You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tinkerpop.apache.org by sp...@apache.org on 2018/09/04 17:47:34 UTC
[46/50] tinkerpop git commit: merge TINKERPOP-2023
merge TINKERPOP-2023
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/e937a3a5
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/e937a3a5
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/e937a3a5
Branch: refs/heads/TINKERPOP-2021
Commit: e937a3a50a45d23dac114529c5062391f940fbcd
Parents: 3afc576 b77c0c7
Author: Robert Dale <ro...@gmail.com>
Authored: Tue Sep 4 07:26:23 2018 -0400
Committer: Robert Dale <ro...@gmail.com>
Committed: Tue Sep 4 07:26:23 2018 -0400
----------------------------------------------------------------------
CHANGELOG.asciidoc | 1 +
.../src/reference/gremlin-applications.asciidoc | 82 +++++--
.../upgrade/release-3.2.x-incubating.asciidoc | 26 +++
gremlin-console/conf/remote-secure.yaml | 5 +-
.../tinkerpop/gremlin/driver/Cluster.java | 180 ++++++++++++++-
.../tinkerpop/gremlin/driver/Settings.java | 83 +++++++
.../tinkerpop/gremlin/driver/SettingsTest.java | 17 ++
.../conf/gremlin-server-rest-secure.yaml | 7 +-
gremlin-server/conf/gremlin-server-secure.yaml | 7 +-
.../gremlin/server/AbstractChannelizer.java | 90 ++++++--
.../tinkerpop/gremlin/server/Settings.java | 66 +++++-
.../AbstractGremlinServerIntegrationTest.java | 13 ++
.../server/GremlinServerAuthIntegrateTest.java | 4 +-
.../GremlinServerAuthOldIntegrateTest.java | 4 +-
.../server/GremlinServerIntegrateTest.java | 223 ++++++++++++++++---
...ctGremlinServerChannelizerIntegrateTest.java | 12 +-
.../src/test/resources/client-key.jks | Bin 0 -> 2241 bytes
.../src/test/resources/client-key.p12 | Bin 0 -> 2583 bytes
.../src/test/resources/client-trust.jks | Bin 0 -> 969 bytes
.../src/test/resources/client-trust.p12 | Bin 0 -> 1202 bytes
.../src/test/resources/server-key.jks | Bin 0 -> 2258 bytes
.../src/test/resources/server-key.p12 | Bin 0 -> 2613 bytes
.../src/test/resources/server-trust.jks | Bin 0 -> 952 bytes
.../src/test/resources/server-trust.p12 | Bin 0 -> 1186 bytes
24 files changed, 723 insertions(+), 97 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e937a3a5/CHANGELOG.asciidoc
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e937a3a5/docs/src/upgrade/release-3.2.x-incubating.asciidoc
----------------------------------------------------------------------
diff --cc docs/src/upgrade/release-3.2.x-incubating.asciidoc
index c7ae1e2,ec973de..5cc52c8
--- a/docs/src/upgrade/release-3.2.x-incubating.asciidoc
+++ b/docs/src/upgrade/release-3.2.x-incubating.asciidoc
@@@ -29,13 -29,32 +29,39 @@@ Please see the link:https://github.com/
=== Upgrading for Users
+==== SASL in Gremlin.Net
+
+The Gremlin Javascript Driver now supports SASL Plain Text authentication against a Gremlin Server.
+
+See: link:https://issues.apache.org/jira/browse/TINKERPOP-1977[TINKERPOP-1977],
+link:http://tinkerpop.apache.org/docs/3.2.10/reference#gremlin-javascript[Reference Documentation - Gremlin Javascript]
+
+ ==== SSL Security
+
+ TinkerPop improves its security posture by removing insecure defaults and adding forward-looking standards support.
+
+ Gremlin Server no longer supports automatically creating self-signed certificates.
+ Self-signed certificates can still be created manually outside of Gremlin Server.
+ If ssl is enabled, a key store must be configured.
+
+ Cluster client no longer trusts all certs by default as this is an insecure configuration.
+ Instead, if no trust store is configured, Cluster will use the default CA certs.
+ To revert to the previous behavior and accept all certs, it must be explicitly configured.
+
+ This release introduces JKS and PKCS12 support. JKS is the legacy Java Key Store. PKCS12 has better cross-platform support and is gaining in adoption.
+ Be aware that JKS is the default on Java 8. Java 9 and higher use PKCS12 as the default. Both Java keytool and OpenSSL tools can create, read, update PKCS12 files.
+
+ Other new features include specifying SSL protocols and cipher suites.
+ The packaged `*-secure.yaml` files now restrict the protocol to `TLSv1.2` by default.
+
+ PEM-based configurations are deprecated and may be removed in a future release.
+
+ See also http://tinkerpop.apache.org/docs/current/reference/#_configuration[Connecting via Java Configuration],
+ http://tinkerpop.apache.org/docs/current/reference/#_configuring_2[Gremlin Server Configuration].
+
+ link:https://issues.apache.org/jira/browse/TINKERPOP-2022[TINKERPOP-2022]
+ link:https://issues.apache.org/jira/browse/TINKERPOP-2023[TINKERPOP-2023]
+
==== Bulk Import and Export
TinkerPop has provided some general methods for importing and exporting data, but more and more graph providers are
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e937a3a5/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerIntegrateTest.java
----------------------------------------------------------------------