You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tinkerpop.apache.org by rd...@apache.org on 2018/08/17 19:48:06 UTC
[01/16] tinkerpop git commit: TINKERPOP-2024 Make server archetype
use remote traversal [Forced Update!]
Repository: tinkerpop
Updated Branches:
refs/heads/TINKERPOP-2023 1f2b52840 -> bbc0265c0 (forced update)
TINKERPOP-2024 Make server archetype use remote traversal
Since we're promoting remote traversals over scripts it would be better for the archetype to use them.
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/1a3549f7
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/1a3549f7
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/1a3549f7
Branch: refs/heads/TINKERPOP-2023
Commit: 1a3549f7232ebe65cbba158c1442a567bc2dc695
Parents: 00cb9a8
Author: Stephen Mallette <sp...@genoprime.com>
Authored: Mon Aug 13 10:28:53 2018 -0400
Committer: Stephen Mallette <sp...@genoprime.com>
Committed: Mon Aug 13 10:28:53 2018 -0400
----------------------------------------------------------------------
CHANGELOG.asciidoc | 1 +
.../archetype-resources/README.asciidoc | 4 +--
.../src/main/java/Service.java | 30 ++++++++------------
.../src/test/java/ServiceTest.java | 2 +-
4 files changed, 16 insertions(+), 21 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/1a3549f7/CHANGELOG.asciidoc
----------------------------------------------------------------------
diff --git a/CHANGELOG.asciidoc b/CHANGELOG.asciidoc
index a45f0f8..d3db46f 100644
--- a/CHANGELOG.asciidoc
+++ b/CHANGELOG.asciidoc
@@ -25,6 +25,7 @@ image::https://raw.githubusercontent.com/apache/tinkerpop/master/docs/static/ima
* Fixed problem with Gremlin Server sometimes returning an additional message after a failure.
* Allowed spaces in classpath for `gremlin-server.bat`.
+* Modified Maven archetype for Gremlin Server to use remote traversals rather than scripts.
* Added an system error code for failed plugin installs for Gremlin Server `-i` option.
* Match numbers in `choose()` options using `NumberHelper` (match values, ignore data type).
* Added support for GraphSON serialization of `Date` in Javascript.
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/1a3549f7/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/README.asciidoc
----------------------------------------------------------------------
diff --git a/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/README.asciidoc b/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/README.asciidoc
index 49d0f62..04ea28e 100644
--- a/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/README.asciidoc
+++ b/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/README.asciidoc
@@ -18,8 +18,8 @@ limitations under the License.
This is a starter project that demonstrates how a basic
link:http://tinkerpop.apache.org/docs/${project.version}/reference/#gremlin-server[Gremlin Server] project is structured
-with Maven. This project demonstrates how to connect to Gremlin Server through Java using the
-link:http://tinkerpop.apache.org/docs/${project.version}/reference/#connecting-via-java[Gremlin Driver] that is
+with Maven. This project demonstrates how to connect to Gremlin Server with Java using remote traversals with the
+link:http://tinkerpop.apache.org/docs/${project.version}/reference/#connecting-via-remotegraph[Gremlin Driver] that is
distributed by TinkerPop.
== Prerequisites
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/1a3549f7/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/main/java/Service.java
----------------------------------------------------------------------
diff --git a/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/main/java/Service.java b/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/main/java/Service.java
index 3479c30..a79bdaa 100644
--- a/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/main/java/Service.java
+++ b/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/main/java/Service.java
@@ -19,13 +19,11 @@
package ${package};
import org.apache.tinkerpop.gremlin.driver.Cluster;
-import org.apache.tinkerpop.gremlin.driver.Client;
-import org.apache.tinkerpop.gremlin.driver.Result;
+import org.apache.tinkerpop.gremlin.driver.remote.DriverRemoteConnection;
+import org.apache.tinkerpop.gremlin.process.traversal.dsl.graph.GraphTraversalSource;
+import org.apache.tinkerpop.gremlin.structure.util.empty.EmptyGraph;
-import java.util.Map;
-import java.util.HashMap;
import java.util.List;
-import java.util.stream.Collectors;
public class Service implements AutoCloseable {
@@ -35,12 +33,12 @@ public class Service implements AutoCloseable {
private final Cluster cluster = Cluster.build().port(45940).create();
/**
- * Use the Cluster instance to construct different Client instances (e.g. one for sessionless communication
- * and one or more sessions). A sessionless Client should be thread-safe and typically no more than one is
- * needed unless there is some need to divide connection pools across multiple Client instances. In this case
- * there is just a single sessionless Client instance used for the entire App.
+ * Construct a remote GraphTraversalSource using the above created Cluster instance that will connect to Gremlin
+ * Server.
*/
- private final Client client = cluster.connect();
+ private final GraphTraversalSource g = EmptyGraph.instance().
+ traversal().
+ withRemote(DriverRemoteConnection.using(cluster));
/**
* Create Service as a singleton given the simplicity of App.
@@ -53,18 +51,14 @@ public class Service implements AutoCloseable {
return INSTANCE;
}
- public List<String> findCreatorsOfSoftware(String softwareName) throws Exception {
- // it is very important from a performance perspective to parameterize queries
- Map params = new HashMap();
- params.put("n", softwareName);
-
- return client.submit("g.V().hasLabel('software').has('name',n).in('created').values('name')", params)
- .all().get().stream().map(r -> r.getString()).collect(Collectors.toList());
+ public List<Object> findCreatorsOfSoftware(String softwareName) throws Exception {
+ return g.V().has("software", "name", softwareName).
+ in("created").
+ values("name").toList();
}
@Override
public void close() throws Exception {
- client.close();
cluster.close();
}
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/1a3549f7/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/test/java/ServiceTest.java
----------------------------------------------------------------------
diff --git a/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/test/java/ServiceTest.java b/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/test/java/ServiceTest.java
index e013671..cc3feaa 100644
--- a/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/test/java/ServiceTest.java
+++ b/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/test/java/ServiceTest.java
@@ -78,7 +78,7 @@ public class ServiceTest {
@Test
public void shouldCreateGraph() throws Exception {
- final List<String> result = service.findCreatorsOfSoftware("lop");
+ final List<Object> result = service.findCreatorsOfSoftware("lop");
assertThat(result, is(Arrays.asList("marko", "josh", "peter")));
}
}
\ No newline at end of file
[08/16] tinkerpop git commit: TINKERPOP-2024 Needed to exit(0) for
maven executor to kill properly
Posted by rd...@apache.org.
TINKERPOP-2024 Needed to exit(0) for maven executor to kill properly
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/120064d8
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/120064d8
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/120064d8
Branch: refs/heads/TINKERPOP-2023
Commit: 120064d8a132a66d579509fe97f69fdb0518543a
Parents: 575cecf
Author: Stephen Mallette <sp...@genoprime.com>
Authored: Mon Aug 13 11:54:36 2018 -0400
Committer: Stephen Mallette <sp...@genoprime.com>
Committed: Mon Aug 13 11:54:36 2018 -0400
----------------------------------------------------------------------
.../src/main/resources/archetype-resources/src/main/java/App.java | 1 +
1 file changed, 1 insertion(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/120064d8/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/main/java/App.java
----------------------------------------------------------------------
diff --git a/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/main/java/App.java b/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/main/java/App.java
index 506fa6d..9e0127b 100644
--- a/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/main/java/App.java
+++ b/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/main/java/App.java
@@ -37,6 +37,7 @@ public class App {
} finally {
service.close();
logger.info("Service closed and resources released");
+ System.exit(0);
}
}
}
\ No newline at end of file
[16/16] tinkerpop git commit: Removed deprecated settings from docs,
updated javadoc
Posted by rd...@apache.org.
Removed deprecated settings from docs, updated javadoc
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/bbc0265c
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/bbc0265c
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/bbc0265c
Branch: refs/heads/TINKERPOP-2023
Commit: bbc0265c06f803d06ec2b6a600d4632d3f7d7d9b
Parents: 6434d04
Author: Robert Dale <ro...@gmail.com>
Authored: Fri Aug 17 15:47:27 2018 -0400
Committer: Robert Dale <ro...@gmail.com>
Committed: Fri Aug 17 15:47:27 2018 -0400
----------------------------------------------------------------------
.../src/reference/gremlin-applications.asciidoc | 8 ----
.../tinkerpop/gremlin/driver/Cluster.java | 42 +++++++++++---------
.../tinkerpop/gremlin/driver/Settings.java | 10 ++---
.../tinkerpop/gremlin/server/Settings.java | 34 ++++++++--------
4 files changed, 46 insertions(+), 48 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/bbc0265c/docs/src/reference/gremlin-applications.asciidoc
----------------------------------------------------------------------
diff --git a/docs/src/reference/gremlin-applications.asciidoc b/docs/src/reference/gremlin-applications.asciidoc
index d13e2ef..8372a8a 100644
--- a/docs/src/reference/gremlin-applications.asciidoc
+++ b/docs/src/reference/gremlin-applications.asciidoc
@@ -730,9 +730,6 @@ The following table describes the various configuration options for the Gremlin
|connectionPool.channelizer |The fully qualified classname of the client `Channelizer` that defines how to connect to the server. |`Channelizer.WebSocketChannelizer`
|connectionPool.enableSsl |Determines if SSL should be enabled or not. If enabled on the server then it must be enabled on the client. |false
|connectionPool.keepAliveInterval |Length of time in milliseconds to wait on an idle connection before sending a keep-alive request. Set to zero to disable this feature. |1800000
-|connectionPool.keyCertChainFile |The X.509 certificate chain file in PEM format. |_none_
-|connectionPool.keyFile |The `PKCS#8` private key file in PEM format. |_none_
-|connectionPool.keyPassword |The password of the `keyFile` if it is password-protected. |_none_
|connectionPool.keyStore |The private key in JKS or PKCS#12 format. |_none_
|connectionPool.keyStorePassword |The password of the `keyStore` if it is password-protected. |_none_
|connectionPool.keyStoreType |`JKS` (Java 8 default) or `PKCS12` (Java 9+ default)|_none_
@@ -751,7 +748,6 @@ The following table describes the various configuration options for the Gremlin
|connectionPool.sslCipherSuites |The list of JSSE ciphers to support for SSL connections. If specified, only the ciphers that are listed and supported will be enabled. If not specified, the JVM default is used. |_none_
|connectionPool.sslEnabledProtocols |The list of SSL protocols to support for SSL connections. If specified, only the protocols that are listed and supported will be enabled. If not specified, the JVM default is used. |_none_
|connectionPool.sslSkipCertValidation |Configures the `TrustManager` to trust all certs without any validation. Should not be used in production.|false
-|connectionPool.trustCertChainFile |File location for a SSL Certificate Chain to use when SSL is enabled. If this value is not provided and SSL is enabled, the default `TrustManager` will be used. |_none_
|connectionPool.trustStore |File location for a SSL Certificate Chain to use when SSL is enabled. If this value is not provided and SSL is enabled, the default `TrustManager` will be used. |_none_
|connectionPool.trustStorePassword |The password of the `trustStore` if it is password-protected |_none_
|hosts |The list of hosts that the driver will connect to. |localhost
@@ -1156,16 +1152,12 @@ The following table describes the various configuration options that Gremlin Ser
|serializers[X].className |The full class name of the `MessageSerializer` implementation. |_none_
|serializers[X].config |A `Map` containing `MessageSerializer` specific configurations. |_none_
|ssl.enabled |Determines if SSL is turned on or not. |false
-|ssl.keyCertChainFile |The X.509 certificate chain file in PEM format.|_none_
-|ssl.keyFile |The `PKCS#8` private key file in PEM format.|_none_
-|ssl.keyPassword |The password of the `keyFile` if it is password-protected. |_none_
|ssl.keyStore |The private key in JKS or PKCS#12 format. |_none_
|ssl.keyStorePassword |The password of the `keyStore` if it is password-protected. |_none_
|ssl.keyStoreType |`JKS` (Java 8 default) or `PKCS12` (Java 9+ default) |_none_
|ssl.needClientAuth | Optional. One of NONE, OPTIONAL, REQUIRE. Enables client certificate authentication at the enforcement level specified. Can be used in combination with Authenticator. |_none_
|ssl.sslCipherSuites |The list of JSSE ciphers to support for SSL connections. If specified, only the ciphers that are listed and supported will be enabled. If not specified, the JVM default is used. |_none_
|ssl.sslEnabledProtocols |The list of SSL protocols to support for SSL connections. If specified, only the protocols that are listed and supported will be enabled. If not specified, the JVM default is used. |_none_
-|ssl.trustCertChainFile | Required when needClientAuth is OPTIONAL or REQUIRE. Trusted certificates for verifying the remote endpoint's certificate. The file should contain an X.509 certificate chain in PEM format. |_none_
|ssl.trustStore |Required when needClientAuth is OPTIONAL or REQUIRE. Trusted certificates for verifying the remote endpoint's certificate. If this value is not provided and SSL is enabled, the default `TrustManager` will be used. |_none_
|ssl.trustStorePassword |The password of the `trustStore` if it is password-protected |_none_
|strictTransactionManagement |Set to `true` to require `aliases` to be submitted on every requests, where the `aliases` become the scope of transaction management. |false
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/bbc0265c/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Cluster.java
----------------------------------------------------------------------
diff --git a/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Cluster.java b/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Cluster.java
index 6e4ef25..7ae8d2d 100644
--- a/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Cluster.java
+++ b/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Cluster.java
@@ -569,11 +569,11 @@ public final class Cluster {
private String keyCertChainFile = null;
private String keyFile = null;
private String keyPassword = null;
- private String keyStore;
- private String keyStorePassword;
- private String trustStore;
- private String trustStorePassword;
- private String keyStoreType;
+ private String keyStore = null;
+ private String keyStorePassword = null;
+ private String trustStore = null;
+ private String trustStorePassword = null;
+ private String keyStoreType = null;
private List<String> sslEnabledProtocols = new ArrayList<>();
private List<String> sslCipherSuites = new ArrayList<>();
private boolean sslSkipCertValidation = false;
@@ -655,9 +655,8 @@ public final class Cluster {
/**
* File location for a SSL Certificate Chain to use when SSL is enabled. If this value is not provided and
- * SSL is enabled, the {@link TrustManager} will be established with a self-signed certificate which is NOT
- * suitable for production purposes.
- * @deprecated
+ * SSL is enabled, the default {@link TrustManager} will be used.
+ * @deprecated As of release 3.2.10, replaced by {@link trustStore}
*/
@Deprecated
public Builder trustCertificateChainFile(final String certificateChainFile) {
@@ -677,7 +676,7 @@ public final class Cluster {
/**
* The X.509 certificate chain file in PEM format.
- * @deprecated
+ * @deprecated As of release 3.2.10, replaced by {@link keyStore}
*/
@Deprecated
public Builder keyCertChainFile(final String keyCertChainFile) {
@@ -687,7 +686,7 @@ public final class Cluster {
/**
* The PKCS#8 private key file in PEM format.
- * @deprecated
+ * @deprecated As of release 3.2.10, replaced by {@link keyStore}
*/
@Deprecated
public Builder keyFile(final String keyFile) {
@@ -697,7 +696,7 @@ public final class Cluster {
/**
* The password of the {@link #keyFile}, or {@code null} if it's not password-protected.
- * @deprecated
+ * @deprecated As of release 3.2.10, replaced by {@link keyStorePassword}
*/
@Deprecated
public Builder keyPassword(final String keyPassword) {
@@ -706,7 +705,7 @@ public final class Cluster {
}
/**
- *
+ * The file location of the private key in JKS or PKCS#12 format.
