ng-core/src/test/java/org/apache/flume/source/TestAvroSource.java c699241 
>   flume-ng-core/src/test/resources/server.p12 PRE-CREATION 
>   flume-ng-core/src/test/resources/truststore.jks PRE-CREATION 
>   flume-ng-doc/sphinx/FlumeUserGuide.rst 38f2205 
>   flume-ng-sdk/src/main/java/org/apache/flume/api/NettyAvroRpcClient.java 8285129 
>   flume-ng-sdk/src/main/java/org/apache/flume/api/RpcClientConfigurationConstants.java 34d73a3 
> 
> Diff: https://reviews.apache.org/r/10190/diff/
> 
> 
> Testing
> -------
> 
> There are tests for having SSL enabled on both the client and server with specific tests using a truststore to verify the server certificate. There's also a test to make sure you can enable both SSL and compression.
> 
> I probably need to add some negative tests:
> 
> 1) SSL server, non-SSL client
> 2) SSL server, SSL client with a truststore that doesn't include the server certificate
> 
> 
> Thanks,
> 
> Joey Echeverria
> 
>