You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by sa...@apache.org on 2018/08/29 23:03:21 UTC

[geode] branch feature/GEODE-5338 updated: fixed a test failure and reworked after review about javadocs

This is an automated email from the ASF dual-hosted git repository.

sai_boorlagadda pushed a commit to branch feature/GEODE-5338
in repository https://gitbox.apache.org/repos/asf/geode.git


The following commit(s) were added to refs/heads/feature/GEODE-5338 by this push:
     new c365eb1  fixed a test failure and reworked after review about javadocs
c365eb1 is described below

commit c365eb13fba891b1a235f91fd6212a853abf5b08
Author: Sai Boorlagadda <sb...@pivotal.io>
AuthorDate: Wed Aug 29 16:03:02 2018 -0700

    fixed a test failure and reworked after review about javadocs
---
 .../geode/distributed/ConfigurationProperties.java       | 16 +++++++++++-----
 .../org/apache/geode/internal/net/SocketCreator.java     |  9 +++------
 .../internal/DistributionConfigJUnitTest.java            |  4 ++--
 3 files changed, 16 insertions(+), 13 deletions(-)

diff --git a/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java b/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java
index 52d72f0..6ef14ed 100644
--- a/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java
+++ b/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java
@@ -1932,14 +1932,19 @@ public interface ConfigurationProperties {
 
   /**
    * The static String definition of the <i>"ssl-use-default-sslcontext"</i> property
+   * </p>
    *
-   * <U>Description</U>If true allows users to use the default SSLContext. When using
-   * default SSLContext, users do not need to configure other ssl properties except
-   * ssl-enabled-components and ssl-require-authentication.
+   * <U>Description</U> When true, either uses the default context as returned by
+   * SSLContext.getInstance('Default') or uses the context as set by using
+   * SSLContext.setDefault(). If false, then specify the keystore and the truststore by setting
+   * ssl-keystore-* and ssl-truststore-* properties. This property does not enable SSL.
    * </p>
+   *
    * <U>Default</U>: "false"
    * </p>
-   * <U>Since</U>: Geode 1.8
+   *
+   * <U>Since</U>: Geode 1.7
+   * </p>
    */
   String SSL_USE_DEFAULT_SSLCONTEXT = "ssl-use-default-sslcontext";
   /**
@@ -1950,7 +1955,8 @@ public interface ConfigurationProperties {
    * SSL handshake.
    * </p>
    * <U>Default</U>: code>"false"</code>
-   * <U>Since</U>: Geode 1.8
+   * </p>
+   * <U>Since</U>: Geode 1.7
    */
   String SSL_ENDPOINT_IDENTIFICATION_ENABLED = "ssl-enable-endpoint-identification";
   /**
diff --git a/geode-core/src/main/java/org/apache/geode/internal/net/SocketCreator.java b/geode-core/src/main/java/org/apache/geode/internal/net/SocketCreator.java
index 060cb6c..34a9592 100755
--- a/geode-core/src/main/java/org/apache/geode/internal/net/SocketCreator.java
+++ b/geode-core/src/main/java/org/apache/geode/internal/net/SocketCreator.java
@@ -14,7 +14,6 @@
  */
 package org.apache.geode.internal.net;
 
-import static org.apache.geode.distributed.ConfigurationProperties.SSL_ENDPOINT_IDENTIFICATION_ENABLED;
 
 import java.io.FileInputStream;
 import java.io.IOException;
@@ -1038,14 +1037,12 @@ public class SocketCreator {
       sslSocket.setEnableSessionCreation(true);
 
       if (sslConfig.doEndpointIdentification()) {
-        if (!sslConfig.useDefaultSSLContext()) {
-          logger.warn("Since GEODE 1.7.0, hostname is validated in the Server's certificate "
-              + "during SSL handshake. You can disable using setting '"
-              + SSL_ENDPOINT_IDENTIFICATION_ENABLED + "' to false.");
-        }
         SSLParameters sslParameters = sslSocket.getSSLParameters();
         sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
         sslSocket.setSSLParameters(sslParameters);
+      } else {
+        logger.warn("Your SSL configuration disables hostname validation. "
+            + "Future releases will mandate hostname validation.");
       }
 
       String[] protocols = this.sslConfig.getProtocolsAsStringArray();
diff --git a/geode-core/src/test/java/org/apache/geode/distributed/internal/DistributionConfigJUnitTest.java b/geode-core/src/test/java/org/apache/geode/distributed/internal/DistributionConfigJUnitTest.java
index 69557e7..1c2218a 100644
--- a/geode-core/src/test/java/org/apache/geode/distributed/internal/DistributionConfigJUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/distributed/internal/DistributionConfigJUnitTest.java
@@ -423,11 +423,11 @@ public class DistributionConfigJUnitTest {
   }
 
   @Test
-  public void testSSLEnabledEndpointValidationIsSetDefaultToFalse() {
+  public void testSSLEnabledEndpointValidationIsSetDefaultToTrue() {
     Properties props = new Properties();
 
     DistributionConfig config = new DistributionConfigImpl(props);
-    assertThat(config.getSSLEndpointIdentificationEnabled()).isEqualTo(false);
+    assertThat(config.getSSLEndpointIdentificationEnabled()).isEqualTo(true);
   }
 
   @Test