*/
public Builder keyStore(final String keyStore) {
this.keyStore = keyStore;
@@ -714,7 +713,7 @@ public final class Cluster {
}
/**
- *
+ * The password of the {@link #keyStore}, or {@code null} if it's not password-protected.
*/
public Builder keyStorePassword(final String keyStorePassword) {
this.keyStorePassword = keyStorePassword;
@@ -722,7 +721,8 @@ public final class Cluster {
}
/**
- *
+ * The file location for a SSL Certificate Chain to use when SSL is enabled. If
+ * this value is not provided and SSL is enabled, the default {@link TrustManager} will be used.
*/
public Builder trustStore(final String trustStore) {
this.trustStore = trustStore;
@@ -730,7 +730,7 @@ public final class Cluster {
}
/**
- *
+ * The password of the {@link #trustStore}, or {@code null} if it's not password-protected.
*/
public Builder trustStorePassword(final String trustStorePassword) {
this.trustStorePassword = trustStorePassword;
@@ -738,7 +738,7 @@ public final class Cluster {
}
/**
- *
+ * The format of the {@link keyStore}, either {@code JKS} or {@code PKCS12}
*/
public Builder keyStoreType(final String keyStoreType) {
this.keyStoreType = keyStoreType;
@@ -746,7 +746,9 @@ public final class Cluster {
}
/**
- *
+ * A list of SSL protocols to enable. @see <a href=
+ * "https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSE_Protocols">JSSE
+ * Protocols</a>
*/
public Builder sslEnabledProtocols(final List<String> sslEnabledProtocols) {
this.sslEnabledProtocols = sslEnabledProtocols;
@@ -754,7 +756,9 @@ public final class Cluster {
}
/**
- *
+ * A list of cipher suites to enable. @see <a href=
+ * "https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SupportedCipherSuites">Cipher
+ * Suites</a>
*/
public Builder sslCipherSuites(final List<String> sslCipherSuites) {
this.sslCipherSuites = sslCipherSuites;
@@ -762,7 +766,7 @@ public final class Cluster {
}
/**
- *
+ * If true, trust all certificates and do not perform any validation.
*/
public Builder sslSkipCertValidation(final boolean sslSkipCertValidation) {
this.sslSkipCertValidation = sslSkipCertValidation;
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/bbc0265c/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Settings.java
----------------------------------------------------------------------
diff --git a/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Settings.java b/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Settings.java
index 4d54792..fedd337 100644
--- a/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Settings.java
+++ b/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Settings.java
@@ -258,28 +258,28 @@ final class Settings {
/**
* The trusted certificate in PEM format.
- * @deprecated Use JSSE-based settings
+ * @deprecated As of release 3.2.10, replaced by {@link trustStore}
*/
@Deprecated
public String trustCertChainFile = null;
/**
* The X.509 certificate chain file in PEM format.
- * @deprecated Use JSSE-based settings
+ * @deprecated As of release 3.2.10, replaced by {@link keyStore}
*/
@Deprecated
public String keyCertChainFile = null;
/**
* The PKCS#8 private key file in PEM format.
- * @deprecated Use JSSE-based settings
+ * @deprecated As of release 3.2.10, replaced by {@link keyStore}
*/
@Deprecated
public String keyFile = null;
/**
* The password of the {@link #keyFile}, or {@code null} if it's not password-protected.
- * @deprecated Use JSSE-based settings
+ * @deprecated As of release 3.2.10, replaced by {@link keyStorePassword}
*/
@Deprecated
public String keyPassword = null;
@@ -329,7 +329,7 @@ final class Settings {
public List<String> sslCipherSuites = new ArrayList<>();
/**
- *
+ * If true, trust all certificates and do not perform any validation.
*/
public boolean sslSkipCertValidation = false;
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/bbc0265c/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
----------------------------------------------------------------------
diff --git a/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java b/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
index c918f8b..4acfea0 100644
--- a/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
+++ b/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
@@ -51,6 +51,8 @@ import java.util.Optional;
import java.util.ServiceLoader;
import java.util.UUID;
+import javax.net.ssl.TrustManager;
+
/**
* Server settings as configured by a YAML file.
*
@@ -457,7 +459,7 @@ public class Settings {
/**
* The X.509 certificate chain file in PEM format.
*
- * @deprecated Use JSSE-based settings
+ * @deprecated As of release 3.2.10, replaced by {@link keyStore}
*/
@Deprecated
public String keyCertChainFile = null;
@@ -465,7 +467,7 @@ public class Settings {
/**
* The PKCS#8 private key file in PEM format.
*
- * @deprecated Use JSSE-based settings
+ * @deprecated As of release 3.2.10, replaced by {@link keyStore}
*/
@Deprecated
public String keyFile = null;
@@ -474,7 +476,7 @@ public class Settings {
* The password of the {@link #keyFile}, or {@code null} if it's not
* password-protected.
*
- * @deprecated Use JSSE-based settings
+ * @deprecated As of release 3.2.10, replaced by {@link keyStorePassword}
*/
@Deprecated
public String keyPassword = null;
@@ -484,48 +486,48 @@ public class Settings {
* file should contain an X.509 certificate chain in PEM format. {@code null}
* uses the system default.
*
- * @deprecated Use JSSE-based settings
+ * @deprecated As of release 3.2.10, replaced by {@link trustStore}
*/
@Deprecated
public String trustCertChainFile = null;
/**
- * JSSE keystore file path. Similar to setting JSSE property
- * {@code javax.net.ssl.keyStore}.
+ * The file location of the private key in JKS or PKCS#12 format.
*/
public String keyStore;
/**
- * JSSE keystore password. Similar to setting JSSE property
- * {@code javax.net.ssl.keyStorePassword}.
+ * The password of the {@link #keyStore}, or {@code null} if it's not password-protected.
*/
public String keyStorePassword;
/**
- * JSSE truststore file path. Similar to setting JSSE property
- * {@code javax.net.ssl.trustStore}.
+ * Trusted certificates for verifying the remote client's certificate. If
+ * this value is not provided and SSL is enabled, the default {@link TrustManager} will be used.
*/
public String trustStore;
/**
- * JSSE truststore password. Similar to setting JSSE property
- * {@code javax.net.ssl.trustStorePassword}.
+ * The password of the {@link #trustStore}, or {@code null} if it's not password-protected.
*/
public String trustStorePassword;
/**
- * JSSE keystore format. Similar to setting JSSE property
- * {@code javax.net.ssl.keyStoreType}.
+ * The format of the {@link keyStore}, either {@code JKS} or {@code PKCS12}
*/
public String keyStoreType;
/**
- * @see <a href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSE_Protocols">JSSE Protocols</a>
+ * A list of SSL protocols to enable. @see <a href=
+ * "https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSE_Protocols">JSSE
+ * Protocols</a>
*/
public List<String> sslEnabledProtocols = new ArrayList<>();
/**
- * @see <a href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SupportedCipherSuites">Cipher Suites</a>
+ * A list of cipher suites to enable. @see <a href=
+ * "https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SupportedCipherSuites">Cipher
+ * Suites</a>
*/
public List<String> sslCipherSuites = new ArrayList<>();
[02/16] tinkerpop git commit: Add check for Column in `by(Function)`
Posted by rd...@apache.org.
Add check for Column in `by(Function)`
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/a0a243b2
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/a0a243b2
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/a0a243b2
Branch: refs/heads/TINKERPOP-2023
Commit: a0a243b256dbfdf66bb5ce24958fc91c7e6eed03
Parents: 1b99323
Author: yatam <yu...@asg.com>
Authored: Mon Aug 6 15:57:06 2018 +0300
Committer: Stephen Mallette <sp...@genoprime.com>
Committed: Mon Aug 13 10:35:09 2018 -0400
----------------------------------------------------------------------
.../tinkerpop/gremlin/process/traversal/step/ByModulating.java | 2 ++
.../tinkerpop/gremlin/process/traversal/step/map/GroupStep.java | 2 ++
2 files changed, 4 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/a0a243b2/gremlin-core/src/main/java/org/apache/tinkerpop/gremlin/process/traversal/step/ByModulating.java
----------------------------------------------------------------------
diff --git a/gremlin-core/src/main/java/org/apache/tinkerpop/gremlin/process/traversal/step/ByModulating.java b/gremlin-core/src/main/java/org/apache/tinkerpop/gremlin/process/traversal/step/ByModulating.java
index bea1b56..01841fa 100644
--- a/gremlin-core/src/main/java/org/apache/tinkerpop/gremlin/process/traversal/step/ByModulating.java
+++ b/gremlin-core/src/main/java/org/apache/tinkerpop/gremlin/process/traversal/step/ByModulating.java
@@ -57,6 +57,8 @@ public interface ByModulating {
public default void modulateBy(final Function function) throws UnsupportedOperationException {
if (function instanceof T)
this.modulateBy((T) function);
+ else if (function instanceof Column)
+ this.modulateBy(new ColumnTraversal((Column) function));
else
this.modulateBy(__.map(new FunctionTraverser<>(function)).asAdmin());
}
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/a0a243b2/gremlin-core/src/main/java/org/apache/tinkerpop/gremlin/process/traversal/step/map/GroupStep.java
----------------------------------------------------------------------
diff --git a/gremlin-core/src/main/java/org/apache/tinkerpop/gremlin/process/traversal/step/map/GroupStep.java b/gremlin-core/src/main/java/org/apache/tinkerpop/gremlin/process/traversal/step/map/GroupStep.java
index 07ca4ae..127d562 100644
--- a/gremlin-core/src/main/java/org/apache/tinkerpop/gremlin/process/traversal/step/map/GroupStep.java
+++ b/gremlin-core/src/main/java/org/apache/tinkerpop/gremlin/process/traversal/step/map/GroupStep.java
@@ -23,6 +23,7 @@ import org.apache.tinkerpop.gremlin.process.traversal.Operator;
import org.apache.tinkerpop.gremlin.process.traversal.Traversal;
import org.apache.tinkerpop.gremlin.process.traversal.Traverser;
import org.apache.tinkerpop.gremlin.process.traversal.dsl.graph.__;
+import org.apache.tinkerpop.gremlin.process.traversal.lambda.ColumnTraversal;
import org.apache.tinkerpop.gremlin.process.traversal.lambda.ElementValueTraversal;
import org.apache.tinkerpop.gremlin.process.traversal.lambda.FunctionTraverser;
import org.apache.tinkerpop.gremlin.process.traversal.lambda.IdentityTraversal;
@@ -176,6 +177,7 @@ public final class GroupStep<S, K, V> extends ReducingBarrierStep<S, Map<K, V>>
if (valueTraversal instanceof ElementValueTraversal ||
valueTraversal instanceof TokenTraversal ||
valueTraversal instanceof IdentityTraversal ||
+ valueTraversal instanceof ColumnTraversal ||
valueTraversal.getStartStep() instanceof LambdaMapStep && ((LambdaMapStep) valueTraversal.getStartStep()).getMapFunction() instanceof FunctionTraverser) {
return (Traversal.Admin<S, E>) __.map(valueTraversal).fold();
} else
[07/16] tinkerpop git commit: TINKERPOP-2024 Made port configurable
in archetype
Posted by rd...@apache.org.
TINKERPOP-2024 Made port configurable in archetype
The port is defaulted to the gremlin server test port, which is not the same as the standard 8182 so the usage instructions were somewhat not right in an out-of-the-box way.
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/575cecf1
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/575cecf1
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/575cecf1
Branch: refs/heads/TINKERPOP-2023
Commit: 575cecf1d648cd7453ffa9b69fe12b8f10117d9c
Parents: 1a3549f
Author: Stephen Mallette <sp...@genoprime.com>
Authored: Mon Aug 13 11:39:59 2018 -0400
Committer: Stephen Mallette <sp...@genoprime.com>
Committed: Mon Aug 13 11:39:59 2018 -0400
----------------------------------------------------------------------
.../src/main/resources/archetype-resources/README.asciidoc | 2 +-
.../resources/archetype-resources/src/main/java/Service.java | 4 +++-
2 files changed, 4 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/575cecf1/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/README.asciidoc
----------------------------------------------------------------------
diff --git a/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/README.asciidoc b/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/README.asciidoc
index 04ea28e..d4a0eb1 100644
--- a/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/README.asciidoc
+++ b/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/README.asciidoc
@@ -65,4 +65,4 @@ $ bin/gremlin-server.sh conf/gremlin-server-modern.yaml
Run this project as follows:
[source,text]
-mvn exec:java -Dexec.mainClass="${package}.App" -Dlog4j.configuration=file:conf/log4j.properties
+mvn exec:java -Dexec.mainClass="${package}.App" -Dlog4j.configuration=file:conf/log4j.properties -Dport=8182
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/575cecf1/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/main/java/Service.java
----------------------------------------------------------------------
diff --git a/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/main/java/Service.java b/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/main/java/Service.java
index a79bdaa..bb3fc68 100644
--- a/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/main/java/Service.java
+++ b/gremlin-archetype/gremlin-archetype-server/src/main/resources/archetype-resources/src/main/java/Service.java
@@ -27,10 +27,12 @@ import java.util.List;
public class Service implements AutoCloseable {
+ private final int port = Integer.parseInt(System.getProperty("port", "45940"));
+
/**
* There typically needs to be only one Cluster instance in an application.
*/
- private final Cluster cluster = Cluster.build().port(45940).create();
+ private final Cluster cluster = Cluster.build().port(port).create();
/**
* Construct a remote GraphTraversalSource using the above created Cluster instance that will connect to Gremlin
[10/16] tinkerpop git commit: Merge branch 'TINKERPOP-2024' into tp32
Posted by rd...@apache.org.
Merge branch 'TINKERPOP-2024' into tp32
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/5f770b1f
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/5f770b1f
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/5f770b1f
Branch: refs/heads/TINKERPOP-2023
Commit: 5f770b1ff38b4113c0970e94a2fc3452c11d5847
Parents: ea18963 120064d
Author: Stephen Mallette <sp...@genoprime.com>
Authored: Thu Aug 16 15:10:09 2018 -0400
Committer: Stephen Mallette <sp...@genoprime.com>
Committed: Thu Aug 16 15:10:09 2018 -0400
----------------------------------------------------------------------
CHANGELOG.asciidoc | 1 +
.../archetype-resources/README.asciidoc | 6 ++--
.../archetype-resources/src/main/java/App.java | 1 +
.../src/main/java/Service.java | 34 +++++++++-----------
.../src/test/java/ServiceTest.java | 2 +-
5 files changed, 21 insertions(+), 23 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/5f770b1f/CHANGELOG.asciidoc
----------------------------------------------------------------------
[09/16] tinkerpop git commit: Add dependency on Microsoft.CSharp
TINKERPOP-1945 CTR
Posted by rd...@apache.org.
Add dependency on Microsoft.CSharp TINKERPOP-1945 CTR
We need this dependency to use dynamic in C#. We already had an indirect
dependency on it before through the dependency on Newtonsoft.Json.
Newtonsoft.Json dropped that dependency in version 11 for .NET Standard
2.0 which broke our build.
This commit only makes the dependency explicit.
