You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by sa...@apache.org on 2018/08/29 23:03:21 UTC
[geode] branch feature/GEODE-5338 updated: fixed a test failure and
reworked after review about javadocs
This is an automated email from the ASF dual-hosted git repository.
sai_boorlagadda pushed a commit to branch feature/GEODE-5338
in repository https://gitbox.apache.org/repos/asf/geode.git
The following commit(s) were added to refs/heads/feature/GEODE-5338 by this push:
new c365eb1 fixed a test failure and reworked after review about javadocs
c365eb1 is described below
commit c365eb13fba891b1a235f91fd6212a853abf5b08
Author: Sai Boorlagadda <sb...@pivotal.io>
AuthorDate: Wed Aug 29 16:03:02 2018 -0700
fixed a test failure and reworked after review about javadocs
---
.../geode/distributed/ConfigurationProperties.java | 16 +++++++++++-----
.../org/apache/geode/internal/net/SocketCreator.java | 9 +++------
.../internal/DistributionConfigJUnitTest.java | 4 ++--
3 files changed, 16 insertions(+), 13 deletions(-)
diff --git a/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java b/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java
index 52d72f0..6ef14ed 100644
--- a/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java
+++ b/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java
@@ -1932,14 +1932,19 @@ public interface ConfigurationProperties {
/**
* The static String definition of the <i>"ssl-use-default-sslcontext"</i> property
+ * </p>
*
- * <U>Description</U>If true allows users to use the default SSLContext. When using
- * default SSLContext, users do not need to configure other ssl properties except
- * ssl-enabled-components and ssl-require-authentication.
+ * <U>Description</U> When true, either uses the default context as returned by
+ * SSLContext.getInstance('Default') or uses the context as set by using
+ * SSLContext.setDefault(). If false, then specify the keystore and the truststore by setting
+ * ssl-keystore-* and ssl-truststore-* properties. This property does not enable SSL.
* </p>
+ *
* <U>Default</U>: "false"
* </p>
- * <U>Since</U>: Geode 1.8
+ *
+ * <U>Since</U>: Geode 1.7
+ * </p>
*/
String SSL_USE_DEFAULT_SSLCONTEXT = "ssl-use-default-sslcontext";
/**
@@ -1950,7 +1955,8 @@ public interface ConfigurationProperties {
* SSL handshake.
* </p>
* <U>Default</U>: code>"false"</code>
- * <U>Since</U>: Geode 1.8
+ * </p>
+ * <U>Since</U>: Geode 1.7
*/
String SSL_ENDPOINT_IDENTIFICATION_ENABLED = "ssl-enable-endpoint-identification";
/**
diff --git a/geode-core/src/main/java/org/apache/geode/internal/net/SocketCreator.java b/geode-core/src/main/java/org/apache/geode/internal/net/SocketCreator.java
index 060cb6c..34a9592 100755
--- a/geode-core/src/main/java/org/apache/geode/internal/net/SocketCreator.java
+++ b/geode-core/src/main/java/org/apache/geode/internal/net/SocketCreator.java
@@ -14,7 +14,6 @@
*/
package org.apache.geode.internal.net;
-import static org.apache.geode.distributed.ConfigurationProperties.SSL_ENDPOINT_IDENTIFICATION_ENABLED;
import java.io.FileInputStream;
import java.io.IOException;
@@ -1038,14 +1037,12 @@ public class SocketCreator {
sslSocket.setEnableSessionCreation(true);
if (sslConfig.doEndpointIdentification()) {
- if (!sslConfig.useDefaultSSLContext()) {
- logger.warn("Since GEODE 1.7.0, hostname is validated in the Server's certificate "
- + "during SSL handshake. You can disable using setting '"
- + SSL_ENDPOINT_IDENTIFICATION_ENABLED + "' to false.");
- }
SSLParameters sslParameters = sslSocket.getSSLParameters();
sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
sslSocket.setSSLParameters(sslParameters);
+ } else {
+ logger.warn("Your SSL configuration disables hostname validation. "
+ + "Future releases will mandate hostname validation.");
}
String[] protocols = this.sslConfig.getProtocolsAsStringArray();
diff --git a/geode-core/src/test/java/org/apache/geode/distributed/internal/DistributionConfigJUnitTest.java b/geode-core/src/test/java/org/apache/geode/distributed/internal/DistributionConfigJUnitTest.java
index 69557e7..1c2218a 100644
--- a/geode-core/src/test/java/org/apache/geode/distributed/internal/DistributionConfigJUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/distributed/internal/DistributionConfigJUnitTest.java
@@ -423,11 +423,11 @@ public class DistributionConfigJUnitTest {
}
@Test
- public void testSSLEnabledEndpointValidationIsSetDefaultToFalse() {
+ public void testSSLEnabledEndpointValidationIsSetDefaultToTrue() {
Properties props = new Properties();
DistributionConfig config = new DistributionConfigImpl(props);
- assertThat(config.getSSLEndpointIdentificationEnabled()).isEqualTo(false);
+ assertThat(config.getSSLEndpointIdentificationEnabled()).isEqualTo(true);
}
@Test