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/ea18963e
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/ea18963e
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/ea18963e
Branch: refs/heads/TINKERPOP-2023
Commit: ea18963e543de90668f401938217f5aa21f2ff29
Parents: d6a7950
Author: Florian Hockmann <fh...@florian-hockmann.de>
Authored: Mon Aug 13 18:09:52 2018 +0200
Committer: Florian Hockmann <fh...@florian-hockmann.de>
Committed: Mon Aug 13 18:09:52 2018 +0200
----------------------------------------------------------------------
gremlin-dotnet/glv/Gremlin.Net.csproj.template | 1 +
gremlin-dotnet/src/Gremlin.Net/Gremlin.Net.csproj | 1 +
2 files changed, 2 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ea18963e/gremlin-dotnet/glv/Gremlin.Net.csproj.template
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/glv/Gremlin.Net.csproj.template b/gremlin-dotnet/glv/Gremlin.Net.csproj.template
index 965fba9..50c227a 100644
--- a/gremlin-dotnet/glv/Gremlin.Net.csproj.template
+++ b/gremlin-dotnet/glv/Gremlin.Net.csproj.template
@@ -49,6 +49,7 @@ Please see the reference documentation at Apache TinkerPop for more information
<ItemGroup>
<PackageReference Include="Newtonsoft.Json" Version="11.0.2" />
+ <PackageReference Include="Microsoft.CSharp" Version="4.3.0" />
</ItemGroup>
<ItemGroup Condition="'\$(TargetFramework)' == 'netstandard1.3'">
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ea18963e/gremlin-dotnet/src/Gremlin.Net/Gremlin.Net.csproj
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/src/Gremlin.Net/Gremlin.Net.csproj b/gremlin-dotnet/src/Gremlin.Net/Gremlin.Net.csproj
index e506bf5..476ca23 100644
--- a/gremlin-dotnet/src/Gremlin.Net/Gremlin.Net.csproj
+++ b/gremlin-dotnet/src/Gremlin.Net/Gremlin.Net.csproj
@@ -49,6 +49,7 @@ Please see the reference documentation at Apache TinkerPop for more information
<ItemGroup>
<PackageReference Include="Newtonsoft.Json" Version="11.0.2" />
+ <PackageReference Include="Microsoft.CSharp" Version="4.3.0" />
</ItemGroup>
<ItemGroup Condition="'$(TargetFramework)' == 'netstandard1.3'">
[14/16] tinkerpop git commit: TINKERPOP-2023 default to TLSv1.2,
updated upgrade notes
Posted by rd...@apache.org.
TINKERPOP-2023 default to TLSv1.2, updated upgrade notes
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/ca83fbdf
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/ca83fbdf
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/ca83fbdf
Branch: refs/heads/TINKERPOP-2023
Commit: ca83fbdfdc885a9774ba1dbc17b3d9df75c49137
Parents: e3b4ae5
Author: Robert Dale <ro...@gmail.com>
Authored: Sun Aug 12 21:50:02 2018 -0400
Committer: Robert Dale <ro...@gmail.com>
Committed: Fri Aug 17 15:06:33 2018 -0400
----------------------------------------------------------------------
CHANGELOG.asciidoc | 1 +
.../upgrade/release-3.2.x-incubating.asciidoc | 25 ++++++++++++++++++++
gremlin-console/conf/remote-secure.yaml | 2 +-
.../conf/gremlin-server-rest-secure.yaml | 1 +
gremlin-server/conf/gremlin-server-secure.yaml | 1 +
5 files changed, 29 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ca83fbdf/CHANGELOG.asciidoc
----------------------------------------------------------------------
diff --git a/CHANGELOG.asciidoc b/CHANGELOG.asciidoc
index eb1a6c5..9dec8df 100644
--- a/CHANGELOG.asciidoc
+++ b/CHANGELOG.asciidoc
@@ -23,6 +23,7 @@ image::https://raw.githubusercontent.com/apache/tinkerpop/master/docs/static/ima
[[release-3-2-10]]
=== TinkerPop 3.2.10 (Release Date: NOT OFFICIALLY RELEASED YET)
+* SSL security enhancements
* Fixed problem with Gremlin Server sometimes returning an additional message after a failure.
* Allowed spaces in classpath for `gremlin-server.bat`.
* Modified Maven archetype for Gremlin Server to use remote traversals rather than scripts.
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ca83fbdf/docs/src/upgrade/release-3.2.x-incubating.asciidoc
----------------------------------------------------------------------
diff --git a/docs/src/upgrade/release-3.2.x-incubating.asciidoc b/docs/src/upgrade/release-3.2.x-incubating.asciidoc
index af03937..9b0a120 100644
--- a/docs/src/upgrade/release-3.2.x-incubating.asciidoc
+++ b/docs/src/upgrade/release-3.2.x-incubating.asciidoc
@@ -29,6 +29,31 @@ Please see the link:https://github.com/apache/tinkerpop/blob/3.2.10/CHANGELOG.as
=== Upgrading for Users
+==== SSL Security
+
+TinkerPop improves its security posture by removing insecure defaults and adding forward-looking standards support.
+
+Gremlin Server no longer supports automatically creating self-signed certificates.
+Self-signed certificates can still be created manually outside of Gremlin Server.
+If ssl is enabled, a key store must be configured.
+
+Cluster client no longer trusts all certs by default as this is an insecure configuration.
+Instead, if no trust store is configured, Cluster will use the default CA certs.
+To revert to the previous behavior and accept all certs, it must be explicitly configured.
+
+This release introduces JKS and PKCS12 support. JKS is the legacy Java Key Store. PKCS12 has better cross-platform support and is gaining in adoption.
+Be aware that JKS is the default on Java 8. Java 9 and higher use PKCS12 as the default. Both Java keytool and OpenSSL tools can create, read, update PKCS12 files.
+
+Other new features include specifying SSL protocols and cipher suites.
+The packaged `*-secure.yaml` files now restrict the protocol to `TLSv1.2` by default.
+
+PEM-based configurations are deprecated and may be removed in a future release.
+
+See the section on configuring SSL.
+
+link:https://issues.apache.org/jira/browse/TINKERPOP-2022[TINKERPOP-2022]
+link:https://issues.apache.org/jira/browse/TINKERPOP-2023[TINKERPOP-2023]
+
==== Bulk Import and Export
TinkerPop has provided some general methods for importing and exporting data, but more and more graph providers are
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ca83fbdf/gremlin-console/conf/remote-secure.yaml
----------------------------------------------------------------------
diff --git a/gremlin-console/conf/remote-secure.yaml b/gremlin-console/conf/remote-secure.yaml
index c7a2c44..b0a7309 100644
--- a/gremlin-console/conf/remote-secure.yaml
+++ b/gremlin-console/conf/remote-secure.yaml
@@ -30,5 +30,5 @@ username: stephen
password: password
connectionPool: {
enableSsl: true,
- sslSkipCertValidation: true }
+ sslEnabledProtocols: [TLSv1.2] }
serializer: { className: org.apache.tinkerpop.gremlin.driver.ser.GryoMessageSerializerV1d0, config: { serializeResultToString: true }}
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ca83fbdf/gremlin-server/conf/gremlin-server-rest-secure.yaml
----------------------------------------------------------------------
diff --git a/gremlin-server/conf/gremlin-server-rest-secure.yaml b/gremlin-server/conf/gremlin-server-rest-secure.yaml
index fcfbba1..2f4db91 100644
--- a/gremlin-server/conf/gremlin-server-rest-secure.yaml
+++ b/gremlin-server/conf/gremlin-server-rest-secure.yaml
@@ -70,6 +70,7 @@ authentication: {
credentialsDb: conf/tinkergraph-credentials.properties}}
ssl: {
enabled: true,
+ sslEnabledProtocols: [TLSv1.2],
# You must configure a keyStore!
#keyStore: server.jks,
#keyStorePassword: changeit
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ca83fbdf/gremlin-server/conf/gremlin-server-secure.yaml
----------------------------------------------------------------------
diff --git a/gremlin-server/conf/gremlin-server-secure.yaml b/gremlin-server/conf/gremlin-server-secure.yaml
index af46c59..637af12 100644
--- a/gremlin-server/conf/gremlin-server-secure.yaml
+++ b/gremlin-server/conf/gremlin-server-secure.yaml
@@ -74,6 +74,7 @@ authentication: {
credentialsDb: conf/tinkergraph-credentials.properties}}
ssl: {
enabled: true,
+ sslEnabledProtocols: [TLSv1.2],
# You must configure a keyStore!
#keyStore: server.jks,
#keyStorePassword: changeit
[05/16] tinkerpop git commit: TINKERPOP-1945 Updated json version in
.NET
Posted by rd...@apache.org.
TINKERPOP-1945 Updated json version in .NET
The original PR modified the proj file directly rather than the template.
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/d6a79506
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/d6a79506
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/d6a79506
Branch: refs/heads/TINKERPOP-2023
Commit: d6a7950678a5b0489af02087d35c296feb1e5718
Parents: 1eb418f
Author: Stephen Mallette <sp...@genoprime.com>
Authored: Mon Aug 13 11:08:46 2018 -0400
Committer: Stephen Mallette <sp...@genoprime.com>
Committed: Mon Aug 13 11:17:28 2018 -0400
----------------------------------------------------------------------
gremlin-dotnet/glv/Gremlin.Net.csproj.template | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d6a79506/gremlin-dotnet/glv/Gremlin.Net.csproj.template
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/glv/Gremlin.Net.csproj.template b/gremlin-dotnet/glv/Gremlin.Net.csproj.template
index 0770178..965fba9 100644
--- a/gremlin-dotnet/glv/Gremlin.Net.csproj.template
+++ b/gremlin-dotnet/glv/Gremlin.Net.csproj.template
@@ -48,7 +48,7 @@ Please see the reference documentation at Apache TinkerPop for more information
</PropertyGroup>
<ItemGroup>
- <PackageReference Include="Newtonsoft.Json" Version="9.0.1" />
+ <PackageReference Include="Newtonsoft.Json" Version="11.0.2" />
</ItemGroup>
<ItemGroup Condition="'\$(TargetFramework)' == 'netstandard1.3'">
[12/16] tinkerpop git commit: TINKERPOP-2023 new SSL client,
server parameters
Posted by rd...@apache.org.
TINKERPOP-2023 new SSL client, server parameters
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/e3b4ae5d
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/e3b4ae5d
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/e3b4ae5d
Branch: refs/heads/TINKERPOP-2023
Commit: e3b4ae5d848d641d6dbdbfa940acab470c64fabb
Parents: 5f770b1
Author: Robert Dale <ro...@gmail.com>
Authored: Sat Aug 11 21:12:50 2018 -0400
Committer: Robert Dale <ro...@gmail.com>
Committed: Fri Aug 17 15:06:33 2018 -0400
----------------------------------------------------------------------
gremlin-console/conf/remote-secure.yaml | 5 +-
.../tinkerpop/gremlin/driver/Cluster.java | 172 ++++++++++++++++++-
.../tinkerpop/gremlin/driver/Settings.java | 57 ++++++
.../conf/gremlin-server-rest-secure.yaml | 6 +-
gremlin-server/conf/gremlin-server-secure.yaml | 6 +-
.../gremlin/server/AbstractChannelizer.java | 78 +++++++--
.../tinkerpop/gremlin/server/Settings.java | 64 ++++++-
.../AbstractGremlinServerIntegrationTest.java | 7 +
.../server/GremlinServerAuthIntegrateTest.java | 4 +-
.../GremlinServerAuthOldIntegrateTest.java | 4 +-
.../server/GremlinServerIntegrateTest.java | 41 ++---
...ctGremlinServerChannelizerIntegrateTest.java | 10 +-
gremlin-server/src/test/resources/server.jks | Bin 0 -> 2258 bytes
gremlin-server/src/test/resources/server.p12 | Bin 0 -> 2613 bytes
14 files changed, 396 insertions(+), 58 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e3b4ae5d/gremlin-console/conf/remote-secure.yaml
----------------------------------------------------------------------
diff --git a/gremlin-console/conf/remote-secure.yaml b/gremlin-console/conf/remote-secure.yaml
index 4f8d22b..c7a2c44 100644
--- a/gremlin-console/conf/remote-secure.yaml
+++ b/gremlin-console/conf/remote-secure.yaml
@@ -29,5 +29,6 @@ port: 8182
username: stephen
password: password
connectionPool: {
- enableSsl: true}
-serializer: { className: org.apache.tinkerpop.gremlin.driver.ser.GryoMessageSerializerV1d0, config: { serializeResultToString: true }}
\ No newline at end of file
+ enableSsl: true,
+ sslSkipCertValidation: true }
+serializer: { className: org.apache.tinkerpop.gremlin.driver.ser.GryoMessageSerializerV1d0, config: { serializeResultToString: true }}
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e3b4ae5d/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Cluster.java
----------------------------------------------------------------------
diff --git a/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Cluster.java b/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Cluster.java
index 567bfb4..6e4ef25 100644
--- a/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Cluster.java
+++ b/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Cluster.java
@@ -33,15 +33,25 @@ import org.apache.commons.lang3.concurrent.BasicThreadFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.InputStream;
import java.lang.ref.WeakReference;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.URI;
import java.net.UnknownHostException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
@@ -172,6 +182,14 @@ public final class Cluster {
.keyCertChainFile(settings.connectionPool.keyCertChainFile)
.keyFile(settings.connectionPool.keyFile)
.keyPassword(settings.connectionPool.keyPassword)
+ .keyStore(settings.connectionPool.keyStore)
+ .keyStorePassword(settings.connectionPool.keyStorePassword)
+ .keyStoreType(settings.connectionPool.keyStoreType)
+ .trustStore(settings.connectionPool.trustStore)
+ .trustStorePassword(settings.connectionPool.trustStorePassword)
+ .sslCipherSuites(settings.connectionPool.sslCipherSuites)
+ .sslEnabledProtocols(settings.connectionPool.sslEnabledProtocols)
+ .sslSkipCertValidation(settings.connectionPool.sslSkipCertValidation)
.nioPoolSize(settings.nioPoolSize)
.workerPoolSize(settings.workerPoolSize)
.reconnectInterval(settings.connectionPool.reconnectInterval)
@@ -446,29 +464,81 @@ public final class Cluster {
return manager.authProps;
}
- SslContext createSSLContext() throws Exception {
+ SslContext createSSLContext() throws Exception {
// if the context is provided then just use that and ignore the other settings
- if (manager.sslContextOptional.isPresent()) return manager.sslContextOptional.get();
+ if (manager.sslContextOptional.isPresent())
+ return manager.sslContextOptional.get();
final SslProvider provider = SslProvider.JDK;
final Settings.ConnectionPoolSettings connectionPoolSettings = connectionPoolSettings();
final SslContextBuilder builder = SslContextBuilder.forClient();
- if (connectionPoolSettings.trustCertChainFile != null)
+ if (connectionPoolSettings.trustCertChainFile != null) {
+ logger.warn("Using deprecated SSL trustCertChainFile support");
builder.trustManager(new File(connectionPoolSettings.trustCertChainFile));
- else {
- logger.warn("SSL configured without a trustCertChainFile and thus trusts all certificates without verification (not suitable for production)");
- builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
}
if (null != connectionPoolSettings.keyCertChainFile && null != connectionPoolSettings.keyFile) {
+ logger.warn("Using deprecated SSL keyFile support");
final File keyCertChainFile = new File(connectionPoolSettings.keyCertChainFile);
final File keyFile = new File(connectionPoolSettings.keyFile);
- // note that keyPassword may be null here if the keyFile is not password-protected.
+ // note that keyPassword may be null here if the keyFile is not
+ // password-protected.
builder.keyManager(keyCertChainFile, keyFile, connectionPoolSettings.keyPassword);
}
+ // Build JSSE SSLContext
+ try {
+
+ // Load private key/public cert for client auth
+ if (null != connectionPoolSettings.keyStore) {
+ final String keyStoreType = null == connectionPoolSettings.keyStoreType ? KeyStore.getDefaultType()
+ : connectionPoolSettings.keyStoreType;
+ final KeyStore keystore = KeyStore.getInstance(keyStoreType);
+ final char[] password = null == connectionPoolSettings.keyStorePassword ? null
+ : connectionPoolSettings.keyStorePassword.toCharArray();
+ try (final InputStream in = new FileInputStream(connectionPoolSettings.keyStore)) {
+ keystore.load(in, password);
+ }
+ final KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+ kmf.init(keystore, password);
+ builder.keyManager(kmf);
+ }
+
+ // Load custom truststore
+ if (null != connectionPoolSettings.trustStore) {
+ final String keystoreType = null == connectionPoolSettings.keyStoreType ? KeyStore.getDefaultType()
+ : connectionPoolSettings.keyStoreType;
+ final KeyStore truststore = KeyStore.getInstance(keystoreType);
+ final char[] password = null == connectionPoolSettings.trustStorePassword ? null
+ : connectionPoolSettings.trustStorePassword.toCharArray();
+ try (final InputStream in = new FileInputStream(connectionPoolSettings.trustStore)) {
+ truststore.load(in, password);
+ }
+ final TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ tmf.init(truststore);
+ builder.trustManager(tmf);
+ }
+
+ } catch (UnrecoverableKeyException | NoSuchAlgorithmException | KeyStoreException | CertificateException | IOException e) {
+ logger.error("There was an error enabling SSL.", e);
+ return null;
+ }
+
+ if (null != connectionPoolSettings.sslCipherSuites && !connectionPoolSettings.sslCipherSuites.isEmpty()) {
+ builder.ciphers(connectionPoolSettings.sslCipherSuites);
+ }
+
+ if (null != connectionPoolSettings.sslEnabledProtocols && !connectionPoolSettings.sslEnabledProtocols.isEmpty()) {
+ builder.protocols(connectionPoolSettings.sslEnabledProtocols.toArray(new String[] {}));
+ }
+
+ if (connectionPoolSettings.sslSkipCertValidation) {
+ logger.warn("SSL configured with sslSkipCertValidation thus trusts all certificates without verification (not suitable for production)");
+ builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
+ }
+
builder.sslProvider(provider);
return builder.build();
@@ -499,6 +569,14 @@ public final class Cluster {
private String keyCertChainFile = null;
private String keyFile = null;
private String keyPassword = null;
+ private String keyStore;
+ private String keyStorePassword;
+ private String trustStore;
+ private String trustStorePassword;
+ private String keyStoreType;
+ private List<String> sslEnabledProtocols = new ArrayList<>();
+ private List<String> sslCipherSuites = new ArrayList<>();
+ private boolean sslSkipCertValidation = false;
private SslContext sslContext = null;
private LoadBalancingStrategy loadBalancingStrategy = new LoadBalancingStrategy.RoundRobin();
private AuthProperties authProps = new AuthProperties();
@@ -579,7 +657,9 @@ public final class Cluster {
* File location for a SSL Certificate Chain to use when SSL is enabled. If this value is not provided and
* SSL is enabled, the {@link TrustManager} will be established with a self-signed certificate which is NOT
* suitable for production purposes.
+ * @deprecated
*/
+ @Deprecated
public Builder trustCertificateChainFile(final String certificateChainFile) {
this.trustCertChainFile = certificateChainFile;
return this;
@@ -597,7 +677,9 @@ public final class Cluster {
/**
* The X.509 certificate chain file in PEM format.
+ * @deprecated
*/
+ @Deprecated
public Builder keyCertChainFile(final String keyCertChainFile) {
this.keyCertChainFile = keyCertChainFile;
return this;
@@ -605,7 +687,9 @@ public final class Cluster {
/**
* The PKCS#8 private key file in PEM format.
+ * @deprecated
*/
+ @Deprecated
public Builder keyFile(final String keyFile) {
this.keyFile = keyFile;
return this;
@@ -613,11 +697,77 @@ public final class Cluster {
/**
* The password of the {@link #keyFile}, or {@code null} if it's not password-protected.
+ * @deprecated
*/
+ @Deprecated
public Builder keyPassword(final String keyPassword) {
this.keyPassword = keyPassword;
return this;
}
+
+ /**
+ *
+ */
+ public Builder keyStore(final String keyStore) {
+ this.keyStore = keyStore;
+ return this;
+ }
+
+ /**
+ *
+ */
+ public Builder keyStorePassword(final String keyStorePassword) {
+ this.keyStorePassword = keyStorePassword;
+ return this;
+ }
+
+ /**
+ *
+ */
+ public Builder trustStore(final String trustStore) {
+ this.trustStore = trustStore;
+ return this;
+ }
+
+ /**
+ *
+ */
+ public Builder trustStorePassword(final String trustStorePassword) {
+ this.trustStorePassword = trustStorePassword;
+ return this;
+ }
+
+ /**
+ *
+ */
+ public Builder keyStoreType(final String keyStoreType) {
+ this.keyStoreType = keyStoreType;
+ return this;
+ }
+
+ /**
+ *
+ */
+ public Builder sslEnabledProtocols(final List<String> sslEnabledProtocols) {
+ this.sslEnabledProtocols = sslEnabledProtocols;
+ return this;
+ }
+
+ /**
+ *
+ */
+ public Builder sslCipherSuites(final List<String> sslCipherSuites) {
+ this.sslCipherSuites = sslCipherSuites;
+ return this;
+ }
+
+ /**
+ *
+ */
+ public Builder sslSkipCertValidation(final boolean sslSkipCertValidation) {
+ this.sslSkipCertValidation = sslSkipCertValidation;
+ return this;
+ }
/**
* The minimum number of in-flight requests that can occur on a {@link Connection} before it is considered
@@ -901,6 +1051,14 @@ public final class Cluster {
connectionPoolSettings.keyCertChainFile = builder.keyCertChainFile;
connectionPoolSettings.keyFile = builder.keyFile;
connectionPoolSettings.keyPassword = builder.keyPassword;
+ connectionPoolSettings.keyStore = builder.keyStore;
+ connectionPoolSettings.keyStorePassword = builder.keyStorePassword;
+ connectionPoolSettings.trustStore = builder.trustStore;
+ connectionPoolSettings.trustStorePassword = builder.trustStorePassword;
+ connectionPoolSettings.keyStoreType = builder.keyStoreType;
+ connectionPoolSettings.sslCipherSuites = builder.sslCipherSuites;
+ connectionPoolSettings.sslEnabledProtocols = builder.sslEnabledProtocols;
+ connectionPoolSettings.sslSkipCertValidation = builder.sslSkipCertValidation;
connectionPoolSettings.keepAliveInterval = builder.keepAliveInterval;
connectionPoolSettings.channelizer = builder.channelizer;
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e3b4ae5d/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Settings.java
----------------------------------------------------------------------
diff --git a/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Settings.java b/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Settings.java
index 8a2517d..009a0bf 100644
--- a/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Settings.java
+++ b/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Settings.java
@@ -232,25 +232,82 @@ final class Settings {
/**
* The trusted certificate in PEM format.
+ * @deprecated Use JSSE-based settings
*/
+ @Deprecated
public String trustCertChainFile = null;
/**
* The X.509 certificate chain file in PEM format.
+ * @deprecated Use JSSE-based settings
*/
+ @Deprecated
public String keyCertChainFile = null;
/**
* The PKCS#8 private key file in PEM format.
+ * @deprecated Use JSSE-based settings
*/
+ @Deprecated
public String keyFile = null;
/**
* The password of the {@link #keyFile}, or {@code null} if it's not password-protected.
+ * @deprecated Use JSSE-based settings
*/
+ @Deprecated
public String keyPassword = null;
/**
+ * JSSE keystore file path. Similar to setting JSSE property
+ * {@code javax.net.ssl.keyStore}.
+ */
+ public String keyStore;
+
+ /**
+ * JSSE keystore password. Similar to setting JSSE property
+ * {@code javax.net.ssl.keyStorePassword}.
+ */
+ public String keyStorePassword;
+
+ /**
+ * JSSE truststore file path. Similar to setting JSSE property
+ * {@code javax.net.ssl.trustStore}.
+ */
+ public String trustStore;
+
+ /**
+ * JSSE truststore password. Similar to setting JSSE property
+ * {@code javax.net.ssl.trustStorePassword}.
+ */
+ public String trustStorePassword;
+
+ /**
+ * JSSE keystore format. Similar to setting JSSE property
+ * {@code javax.net.ssl.keyStoreType}.
+ */
+ public String keyStoreType;
+
+ /**
+ * @see <a href=
+ * "https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSE_Protocols">JSSE
+ * Protocols</a>
+ */
+ public List<String> sslEnabledProtocols = new ArrayList<>();
+
+ /**
+ * @see <a href=
+ * "https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SupportedCipherSuites">Cipher
+ * Suites</a>
+ */
+ public List<String> sslCipherSuites = new ArrayList<>();
+
+ /**
+ *
+ */
+ public boolean sslSkipCertValidation = false;
+
+ /**
* The minimum size of a connection pool for a {@link Host}. By default this is set to 2.
*/
public int minSize = ConnectionPool.MIN_POOL_SIZE;
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e3b4ae5d/gremlin-server/conf/gremlin-server-rest-secure.yaml
----------------------------------------------------------------------
diff --git a/gremlin-server/conf/gremlin-server-rest-secure.yaml b/gremlin-server/conf/gremlin-server-rest-secure.yaml
index ab21b33..fcfbba1 100644
--- a/gremlin-server/conf/gremlin-server-rest-secure.yaml
+++ b/gremlin-server/conf/gremlin-server-rest-secure.yaml
@@ -69,4 +69,8 @@ authentication: {
config: {
credentialsDb: conf/tinkergraph-credentials.properties}}
ssl: {
- enabled: true}
+ enabled: true,
+ # You must configure a keyStore!
+ #keyStore: server.jks,
+ #keyStorePassword: changeit
+}
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e3b4ae5d/gremlin-server/conf/gremlin-server-secure.yaml
----------------------------------------------------------------------
diff --git a/gremlin-server/conf/gremlin-server-secure.yaml b/gremlin-server/conf/gremlin-server-secure.yaml
index 42a7785..af46c59 100644
--- a/gremlin-server/conf/gremlin-server-secure.yaml
+++ b/gremlin-server/conf/gremlin-server-secure.yaml
@@ -73,4 +73,8 @@ authentication: {
config: {
credentialsDb: conf/tinkergraph-credentials.properties}}
ssl: {
- enabled: true}
+ enabled: true,
+ # You must configure a keyStore!
+ #keyStore: server.jks,
+ #keyStorePassword: changeit
+}
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e3b4ae5d/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/AbstractChannelizer.java
----------------------------------------------------------------------
diff --git a/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/AbstractChannelizer.java b/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/AbstractChannelizer.java
index edea752..2a29fec 100644
--- a/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/AbstractChannelizer.java
+++ b/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/AbstractChannelizer.java
@@ -22,7 +22,6 @@ import io.netty.channel.EventLoopGroup;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslProvider;
-import io.netty.handler.ssl.util.SelfSignedCertificate;
import io.netty.handler.timeout.IdleStateHandler;
import org.apache.tinkerpop.gremlin.driver.MessageSerializer;
import org.apache.tinkerpop.gremlin.driver.ser.AbstractGryoMessageSerializerV1d0;
@@ -43,8 +42,18 @@ import org.javatuples.Pair;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLException;
+import javax.net.ssl.TrustManagerFactory;
+
import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import java.util.Collections;
@@ -258,7 +267,7 @@ public abstract class AbstractChannelizer extends ChannelInitializer<SocketChann
}
}
- private SslContext createSSLContext(final Settings settings) {
+ private SslContext createSSLContext(final Settings settings) {
final Settings.SslSettings sslSettings = settings.ssl;
if (sslSettings.getSslContext().isPresent()) {
@@ -270,25 +279,62 @@ public abstract class AbstractChannelizer extends ChannelInitializer<SocketChann
final SslContextBuilder builder;
- // if the config doesn't contain a cert or key then use a self signed cert - not suitable for production
- if (null == sslSettings.keyCertChainFile || null == sslSettings.keyFile) {
- try {
- logger.warn("Enabling SSL with self-signed certificate (NOT SUITABLE FOR PRODUCTION)");
- final SelfSignedCertificate ssc = new SelfSignedCertificate();
- builder = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey());
- } catch (CertificateException ce) {
- logger.error("There was an error creating the self-signed certificate for SSL - SSL is not enabled", ce);
- return null;
- }
- } else {
+ // DEPRECATED: If the config has the required, deprecated settings, then use it
+ if (null != sslSettings.keyCertChainFile && null != sslSettings.keyFile) {
+ logger.warn("Using deprecated SSL keyFile support");
final File keyCertChainFile = new File(sslSettings.keyCertChainFile);
final File keyFile = new File(sslSettings.keyFile);
final File trustCertChainFile = null == sslSettings.trustCertChainFile ? null : new File(sslSettings.trustCertChainFile);
- // note that keyPassword may be null here if the keyFile is not password-protected. passing null to
+ // note that keyPassword may be null here if the keyFile is not
+ // password-protected. passing null to
// trustManager is also ok (default will be used)
- builder = SslContextBuilder.forServer(keyCertChainFile, keyFile, sslSettings.keyPassword)
- .trustManager(trustCertChainFile);
+ builder = SslContextBuilder.forServer(keyCertChainFile, keyFile, sslSettings.keyPassword).trustManager(trustCertChainFile);
+ } else {
+
+ // Build JSSE SSLContext
+ try {
+ final KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+
+ // Load private key and signed cert
+ if (null != sslSettings.keyStore) {
+ final String keyStoreType = null == sslSettings.keyStoreType ? KeyStore.getDefaultType() : sslSettings.keyStoreType;
+ final KeyStore keystore = KeyStore.getInstance(keyStoreType);
+ final char[] password = null == sslSettings.keyStorePassword ? null : sslSettings.keyStorePassword.toCharArray();
+ try (final InputStream in = new FileInputStream(sslSettings.keyStore)) {
+ keystore.load(in, password);
+ }
+ kmf.init(keystore, password);
+ }
+
+ builder = SslContextBuilder.forServer(kmf);
+
+ // Load custom truststore for client auth certs
+ if (null != sslSettings.trustStore) {
+ final String keystoreType = null == sslSettings.keyStoreType ? KeyStore.getDefaultType() : sslSettings.keyStoreType;
+ final KeyStore truststore = KeyStore.getInstance(keystoreType);
+ final char[] password = null == sslSettings.trustStorePassword ? null : sslSettings.trustStorePassword.toCharArray();
+ try (final InputStream in = new FileInputStream(sslSettings.trustStore)) {
+ truststore.load(in, password);
+ }
+ final TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ tmf.init(truststore);
+ builder.trustManager(tmf);
+ }
+
+ } catch (UnrecoverableKeyException | NoSuchAlgorithmException | KeyStoreException | CertificateException | IOException e) {
+ logger.error("There was an error enabling SSL.", e);
+ return null;
+ }
+
+ }
+
+ if (null != sslSettings.sslCipherSuites && !sslSettings.sslCipherSuites.isEmpty()) {
+ builder.ciphers(sslSettings.sslCipherSuites);
+ }
+
+ if (null != sslSettings.sslEnabledProtocols && !sslSettings.sslEnabledProtocols.isEmpty()) {
+ builder.protocols(sslSettings.sslEnabledProtocols.toArray(new String[] {}));
}
builder.clientAuth(sslSettings.needClientAuth).sslProvider(provider);
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e3b4ae5d/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
----------------------------------------------------------------------
diff --git a/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java b/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
index 74a5a1a..c918f8b 100644
--- a/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
+++ b/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
@@ -450,34 +450,86 @@ public class Settings {
*/
public static class SslSettings {
/**
- * Enables SSL. Other settings will be ignored unless this is set to true. By default a self-signed
- * certificate is used (not suitable for production) for SSL. To override this setting, be sure to set
- * the {@link #keyCertChainFile} and the {@link #keyFile}.
+ * Enables SSL. Other SSL settings will be ignored unless this is set to true.
*/
public boolean enabled = false;
/**
* The X.509 certificate chain file in PEM format.
+ *
+ * @deprecated Use JSSE-based settings
*/
+ @Deprecated
public String keyCertChainFile = null;
/**
* The PKCS#8 private key file in PEM format.
+ *
+ * @deprecated Use JSSE-based settings
*/
+ @Deprecated
public String keyFile = null;
/**
- * The password of the {@link #keyFile}, or {@code null} if it's not password-protected.
+ * The password of the {@link #keyFile}, or {@code null} if it's not
+ * password-protected.
+ *
+ * @deprecated Use JSSE-based settings
*/
+ @Deprecated
public String keyPassword = null;
/**
- * Trusted certificates for verifying the remote endpoint's certificate. The file should
- * contain an X.509 certificate chain in PEM format. {@code null} uses the system default.
+ * Trusted certificates for verifying the remote endpoint's certificate. The
+ * file should contain an X.509 certificate chain in PEM format. {@code null}
+ * uses the system default.
+ *
+ * @deprecated Use JSSE-based settings
*/
+ @Deprecated
public String trustCertChainFile = null;
/**
+ * JSSE keystore file path. Similar to setting JSSE property
+ * {@code javax.net.ssl.keyStore}.
+ */
+ public String keyStore;
+
+ /**
+ * JSSE keystore password. Similar to setting JSSE property
+ * {@code javax.net.ssl.keyStorePassword}.
+ */
+ public String keyStorePassword;
+
+ /**
+ * JSSE truststore file path. Similar to setting JSSE property
+ * {@code javax.net.ssl.trustStore}.
+ */
+ public String trustStore;
+
+ /**
+ * JSSE truststore password. Similar to setting JSSE property
+ * {@code javax.net.ssl.trustStorePassword}.
+ */
+ public String trustStorePassword;
+
+ /**
+ * JSSE keystore format. Similar to setting JSSE property
+ * {@code javax.net.ssl.keyStoreType}.
+ */
+ public String keyStoreType;
+
+ /**
+ * @see <a href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSE_Protocols">JSSE Protocols</a>
+ */
+ public List<String> sslEnabledProtocols = new ArrayList<>();
+
+ /**
+ * @see <a href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SupportedCipherSuites">Cipher Suites</a>
+ */
+ public List<String> sslCipherSuites = new ArrayList<>();
+
+ /**
* Require client certificate authentication
*/
public ClientAuth needClientAuth = ClientAuth.NONE;
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e3b4ae5d/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/AbstractGremlinServerIntegrationTest.java
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/AbstractGremlinServerIntegrationTest.java b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/AbstractGremlinServerIntegrationTest.java
index f11a045..0543a59 100644
--- a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/AbstractGremlinServerIntegrationTest.java
+++ b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/AbstractGremlinServerIntegrationTest.java
@@ -38,6 +38,13 @@ import static org.junit.Assume.assumeThat;
* @author Stephen Mallette (http://stephen.genoprime.com)
*/
public abstract class AbstractGremlinServerIntegrationTest {
+
+ public static final String KEY_PASS = "changeit";
+ public static final String JKS_SERVER_KEY = "src/test/resources/server.jks";
+ public static final String JKS_CLIENT_KEY = "src/test/resources/client.jks";
+ public static final String P12_SERVER_KEY = "src/test/resources/server.p12";
+ public static final String P12_CLIENT_KEY = "src/test/resources/client.p12";
+
protected GremlinServer server;
private Settings overriddenSettings;
private final static String epollOption = "gremlin.server.epoll";
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e3b4ae5d/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerAuthIntegrateTest.java
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerAuthIntegrateTest.java b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerAuthIntegrateTest.java
index e06bbb7..b4d979a 100644
--- a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerAuthIntegrateTest.java
+++ b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerAuthIntegrateTest.java
@@ -66,6 +66,8 @@ public class GremlinServerAuthIntegrateTest extends AbstractGremlinServerIntegra
case "shouldFailIfSslEnabledOnServerButNotClient":
final Settings.SslSettings sslConfig = new Settings.SslSettings();
sslConfig.enabled = true;
+ sslConfig.keyStore = JKS_SERVER_KEY;
+ sslConfig.keyStorePassword = KEY_PASS;
settings.ssl = sslConfig;
break;
}
@@ -107,7 +109,7 @@ public class GremlinServerAuthIntegrateTest extends AbstractGremlinServerIntegra
@Test
public void shouldAuthenticateOverSslWithPlainText() throws Exception {
final Cluster cluster = TestClientFactory.build()
- .enableSsl(true)
+ .enableSsl(true).sslSkipCertValidation(true)
.credentials("stephen", "password").create();
final Client client = cluster.connect();
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e3b4ae5d/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerAuthOldIntegrateTest.java
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerAuthOldIntegrateTest.java b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerAuthOldIntegrateTest.java
index b26dd1e..10755f1 100644
--- a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerAuthOldIntegrateTest.java
+++ b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerAuthOldIntegrateTest.java
@@ -69,6 +69,8 @@ public class GremlinServerAuthOldIntegrateTest extends AbstractGremlinServerInte
case "shouldFailIfSslEnabledOnServerButNotClient":
final Settings.SslSettings sslConfig = new Settings.SslSettings();
sslConfig.enabled = true;
+ sslConfig.keyStore = JKS_SERVER_KEY;
+ sslConfig.keyStorePassword = KEY_PASS;
settings.ssl = sslConfig;
break;
}
@@ -110,7 +112,7 @@ public class GremlinServerAuthOldIntegrateTest extends AbstractGremlinServerInte
@Test
public void shouldAuthenticateOverSslWithPlainText() throws Exception {
final Cluster cluster = TestClientFactory.build()
- .enableSsl(true)
+ .enableSsl(true).keyStore(JKS_SERVER_KEY).keyStorePassword(KEY_PASS).sslSkipCertValidation(true)
.credentials("stephen", "password").create();
final Client client = cluster.connect();
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e3b4ae5d/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerIntegrateTest.java
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerIntegrateTest.java b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerIntegrateTest.java
index eb5def9..238d2b2 100644
--- a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerIntegrateTest.java
+++ b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerIntegrateTest.java
@@ -110,11 +110,10 @@ import static org.junit.Assert.assertEquals;
*/
public class GremlinServerIntegrateTest extends AbstractGremlinServerIntegrationTest {
- private static final String SERVER_KEY = "src/test/resources/server.key.pk8";
- private static final String SERVER_CRT = "src/test/resources/server.crt";
- private static final String KEY_PASS = "changeit";
- private static final String CLIENT_KEY = "src/test/resources/client.key.pk8";
- private static final String CLIENT_CRT = "src/test/resources/client.crt";
+ private static final String PEM_SERVER_KEY = "src/test/resources/server.key.pk8";
+ private static final String PEM_SERVER_CRT = "src/test/resources/server.crt";
+ private static final String PEM_CLIENT_KEY = "src/test/resources/client.key.pk8";
+ private static final String PEM_CLIENT_CRT = "src/test/resources/client.crt";
private Level previousLogLevel;
private Log4jRecordingAppender recordingAppender = null;
@@ -194,6 +193,8 @@ public class GremlinServerIntegrateTest extends AbstractGremlinServerIntegration
case "shouldEnableSslButFailIfClientConnectsWithoutIt":
settings.ssl = new Settings.SslSettings();
settings.ssl.enabled = true;
+ settings.ssl.keyStore = JKS_SERVER_KEY;
+ settings.ssl.keyStorePassword = KEY_PASS;
break;
case "shouldEnableSslWithSslContextProgrammaticallySpecified":
settings.ssl = new Settings.SslSettings();
@@ -204,31 +205,31 @@ public class GremlinServerIntegrateTest extends AbstractGremlinServerIntegration
settings.ssl = new Settings.SslSettings();
settings.ssl.enabled = true;
settings.ssl.needClientAuth = ClientAuth.REQUIRE;
- settings.ssl.keyCertChainFile = SERVER_CRT;
- settings.ssl.keyFile = SERVER_KEY;
+ settings.ssl.keyCertChainFile = PEM_SERVER_CRT;
+ settings.ssl.keyFile = PEM_SERVER_KEY;
settings.ssl.keyPassword =KEY_PASS;
// Trust the client
- settings.ssl.trustCertChainFile = CLIENT_CRT;
+ settings.ssl.trustCertChainFile = PEM_CLIENT_CRT;
break;
case "shouldEnableSslAndClientCertificateAuthAndFailWithoutCert":
settings.ssl = new Settings.SslSettings();
settings.ssl.enabled = true;
settings.ssl.needClientAuth = ClientAuth.REQUIRE;
- settings.ssl.keyCertChainFile = SERVER_CRT;
- settings.ssl.keyFile = SERVER_KEY;
+ settings.ssl.keyCertChainFile = PEM_SERVER_CRT;
+ settings.ssl.keyFile = PEM_SERVER_KEY;
settings.ssl.keyPassword =KEY_PASS;
// Trust the client
- settings.ssl.trustCertChainFile = CLIENT_CRT;
+ settings.ssl.trustCertChainFile = PEM_CLIENT_CRT;
break;
case "shouldEnableSslAndClientCertificateAuthAndFailWithoutTrustedClientCert":
settings.ssl = new Settings.SslSettings();
settings.ssl.enabled = true;
settings.ssl.needClientAuth = ClientAuth.REQUIRE;
- settings.ssl.keyCertChainFile = SERVER_CRT;
- settings.ssl.keyFile = SERVER_KEY;
+ settings.ssl.keyCertChainFile = PEM_SERVER_CRT;
+ settings.ssl.keyFile = PEM_SERVER_KEY;
settings.ssl.keyPassword =KEY_PASS;
// Trust ONLY the server cert
- settings.ssl.trustCertChainFile = SERVER_CRT;
+ settings.ssl.trustCertChainFile = PEM_SERVER_CRT;
break;
case "shouldUseSimpleSandbox":
settings.scriptEngines.get("gremlin-groovy").config = getScriptEngineConfForSimpleSandbox();
@@ -485,7 +486,7 @@ public class GremlinServerIntegrateTest extends AbstractGremlinServerIntegration
@Test
public void shouldEnableSsl() {
- final Cluster cluster = TestClientFactory.build().enableSsl(true).create();
+ final Cluster cluster = TestClientFactory.build().enableSsl(true).keyStore(JKS_SERVER_KEY).keyStorePassword(KEY_PASS).sslSkipCertValidation(true).create();
final Client client = cluster.connect();
try {
@@ -533,8 +534,8 @@ public class GremlinServerIntegrateTest extends AbstractGremlinServerIntegration
@Test
public void shouldEnableSslAndClientCertificateAuth() {
final Cluster cluster = TestClientFactory.build().enableSsl(true)
- .keyCertChainFile(CLIENT_CRT).keyFile(CLIENT_KEY)
- .keyPassword(KEY_PASS).trustCertificateChainFile(SERVER_CRT).create();
+ .keyCertChainFile(PEM_CLIENT_CRT).keyFile(PEM_CLIENT_KEY)
+ .keyPassword(KEY_PASS).trustCertificateChainFile(PEM_SERVER_CRT).create();
final Client client = cluster.connect();
try {
@@ -546,7 +547,7 @@ public class GremlinServerIntegrateTest extends AbstractGremlinServerIntegration
@Test
public void shouldEnableSslAndClientCertificateAuthAndFailWithoutCert() {
- final Cluster cluster = TestClientFactory.build().enableSsl(true).create();
+ final Cluster cluster = TestClientFactory.build().enableSsl(true).keyStore(JKS_SERVER_KEY).keyStorePassword(KEY_PASS).sslSkipCertValidation(true).create();
final Client client = cluster.connect();
try {
@@ -563,8 +564,8 @@ public class GremlinServerIntegrateTest extends AbstractGremlinServerIntegration
@Test
public void shouldEnableSslAndClientCertificateAuthAndFailWithoutTrustedClientCert() {
final Cluster cluster = TestClientFactory.build().enableSsl(true)
- .keyCertChainFile(CLIENT_CRT).keyFile(CLIENT_KEY)
- .keyPassword(KEY_PASS).trustCertificateChainFile(SERVER_CRT).create();
+ .keyCertChainFile(PEM_CLIENT_CRT).keyFile(PEM_CLIENT_KEY)
+ .keyPassword(KEY_PASS).trustCertificateChainFile(PEM_SERVER_CRT).create();
final Client client = cluster.connect();
try {
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e3b4ae5d/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/channel/AbstractGremlinServerChannelizerIntegrateTest.java
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/channel/AbstractGremlinServerChannelizerIntegrateTest.java b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/channel/AbstractGremlinServerChannelizerIntegrateTest.java
index 738ca89..300a7f4 100644
--- a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/channel/AbstractGremlinServerChannelizerIntegrateTest.java
+++ b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/channel/AbstractGremlinServerChannelizerIntegrateTest.java
@@ -100,6 +100,8 @@ abstract class AbstractGremlinServerChannelizerIntegrateTest extends AbstractGre
case "shouldWorkWithSSL":
settings.ssl = new Settings.SslSettings();
settings.ssl.enabled = true;
+ settings.ssl.keyStore = JKS_SERVER_KEY;
+ settings.ssl.keyStorePassword = KEY_PASS;
break;
case "shouldWorkWithAuth":
if (authSettings != null) {
@@ -109,6 +111,8 @@ abstract class AbstractGremlinServerChannelizerIntegrateTest extends AbstractGre
case "shouldWorkWithSSLAndAuth":
settings.ssl = new Settings.SslSettings();
settings.ssl.enabled = true;
+ settings.ssl.keyStore = JKS_SERVER_KEY;
+ settings.ssl.keyStorePassword = KEY_PASS;
if (authSettings != null) {
settings.authentication = getAuthSettings();
}
@@ -304,7 +308,7 @@ abstract class AbstractGremlinServerChannelizerIntegrateTest extends AbstractGre
.with(Property.USERNAME, username)
.with(Property.PASSWORD, password);
- nioCluster = nioBuilder.enableSsl(secure).authProperties(authProps).create();
+ nioCluster = nioBuilder.enableSsl(secure).sslSkipCertValidation(true).authProperties(authProps).create();
nioClient = nioCluster.connect();
} else {
nioCluster = nioBuilder.enableSsl(secure).create();
@@ -318,10 +322,10 @@ abstract class AbstractGremlinServerChannelizerIntegrateTest extends AbstractGre
.with(Property.USERNAME, username)
.with(Property.PASSWORD, password);
- wsCluster = wsBuilder.enableSsl(secure).authProperties(authProps).create();
+ wsCluster = wsBuilder.enableSsl(secure).sslSkipCertValidation(true).authProperties(authProps).create();
wsClient = wsCluster.connect();
} else {
- wsCluster = wsBuilder.enableSsl(secure).create();
+ wsCluster = wsBuilder.enableSsl(secure).sslSkipCertValidation(true).create();
wsClient = wsCluster.connect();
}
}
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e3b4ae5d/gremlin-server/src/test/resources/server.jks
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/resources/server.jks b/gremlin-server/src/test/resources/server.jks
new file mode 100644
index 0000000..85dbe67
Binary files /dev/null and b/gremlin-server/src/test/resources/server.jks differ
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/e3b4ae5d/gremlin-server/src/test/resources/server.p12
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/resources/server.p12 b/gremlin-server/src/test/resources/server.p12
new file mode 100644
index 0000000..4d1aad7
Binary files /dev/null and b/gremlin-server/src/test/resources/server.p12 differ
[06/16] tinkerpop git commit: TINKERPOP-1945 Updated changelog for
additional exteded types for .NET
Posted by rd...@apache.org.
TINKERPOP-1945 Updated changelog for additional exteded types for .NET
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/1eb418f3
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/1eb418f3
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/1eb418f3
Branch: refs/heads/TINKERPOP-2023
Commit: 1eb418f3f9be0d8e373c06115fdfbda0700b79d4
Parents: ddeaf41
Author: Stephen Mallette <sp...@genoprime.com>
Authored: Mon Aug 13 10:46:21 2018 -0400
Committer: Stephen Mallette <sp...@genoprime.com>
Committed: Mon Aug 13 11:17:28 2018 -0400
----------------------------------------------------------------------
CHANGELOG.asciidoc | 1 +
1 file changed, 1 insertion(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/1eb418f3/CHANGELOG.asciidoc
----------------------------------------------------------------------
diff --git a/CHANGELOG.asciidoc b/CHANGELOG.asciidoc
index 79db967..f9b8b2f 100644
--- a/CHANGELOG.asciidoc
+++ b/CHANGELOG.asciidoc
@@ -29,6 +29,7 @@ image::https://raw.githubusercontent.com/apache/tinkerpop/master/docs/static/ima
* Match numbers in `choose()` options using `NumberHelper` (match values, ignore data type).
* Added support for GraphSON serialization of `Date` in Javascript.
* Added better internal processing of `Column` in `by(Function)`.
+* Added support for additional extended types in Gremlin.Net with `decimal`, `TimeSpan`, `BigInteger`, `byte`, `byte[]`, `char` and `short`.
* Fixed bug in Java driver where an disorderly shutdown of the server would cause the client to hang.
* Added a dotnet template project that should make it easier to get started with Gremlin.Net.
* Removed `ThreadInterruptCustomizerProvider` from documentation as a way to timeout.
[15/16] tinkerpop git commit: TINKERPOP-2023 updated docs
Posted by rd...@apache.org.
TINKERPOP-2023 updated docs
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/5d893cfa
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/5d893cfa
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/5d893cfa
Branch: refs/heads/TINKERPOP-2023
Commit: 5d893cfada0e257be1b6561faaad74c66e9cf636
Parents: ca83fbd
Author: Robert Dale <ro...@gmail.com>
Authored: Sun Aug 12 22:23:33 2018 -0400
Committer: Robert Dale <ro...@gmail.com>
Committed: Fri Aug 17 15:06:33 2018 -0400
----------------------------------------------------------------------
.../src/reference/gremlin-applications.asciidoc | 27 +++++++++++++++-----
1 file changed, 21 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/5d893cfa/docs/src/reference/gremlin-applications.asciidoc
----------------------------------------------------------------------
diff --git a/docs/src/reference/gremlin-applications.asciidoc b/docs/src/reference/gremlin-applications.asciidoc
index f4f50c1..1f64f46 100644
--- a/docs/src/reference/gremlin-applications.asciidoc
+++ b/docs/src/reference/gremlin-applications.asciidoc
@@ -732,7 +732,10 @@ The following table describes the various configuration options for the Gremlin
|connectionPool.keepAliveInterval |Length of time in milliseconds to wait on an idle connection before sending a keep-alive request. Set to zero to disable this feature. |1800000
|connectionPool.keyCertChainFile |The X.509 certificate chain file in PEM format. |_none_
|connectionPool.keyFile |The `PKCS#8` private key file in PEM format. |_none_
-|connectionPool.keyPassword |The password of the `keyFile` if it is password-protected |_none_
+|connectionPool.keyPassword |The password of the `keyFile` if it is password-protected. |_none_
+|connectionPool.keyStore |The private key in JKS or PKCS#12 format. |_none_
+|connectionPool.keyStorePassword |The password of the `keyStore` if it is password-protected. |_none_
+|connectionPool.keyStoreType |JKS (Java 8 default) or PKCS#12 (Java 9+ default)|_none_
|connectionPool.maxContentLength |The maximum length in bytes that a message can be sent to the server. This number can be no greater than the setting of the same name in the server configuration. |65536
|connectionPool.maxInProcessPerConnection |The maximum number of in-flight requests that can occur on a connection. |4
|connectionPool.maxSimultaneousUsagePerConnection |The maximum number of times that a connection can be borrowed from the pool simultaneously. |16
@@ -745,7 +748,12 @@ The following table describes the various configuration options for the Gremlin
|connectionPool.reconnectInitialDelay |The amount of time in milliseconds to wait before trying to reconnect to a dead host for the first time. |1000
|connectionPool.reconnectInterval |The amount of time in milliseconds to wait before trying to reconnect to a dead host. This interval occurs after the time specified by the `reconnectInitialDelay`. |1000
|connectionPool.resultIterationBatchSize |The override value for the size of the result batches to be returned from the server. |64
-|connectionPool.trustCertChainFile |File location for a SSL Certificate Chain to use when SSL is enabled. If this value is not provided and SSL is enabled, the `TrustManager` will be established with a self-signed certificate which is NOT suitable for production purposes. |_none_
+|connectionPool.sslCipherSuites |The list of JSSE ciphers to support for SSL connections. If specified, only the ciphers that are listed and supported will be enabled. If not specified, the JVM default is used. |_none_
+|connectionPool.sslEnabledProtocols |The list of SSL protocols to support for SSL connections. If specified, only the protocols that are listed and supported will be enabled. If not specified, the JVM default is used. |_none_
+|connectionPool.sslSkipCertValidation |Configures the `TrustManager` to trust all certs without any validation. Should not be used in production.|false
+|connectionPool.trustCertChainFile |File location for a SSL Certificate Chain to use when SSL is enabled. If this value is not provided and SSL is enabled, the default `TrustManager` will be uesd. |_none_
+|connectionPool.trustStore |File location for a SSL Certificate Chain to use when SSL is enabled. If this value is not provided and SSL is enabled, the default `TrustManager` will be used. |_none_
+|connectionPool.trustStorePassword |The password of the `trustStore` if it is password-protected |_none_
|hosts |The list of hosts that the driver will connect to. |localhost
|jaasEntry |Sets the `AuthProperties.Property.JAAS_ENTRY` properties for authentication to Gremlin Server. |_none_
|nioPoolSize |Size of the pool for handling request/response operations. |available processors
@@ -1148,11 +1156,18 @@ The following table describes the various configuration options that Gremlin Ser
|serializers[X].className |The full class name of the `MessageSerializer` implementation. |_none_
|serializers[X].config |A `Map` containing `MessageSerializer` specific configurations. |_none_
|ssl.enabled |Determines if SSL is turned on or not. |false
-|ssl.keyCertChainFile |The X.509 certificate chain file in PEM format. If this value is not present and `ssl.enabled` is `true` a self-signed certificate will be used (not suitable for production). |_none_
-|ssl.keyFile |The `PKCS#8` private key file in PEM format. If this value is not present and `ssl.enabled` is `true` a self-signed certificate will be used (not suitable for production). |_none_
-|ssl.keyPassword |The password of the `keyFile` if it is password-protected |_none_
+|ssl.keyCertChainFile |The X.509 certificate chain file in PEM format.|_none_
+|ssl.keyFile |The `PKCS#8` private key file in PEM format.|_none_
+|ssl.keyPassword |The password of the `keyFile` if it is password-protected. |_none_
+|ssl.keyStore |The private key in JKS or PKCS#12 format. |_none_
+|ssl.keyStorePassword |The password of the `keyStore` if it is password-protected. |_none_
+|ssl.keyStoreType |JKS (Java 8 default) or PKCS#12 (Java 9+ default) |_none_
|ssl.needClientAuth | Optional. One of NONE, OPTIONAL, REQUIRE. Enables client certificate authentication at the enforcement level specified. Can be used in combination with Authenticator. |_none_
+|ssl.sslCipherSuites |The list of JSSE ciphers to support for SSL connections. If specified, only the ciphers that are listed and supported will be enabled. If not specified, the JVM default is used. |_none_
+|ssl.sslEnabledProtocols |The list of SSL protocols to support for SSL connections. If specified, only the protocols that are listed and supported will be enabled. If not specified, the JVM default is used. |_none_
|ssl.trustCertChainFile | Required when needClientAuth is OPTIONAL or REQUIRE. Trusted certificates for verifying the remote endpoint's certificate. The file should contain an X.509 certificate chain in PEM format. |_none_
+|ssl.trustStore |Required when needClientAuth is OPTIONAL or REQUIRE. Trusted certificates for verifying the remote endpoint's certificate. If this value is not provided and SSL is enabled, the default `TrustManager` will be used. |_none_
+|ssl.trustStorePassword |The password of the `trustStore` if it is password-protected |_none_
|strictTransactionManagement |Set to `true` to require `aliases` to be submitted on every requests, where the `aliases` become the scope of transaction management. |false
|threadPoolBoss |The number of threads available to Gremlin Server for accepting connections. Should always be set to `1`. |1
|threadPoolWorker |The number of threads available to Gremlin Server for processing non-blocking reads and writes. |1
@@ -1944,7 +1959,7 @@ The Gremlin Server can also be started as a link:https://hub.docker.com/r/tinker
[source,text]
----
$ docker run tinkerpop/gremlin-server:x.y.z
-[INFO] GremlinServer -
+[INFO] GremlinServer -
\,,,/
(o o)
-----oOOo-(3)-oOOo-----
[11/16] tinkerpop git commit: TINKERPOP-2023 added tests and some
fixes
Posted by rd...@apache.org.
TINKERPOP-2023 added tests and some fixes
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/d05e3c56
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/d05e3c56
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/d05e3c56
Branch: refs/heads/TINKERPOP-2023
Commit: d05e3c566b580f5aee020234e17b69df3f708b7a
Parents: 5d893cf
Author: Robert Dale <ro...@gmail.com>
Authored: Mon Aug 13 15:28:40 2018 -0400
Committer: Robert Dale <ro...@gmail.com>
Committed: Fri Aug 17 15:06:33 2018 -0400
----------------------------------------------------------------------
.../src/reference/gremlin-applications.asciidoc | 2 +-
.../tinkerpop/gremlin/driver/Settings.java | 28 ++-
.../tinkerpop/gremlin/driver/SettingsTest.java | 17 ++
.../AbstractGremlinServerIntegrationTest.java | 14 +-
.../server/GremlinServerIntegrateTest.java | 192 +++++++++++++++++--
...ctGremlinServerChannelizerIntegrateTest.java | 2 +
.../src/test/resources/client-key.jks | Bin 0 -> 2241 bytes
.../src/test/resources/client-key.p12 | Bin 0 -> 2583 bytes
.../src/test/resources/client-trust.jks | Bin 0 -> 969 bytes
.../src/test/resources/client-trust.p12 | Bin 0 -> 1202 bytes
.../src/test/resources/server-key.jks | Bin 0 -> 2258 bytes
.../src/test/resources/server-key.p12 | Bin 0 -> 2613 bytes
.../src/test/resources/server-trust.jks | Bin 0 -> 952 bytes
.../src/test/resources/server-trust.p12 | Bin 0 -> 1186 bytes
gremlin-server/src/test/resources/server.jks | Bin 2258 -> 0 bytes
gremlin-server/src/test/resources/server.p12 | Bin 2613 -> 0 bytes
16 files changed, 228 insertions(+), 27 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d05e3c56/docs/src/reference/gremlin-applications.asciidoc
----------------------------------------------------------------------
diff --git a/docs/src/reference/gremlin-applications.asciidoc b/docs/src/reference/gremlin-applications.asciidoc
index 1f64f46..8ad8a0a 100644
--- a/docs/src/reference/gremlin-applications.asciidoc
+++ b/docs/src/reference/gremlin-applications.asciidoc
@@ -735,7 +735,7 @@ The following table describes the various configuration options for the Gremlin
|connectionPool.keyPassword |The password of the `keyFile` if it is password-protected. |_none_
|connectionPool.keyStore |The private key in JKS or PKCS#12 format. |_none_
|connectionPool.keyStorePassword |The password of the `keyStore` if it is password-protected. |_none_
-|connectionPool.keyStoreType |JKS (Java 8 default) or PKCS#12 (Java 9+ default)|_none_
+|connectionPool.keyStoreType |`JKS` (Java 8 default) or `PKCS12` (Java 9+ default)|_none_
|connectionPool.maxContentLength |The maximum length in bytes that a message can be sent to the server. This number can be no greater than the setting of the same name in the server configuration. |65536
|connectionPool.maxInProcessPerConnection |The maximum number of in-flight requests that can occur on a connection. |4
|connectionPool.maxSimultaneousUsagePerConnection |The maximum number of times that a connection can be borrowed from the pool simultaneously. |16
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d05e3c56/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Settings.java
----------------------------------------------------------------------
diff --git a/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Settings.java b/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Settings.java
index 009a0bf..4d54792 100644
--- a/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Settings.java
+++ b/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Settings.java
@@ -181,6 +181,32 @@ final class Settings {
if (connectionPoolConf.containsKey("trustCertChainFile"))
cpSettings.trustCertChainFile = connectionPoolConf.getString("trustCertChainFile");
+ if (connectionPoolConf.containsKey("keyStore"))
+ cpSettings.keyStore = connectionPoolConf.getString("keyStore");
+
+ if (connectionPoolConf.containsKey("keyStorePassword"))
+ cpSettings.keyStorePassword = connectionPoolConf.getString("keyStorePassword");
+
+ if (connectionPoolConf.containsKey("keyStoreType"))
+ cpSettings.keyStoreType = connectionPoolConf.getString("keyStoreType");
+
+ if (connectionPoolConf.containsKey("trustStore"))
+ cpSettings.trustStore = connectionPoolConf.getString("trustStore");
+
+ if (connectionPoolConf.containsKey("trustStorePassword"))
+ cpSettings.trustStorePassword = connectionPoolConf.getString("trustStorePassword");
+
+ if (connectionPoolConf.containsKey("sslEnabledProtocols"))
+ cpSettings.sslEnabledProtocols = connectionPoolConf.getList("sslEnabledProtocols").stream().map(Object::toString)
+ .collect(Collectors.toList());
+
+ if (connectionPoolConf.containsKey("sslCipherSuites"))
+ cpSettings.sslCipherSuites = connectionPoolConf.getList("sslCipherSuites").stream().map(Object::toString)
+ .collect(Collectors.toList());
+
+ if (connectionPoolConf.containsKey("sslSkipCertValidation"))
+ cpSettings.sslSkipCertValidation = connectionPoolConf.getBoolean("sslSkipCertValidation");
+
if (connectionPoolConf.containsKey("minSize"))
cpSettings.minSize = connectionPoolConf.getInt("minSize");
@@ -283,7 +309,7 @@ final class Settings {
public String trustStorePassword;
/**
- * JSSE keystore format. Similar to setting JSSE property
+ * JSSE keystore format. 'jks' or 'pkcs12'. Similar to setting JSSE property
* {@code javax.net.ssl.keyStoreType}.
*/
public String keyStoreType;
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d05e3c56/gremlin-driver/src/test/java/org/apache/tinkerpop/gremlin/driver/SettingsTest.java
----------------------------------------------------------------------
diff --git a/gremlin-driver/src/test/java/org/apache/tinkerpop/gremlin/driver/SettingsTest.java b/gremlin-driver/src/test/java/org/apache/tinkerpop/gremlin/driver/SettingsTest.java
index c373879..56e0ec8 100644
--- a/gremlin-driver/src/test/java/org/apache/tinkerpop/gremlin/driver/SettingsTest.java
+++ b/gremlin-driver/src/test/java/org/apache/tinkerpop/gremlin/driver/SettingsTest.java
@@ -49,6 +49,14 @@ public class SettingsTest {
conf.setProperty("connectionPool.keyFile", "PKCS#8");
conf.setProperty("connectionPool.keyPassword", "password1");
conf.setProperty("connectionPool.trustCertChainFile", "pem");
+ conf.setProperty("connectionPool.keyStore", "server.jks");
+ conf.setProperty("connectionPool.keyStorePassword", "password2");
+ conf.setProperty("connectionPool.keyStoreType", "pkcs12");
+ conf.setProperty("connectionPool.trustStore", "trust.jks");
+ conf.setProperty("connectionPool.trustStorePassword", "password3");
+ conf.setProperty("connectionPool.sslEnabledProtocols", Arrays.asList("TLSv1.1","TLSv1.2"));
+ conf.setProperty("connectionPool.sslCipherSuites", Arrays.asList("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"));
+ conf.setProperty("connectionPool.sslSkipCertValidation", true);
conf.setProperty("connectionPool.minSize", 100);
conf.setProperty("connectionPool.maxSize", 200);
conf.setProperty("connectionPool.minSimultaneousUsagePerConnection", 300);
@@ -71,6 +79,7 @@ public class SettingsTest {
assertEquals("password1", settings.password);
assertEquals("JaasIt", settings.jaasEntry);
assertEquals("protocol0", settings.protocol);
+ assertEquals(Arrays.asList("255.0.0.1", "255.0.0.2", "255.0.0.3"), settings.hosts);
assertEquals("my.serializers.MySerializer", settings.serializer.className);
assertEquals("thing", settings.serializer.config.get("any"));
assertEquals(true, settings.connectionPool.enableSsl);
@@ -78,6 +87,14 @@ public class SettingsTest {
assertEquals("PKCS#8", settings.connectionPool.keyFile);
assertEquals("password1", settings.connectionPool.keyPassword);
assertEquals("pem", settings.connectionPool.trustCertChainFile);
+ assertEquals("server.jks", settings.connectionPool.keyStore);
+ assertEquals("password2", settings.connectionPool.keyStorePassword);
+ assertEquals("pkcs12", settings.connectionPool.keyStoreType);
+ assertEquals("trust.jks", settings.connectionPool.trustStore);
+ assertEquals("password3", settings.connectionPool.trustStorePassword);
+ assertEquals(Arrays.asList("TLSv1.1","TLSv1.2"), settings.connectionPool.sslEnabledProtocols);
+ assertEquals(Arrays.asList("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"), settings.connectionPool.sslCipherSuites);
+ assertEquals(true, settings.connectionPool.sslSkipCertValidation);
assertEquals(100, settings.connectionPool.minSize);
assertEquals(200, settings.connectionPool.maxSize);
assertEquals(300, settings.connectionPool.minSimultaneousUsagePerConnection);
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d05e3c56/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/AbstractGremlinServerIntegrationTest.java
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/AbstractGremlinServerIntegrationTest.java b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/AbstractGremlinServerIntegrationTest.java
index 0543a59..c5e3966 100644
--- a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/AbstractGremlinServerIntegrationTest.java
+++ b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/AbstractGremlinServerIntegrationTest.java
@@ -40,10 +40,16 @@ import static org.junit.Assume.assumeThat;
public abstract class AbstractGremlinServerIntegrationTest {
public static final String KEY_PASS = "changeit";
- public static final String JKS_SERVER_KEY = "src/test/resources/server.jks";
- public static final String JKS_CLIENT_KEY = "src/test/resources/client.jks";
- public static final String P12_SERVER_KEY = "src/test/resources/server.p12";
- public static final String P12_CLIENT_KEY = "src/test/resources/client.p12";
+ public static final String JKS_SERVER_KEY = "src/test/resources/server-key.jks";
+ public static final String JKS_SERVER_TRUST = "src/test/resources/server-trust.jks";
+ public static final String JKS_CLIENT_KEY = "src/test/resources/client-key.jks";
+ public static final String JKS_CLIENT_TRUST = "src/test/resources/client-trust.jks";
+ public static final String P12_SERVER_KEY = "src/test/resources/server-key.p12";
+ public static final String P12_SERVER_TRUST = "src/test/resources/server-trust.p12";
+ public static final String P12_CLIENT_KEY = "src/test/resources/client-key.p12";
+ public static final String P12_CLIENT_TRUST = "src/test/resources/client-trust.p12";
+ public static final String KEYSTORE_TYPE_JKS = "jks";
+ public static final String KEYSTORE_TYPE_PKCS12 = "pkcs12";
protected GremlinServer server;
private Settings overriddenSettings;
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d05e3c56/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerIntegrateTest.java
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerIntegrateTest.java b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerIntegrateTest.java
index 238d2b2..a4e9478 100644
--- a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerIntegrateTest.java
+++ b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/GremlinServerIntegrateTest.java
@@ -74,6 +74,7 @@ import org.junit.Test;
import java.lang.reflect.Field;
import java.nio.channels.ClosedChannelException;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
@@ -195,42 +196,97 @@ public class GremlinServerIntegrateTest extends AbstractGremlinServerIntegration
settings.ssl.enabled = true;
settings.ssl.keyStore = JKS_SERVER_KEY;
settings.ssl.keyStorePassword = KEY_PASS;
+ settings.ssl.keyStoreType = KEYSTORE_TYPE_JKS;
break;
case "shouldEnableSslWithSslContextProgrammaticallySpecified":
settings.ssl = new Settings.SslSettings();
settings.ssl.enabled = true;
settings.ssl.overrideSslContext(createServerSslContext());
break;
- case "shouldEnableSslAndClientCertificateAuth":
+ case "shouldEnableSslAndClientCertificateAuthWithLegacyPem":
settings.ssl = new Settings.SslSettings();
settings.ssl.enabled = true;
settings.ssl.needClientAuth = ClientAuth.REQUIRE;
settings.ssl.keyCertChainFile = PEM_SERVER_CRT;
settings.ssl.keyFile = PEM_SERVER_KEY;
- settings.ssl.keyPassword =KEY_PASS;
+ settings.ssl.keyPassword = KEY_PASS;
// Trust the client
settings.ssl.trustCertChainFile = PEM_CLIENT_CRT;
- break;
- case "shouldEnableSslAndClientCertificateAuthAndFailWithoutCert":
+ break;
+ case "shouldEnableSslAndClientCertificateAuthAndFailWithoutCertWithLegacyPem":
settings.ssl = new Settings.SslSettings();
settings.ssl.enabled = true;
settings.ssl.needClientAuth = ClientAuth.REQUIRE;
settings.ssl.keyCertChainFile = PEM_SERVER_CRT;
settings.ssl.keyFile = PEM_SERVER_KEY;
- settings.ssl.keyPassword =KEY_PASS;
+ settings.ssl.keyPassword = KEY_PASS;
// Trust the client
settings.ssl.trustCertChainFile = PEM_CLIENT_CRT;
- break;
- case "shouldEnableSslAndClientCertificateAuthAndFailWithoutTrustedClientCert":
+ break;
+ case "shouldEnableSslAndClientCertificateAuthAndFailWithoutTrustedClientCertWithLegacyPem":
settings.ssl = new Settings.SslSettings();
settings.ssl.enabled = true;
settings.ssl.needClientAuth = ClientAuth.REQUIRE;
settings.ssl.keyCertChainFile = PEM_SERVER_CRT;
settings.ssl.keyFile = PEM_SERVER_KEY;
- settings.ssl.keyPassword =KEY_PASS;
+ settings.ssl.keyPassword = KEY_PASS;
// Trust ONLY the server cert
settings.ssl.trustCertChainFile = PEM_SERVER_CRT;
- break;
+ break;
+ case "shouldEnableSslAndClientCertificateAuthWithPkcs12":
+ settings.ssl = new Settings.SslSettings();
+ settings.ssl.enabled = true;
+ settings.ssl.needClientAuth = ClientAuth.REQUIRE;
+ settings.ssl.keyStore = P12_SERVER_KEY;
+ settings.ssl.keyStorePassword = KEY_PASS;
+ settings.ssl.keyStoreType = KEYSTORE_TYPE_PKCS12;
+ settings.ssl.trustStore = P12_SERVER_TRUST;
+ settings.ssl.trustStorePassword = KEY_PASS;
+ break;
+ case "shouldEnableSslAndClientCertificateAuth":
+ settings.ssl = new Settings.SslSettings();
+ settings.ssl.enabled = true;
+ settings.ssl.needClientAuth = ClientAuth.REQUIRE;
+ settings.ssl.keyStore = JKS_SERVER_KEY;
+ settings.ssl.keyStorePassword = KEY_PASS;
+ settings.ssl.keyStoreType = KEYSTORE_TYPE_JKS;
+ settings.ssl.trustStore = JKS_SERVER_TRUST;
+ settings.ssl.trustStorePassword = KEY_PASS;
+ break;
+ case "shouldEnableSslAndClientCertificateAuthAndFailWithoutCert":
+ settings.ssl = new Settings.SslSettings();
+ settings.ssl.enabled = true;
+ settings.ssl.needClientAuth = ClientAuth.REQUIRE;
+ settings.ssl.keyStore = JKS_SERVER_KEY;
+ settings.ssl.keyStorePassword = KEY_PASS;
+ settings.ssl.keyStoreType = KEYSTORE_TYPE_JKS;
+ settings.ssl.trustStore = JKS_SERVER_TRUST;
+ settings.ssl.trustStorePassword = KEY_PASS;
+ break;
+ case "shouldEnableSslAndClientCertificateAuthAndFailWithoutTrustedClientCert":
+ settings.ssl = new Settings.SslSettings();
+ settings.ssl.enabled = true;
+ settings.ssl.needClientAuth = ClientAuth.REQUIRE;
+ settings.ssl.keyStore = JKS_SERVER_KEY;
+ settings.ssl.keyStorePassword = KEY_PASS;
+ settings.ssl.keyStoreType = KEYSTORE_TYPE_JKS;
+ break;
+ case "shouldEnableSslAndFailIfProtocolsDontMatch":
+ settings.ssl = new Settings.SslSettings();
+ settings.ssl.enabled = true;
+ settings.ssl.keyStore = JKS_SERVER_KEY;
+ settings.ssl.keyStorePassword = KEY_PASS;
+ settings.ssl.keyStoreType = KEYSTORE_TYPE_JKS;
+ settings.ssl.sslEnabledProtocols = Arrays.asList("TLSv1.1");
+ break;
+ case "shouldEnableSslAndFailIfCiphersDontMatch":
+ settings.ssl = new Settings.SslSettings();
+ settings.ssl.enabled = true;
+ settings.ssl.keyStore = JKS_SERVER_KEY;
+ settings.ssl.keyStorePassword = KEY_PASS;
+ settings.ssl.keyStoreType = KEYSTORE_TYPE_JKS;
+ settings.ssl.sslCipherSuites = Arrays.asList("TLS_DHE_RSA_WITH_AES_128_CBC_SHA");
+ break;
case "shouldUseSimpleSandbox":
settings.scriptEngines.get("gremlin-groovy").config = getScriptEngineConfForSimpleSandbox();
break;
@@ -532,21 +588,21 @@ public class GremlinServerIntegrateTest extends AbstractGremlinServerIntegration
}
@Test
- public void shouldEnableSslAndClientCertificateAuth() {
- final Cluster cluster = TestClientFactory.build().enableSsl(true)
- .keyCertChainFile(PEM_CLIENT_CRT).keyFile(PEM_CLIENT_KEY)
- .keyPassword(KEY_PASS).trustCertificateChainFile(PEM_SERVER_CRT).create();
- final Client client = cluster.connect();
+ public void shouldEnableSslAndClientCertificateAuthWithLegacyPem() {
+ final Cluster cluster = TestClientFactory.build().enableSsl(true)
+ .keyCertChainFile(PEM_CLIENT_CRT).keyFile(PEM_CLIENT_KEY)
+ .keyPassword(KEY_PASS).trustCertificateChainFile(PEM_SERVER_CRT).create();
+ final Client client = cluster.connect();
try {
- assertEquals("test", client.submit("'test'").one().getString());
+ assertEquals("test", client.submit("'test'").one().getString());
} finally {
cluster.close();
}
}
@Test
- public void shouldEnableSslAndClientCertificateAuthAndFailWithoutCert() {
+ public void shouldEnableSslAndClientCertificateAuthAndFailWithoutCertWithLegacyPem() {
final Cluster cluster = TestClientFactory.build().enableSsl(true).keyStore(JKS_SERVER_KEY).keyStorePassword(KEY_PASS).sslSkipCertValidation(true).create();
final Client client = cluster.connect();
@@ -562,11 +618,11 @@ public class GremlinServerIntegrateTest extends AbstractGremlinServerIntegration
}
@Test
- public void shouldEnableSslAndClientCertificateAuthAndFailWithoutTrustedClientCert() {
- final Cluster cluster = TestClientFactory.build().enableSsl(true)
- .keyCertChainFile(PEM_CLIENT_CRT).keyFile(PEM_CLIENT_KEY)
- .keyPassword(KEY_PASS).trustCertificateChainFile(PEM_SERVER_CRT).create();
- final Client client = cluster.connect();
+ public void shouldEnableSslAndClientCertificateAuthAndFailWithoutTrustedClientCertWithLegacyPem() {
+ final Cluster cluster = TestClientFactory.build().enableSsl(true)
+ .keyCertChainFile(PEM_CLIENT_CRT).keyFile(PEM_CLIENT_KEY)
+ .keyPassword(KEY_PASS).trustCertificateChainFile(PEM_SERVER_CRT).create();
+ final Client client = cluster.connect();
try {
client.submit("'test'").one();
@@ -578,6 +634,100 @@ public class GremlinServerIntegrateTest extends AbstractGremlinServerIntegration
cluster.close();
}
}
+
+ @Test
+ public void shouldEnableSslAndClientCertificateAuthWithPkcs12() {
+ final Cluster cluster = TestClientFactory.build().enableSsl(true).keyStore(P12_CLIENT_KEY).keyStorePassword(KEY_PASS)
+ .keyStoreType(KEYSTORE_TYPE_PKCS12).trustStore(P12_CLIENT_TRUST).trustStorePassword(KEY_PASS).create();
+ final Client client = cluster.connect();
+
+ try {
+ assertEquals("test", client.submit("'test'").one().getString());
+ } finally {
+ cluster.close();
+ }
+ }
+
+ @Test
+ public void shouldEnableSslAndClientCertificateAuth() {
+ final Cluster cluster = TestClientFactory.build().enableSsl(true).keyStore(JKS_CLIENT_KEY).keyStorePassword(KEY_PASS)
+ .keyStoreType(KEYSTORE_TYPE_JKS).trustStore(JKS_CLIENT_TRUST).trustStorePassword(KEY_PASS).create();
+ final Client client = cluster.connect();
+
+ try {
+ assertEquals("test", client.submit("'test'").one().getString());
+ } finally {
+ cluster.close();
+ }
+ }
+
+ @Test
+ public void shouldEnableSslAndClientCertificateAuthAndFailWithoutCert() {
+ final Cluster cluster = TestClientFactory.build().enableSsl(true).keyStore(JKS_SERVER_KEY).keyStorePassword(KEY_PASS)
+ .keyStoreType(KEYSTORE_TYPE_JKS).sslSkipCertValidation(true).create();
+ final Client client = cluster.connect();
+
+ try {
+ client.submit("'test'").one();
+ fail("Should throw exception because ssl client auth is enabled on the server but client does not have a cert");
+ } catch (Exception x) {
+ final Throwable root = ExceptionUtils.getRootCause(x);
+ assertThat(root, instanceOf(TimeoutException.class));
+ } finally {
+ cluster.close();
+ }
+ }
+
+ @Test
+ public void shouldEnableSslAndClientCertificateAuthAndFailWithoutTrustedClientCert() {
+ final Cluster cluster = TestClientFactory.build().enableSsl(true).keyStore(JKS_CLIENT_KEY).keyStorePassword(KEY_PASS)
+ .keyStoreType(KEYSTORE_TYPE_JKS).trustStore(JKS_CLIENT_TRUST).trustStorePassword(KEY_PASS).create();
+ final Client client = cluster.connect();
+
+ try {
+ client.submit("'test'").one();
+ fail("Should throw exception because ssl client auth is enabled on the server but does not trust client's cert");
+ } catch (Exception x) {
+ final Throwable root = ExceptionUtils.getRootCause(x);
+ assertThat(root, instanceOf(TimeoutException.class));
+ } finally {
+ cluster.close();
+ }
+ }
+
+ @Test
+ public void shouldEnableSslAndFailIfProtocolsDontMatch() {
+ final Cluster cluster = TestClientFactory.build().enableSsl(true).keyStore(JKS_SERVER_KEY).keyStorePassword(KEY_PASS)
+ .sslSkipCertValidation(true).sslEnabledProtocols(Arrays.asList("TLSv1.2")).create();
+ final Client client = cluster.connect();
+
+ try {
+ client.submit("'test'").one();
+ fail("Should throw exception because ssl client requires TLSv1.2 whereas server supports only TLSv1.1");
+ } catch (Exception x) {
+ final Throwable root = ExceptionUtils.getRootCause(x);
+ assertThat(root, instanceOf(TimeoutException.class));
+ } finally {
+ cluster.close();
+ }
+ }
+
+ @Test
+ public void shouldEnableSslAndFailIfCiphersDontMatch() {
+ final Cluster cluster = TestClientFactory.build().enableSsl(true).keyStore(JKS_SERVER_KEY).keyStorePassword(KEY_PASS)
+ .sslSkipCertValidation(true).sslCipherSuites(Arrays.asList("SSL_RSA_WITH_RC4_128_SHA")).create();
+ final Client client = cluster.connect();
+
+ try {
+ client.submit("'test'").one();
+ fail("Should throw exception because ssl client requires TLSv1.2 whereas server supports only TLSv1.1");
+ } catch (Exception x) {
+ final Throwable root = ExceptionUtils.getRootCause(x);
+ assertThat(root, instanceOf(TimeoutException.class));
+ } finally {
+ cluster.close();
+ }
+ }
@Test
public void shouldRespectHighWaterMarkSettingAndSucceed() throws Exception {
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d05e3c56/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/channel/AbstractGremlinServerChannelizerIntegrateTest.java
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/channel/AbstractGremlinServerChannelizerIntegrateTest.java b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/channel/AbstractGremlinServerChannelizerIntegrateTest.java
index 300a7f4..ced5247 100644
--- a/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/channel/AbstractGremlinServerChannelizerIntegrateTest.java
+++ b/gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/channel/AbstractGremlinServerChannelizerIntegrateTest.java
@@ -102,6 +102,7 @@ abstract class AbstractGremlinServerChannelizerIntegrateTest extends AbstractGre
settings.ssl.enabled = true;
settings.ssl.keyStore = JKS_SERVER_KEY;
settings.ssl.keyStorePassword = KEY_PASS;
+ settings.ssl.keyStoreType = KEYSTORE_TYPE_JKS;
break;
case "shouldWorkWithAuth":
if (authSettings != null) {
@@ -113,6 +114,7 @@ abstract class AbstractGremlinServerChannelizerIntegrateTest extends AbstractGre
settings.ssl.enabled = true;
settings.ssl.keyStore = JKS_SERVER_KEY;
settings.ssl.keyStorePassword = KEY_PASS;
+ settings.ssl.keyStoreType = KEYSTORE_TYPE_JKS;
if (authSettings != null) {
settings.authentication = getAuthSettings();
}
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d05e3c56/gremlin-server/src/test/resources/client-key.jks
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/resources/client-key.jks b/gremlin-server/src/test/resources/client-key.jks
new file mode 100644
index 0000000..39df02b
Binary files /dev/null and b/gremlin-server/src/test/resources/client-key.jks differ
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d05e3c56/gremlin-server/src/test/resources/client-key.p12
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/resources/client-key.p12 b/gremlin-server/src/test/resources/client-key.p12
new file mode 100644
index 0000000..74f182c
Binary files /dev/null and b/gremlin-server/src/test/resources/client-key.p12 differ
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d05e3c56/gremlin-server/src/test/resources/client-trust.jks
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/resources/client-trust.jks b/gremlin-server/src/test/resources/client-trust.jks
new file mode 100644
index 0000000..d8b5479
Binary files /dev/null and b/gremlin-server/src/test/resources/client-trust.jks differ
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d05e3c56/gremlin-server/src/test/resources/client-trust.p12
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/resources/client-trust.p12 b/gremlin-server/src/test/resources/client-trust.p12
new file mode 100644
index 0000000..2100e94
Binary files /dev/null and b/gremlin-server/src/test/resources/client-trust.p12 differ
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d05e3c56/gremlin-server/src/test/resources/server-key.jks
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/resources/server-key.jks b/gremlin-server/src/test/resources/server-key.jks
new file mode 100644
index 0000000..85dbe67
Binary files /dev/null and b/gremlin-server/src/test/resources/server-key.jks differ
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d05e3c56/gremlin-server/src/test/resources/server-key.p12
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/resources/server-key.p12 b/gremlin-server/src/test/resources/server-key.p12
new file mode 100644
index 0000000..4d1aad7
Binary files /dev/null and b/gremlin-server/src/test/resources/server-key.p12 differ
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d05e3c56/gremlin-server/src/test/resources/server-trust.jks
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/resources/server-trust.jks b/gremlin-server/src/test/resources/server-trust.jks
new file mode 100644
index 0000000..a53cf47
Binary files /dev/null and b/gremlin-server/src/test/resources/server-trust.jks differ
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d05e3c56/gremlin-server/src/test/resources/server-trust.p12
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/resources/server-trust.p12 b/gremlin-server/src/test/resources/server-trust.p12
new file mode 100644
index 0000000..a055de0
Binary files /dev/null and b/gremlin-server/src/test/resources/server-trust.p12 differ
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d05e3c56/gremlin-server/src/test/resources/server.jks
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/resources/server.jks b/gremlin-server/src/test/resources/server.jks
deleted file mode 100644
index 85dbe67..0000000
Binary files a/gremlin-server/src/test/resources/server.jks and /dev/null differ
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/d05e3c56/gremlin-server/src/test/resources/server.p12
----------------------------------------------------------------------
diff --git a/gremlin-server/src/test/resources/server.p12 b/gremlin-server/src/test/resources/server.p12
deleted file mode 100644
index 4d1aad7..0000000
Binary files a/gremlin-server/src/test/resources/server.p12 and /dev/null differ
[04/16] tinkerpop git commit: TINKERPOP-1945 Added additional
extended GraphSON types to .NET
Posted by rd...@apache.org.
TINKERPOP-1945 Added additional extended GraphSON types to .NET
Support (de)serialization of GraphSON Duration-Types to TimeSpans.
Support (de)serialization of GraphSON BigInteger-Types to System.Numerics.BigInteger. An update to the latest version of Newtonsoft.Json would provide even better support.
Support (de)serialization of GraphSON Byte-Types to System.Byte.
Support (de)serialization of GraphSON Byte-Types to byte[].
Support (de)serialization of GraphSON Char-Types to System.Char.
Support deserialization of GraphSON Instant-Types to System.Date. It is up to discussion whether System.Date should be serialized to gx:Date or gx:Instant; currently it is neither.
Support deserialization of GraphSON LocalDate-Types to System.Date.
Support deserialization of GraphSON LocalDateTime-Types to System.DateTime.
Support deserialization of GraphSON LocalTime-Types to System.TimeSpan.
Support deserialization of GraphSON OffsetDateTime-Types to System.DateTimeOffset.
Support deserialization of GraphSON Period-Types to System.TimeSpan.
Support (de)serialization of GraphSON Int16-Types to System.Int16.
Update Newtonsoft.Json.
Explicitly reference Newtonsoft.Json 11.0.2 from Gremlin.Net.UnitTest.csproj.
Support deserialization of GraphSON ZoneOffset-Types to System.TimeSpan.
Support deserialization of GraphSON InetAddress-Types to string.
Split BigIntegerConverter and TimeSpanConverter into Serializer and Deserializer.
Split ByteBufferSerializer into ByteBufferSerializer and ByteBufferDeserializer.
Split DateSerializer into DateSerializer and DateDeserializer.
Remove InetAddressDeserializer for symmetry reasons.
Remove InstantDeserializer for symmetry reasons.
Remove LocalDateDeserializer, LocalDateTimeDeserializer and LocalTimeDeserializer for symmetry reasons.
Remove OffsetDateTimeDeserializer for symmetry reasons.
Remove ZoneOffsetDeserializer for symmetry reasons.
Remove registration for gx:Period for symmetry reasons.
Move Registration of DecimalConverter since it's in the extended (gx) namespace.
Remove unit tests that are now failing due to the removal of (de)serializers.
Add missing license headers.
Fix namespace of Int16.
Rename TimeSpan(De)serializer to Duration(De)serializer.
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/ddeaf416
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/ddeaf416
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/ddeaf416
Branch: refs/heads/TINKERPOP-2023
Commit: ddeaf4161e0d055046652033e3f1abaeecc66216
Parents: 180da8d
Author: Daniel Weber <dw...@exram.de>
Authored: Wed Apr 18 10:48:27 2018 +0200
Committer: Stephen Mallette <sp...@genoprime.com>
Committed: Mon Aug 13 11:17:05 2018 -0400
----------------------------------------------------------------------
.../src/Gremlin.Net/Gremlin.Net.csproj | 2 +-
.../IO/GraphSON/BigIntegerDeserializer.cs | 38 +++++++
.../IO/GraphSON/BigIntegerSerializer.cs | 37 +++++++
.../IO/GraphSON/ByteBufferDeserializer.cs | 36 ++++++
.../IO/GraphSON/ByteBufferSerializer.cs | 36 ++++++
.../Structure/IO/GraphSON/ByteConverter.cs | 33 ++++++
.../Structure/IO/GraphSON/CharConverter.cs | 34 ++++++
.../Structure/IO/GraphSON/DateDeserializer.cs | 38 +++++++
.../Structure/IO/GraphSON/DateSerializer.cs | 9 +-
.../IO/GraphSON/DurationDeserializer.cs | 37 +++++++
.../Structure/IO/GraphSON/DurationSerializer.cs | 38 +++++++
.../Structure/IO/GraphSON/GraphSONReader.cs | 14 ++-
.../Structure/IO/GraphSON/GraphSONWriter.cs | 13 ++-
.../Structure/IO/GraphSON/Int16Converter.cs | 34 ++++++
.../Gremlin.Net.UnitTest.csproj | 1 +
.../IO/GraphSON/GraphSONReaderTests.cs | 110 +++++++++++++++++++
.../IO/GraphSON/GraphSONWriterTests.cs | 65 +++++++++++
17 files changed, 561 insertions(+), 14 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/src/Gremlin.Net/Gremlin.Net.csproj
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/src/Gremlin.Net/Gremlin.Net.csproj b/gremlin-dotnet/src/Gremlin.Net/Gremlin.Net.csproj
index df4150a..e506bf5 100644
--- a/gremlin-dotnet/src/Gremlin.Net/Gremlin.Net.csproj
+++ b/gremlin-dotnet/src/Gremlin.Net/Gremlin.Net.csproj
@@ -48,7 +48,7 @@ Please see the reference documentation at Apache TinkerPop for more information
</PropertyGroup>
<ItemGroup>
- <PackageReference Include="Newtonsoft.Json" Version="9.0.1" />
+ <PackageReference Include="Newtonsoft.Json" Version="11.0.2" />
</ItemGroup>
<ItemGroup Condition="'$(TargetFramework)' == 'netstandard1.3'">
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/BigIntegerDeserializer.cs
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/BigIntegerDeserializer.cs b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/BigIntegerDeserializer.cs
new file mode 100644
index 0000000..755dbcc
--- /dev/null
+++ b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/BigIntegerDeserializer.cs
@@ -0,0 +1,38 @@
+#region License
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#endregion
+
+using System.Numerics;
+using System.Xml;
+using Newtonsoft.Json.Linq;
+
+namespace Gremlin.Net.Structure.IO.GraphSON
+{
+ internal class BigIntegerDeserializer : IGraphSONDeserializer
+ {
+ public dynamic Objectify(JToken graphsonObject, GraphSONReader reader)
+ {
+ var bigInteger = graphsonObject.ToObject<string>();
+ return BigInteger.Parse(bigInteger);
+ }
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/BigIntegerSerializer.cs
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/BigIntegerSerializer.cs b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/BigIntegerSerializer.cs
new file mode 100644
index 0000000..b53f752
--- /dev/null
+++ b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/BigIntegerSerializer.cs
@@ -0,0 +1,37 @@
+#region License
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#endregion
+
+using System.Collections.Generic;
+using System.Numerics;
+
+namespace Gremlin.Net.Structure.IO.GraphSON
+{
+ internal class BigIntegerSerializer : IGraphSONSerializer
+ {
+ public Dictionary<string, dynamic> Dictify(dynamic objectData, GraphSONWriter writer)
+ {
+ BigInteger value = objectData;
+ return GraphSONUtil.ToTypedValue("BigInteger", value.ToString(), "gx");
+ }
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/ByteBufferDeserializer.cs
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/ByteBufferDeserializer.cs b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/ByteBufferDeserializer.cs
new file mode 100644
index 0000000..f77abb0
--- /dev/null
+++ b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/ByteBufferDeserializer.cs
@@ -0,0 +1,36 @@
+#region License
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+#endregion
+
+using System;
+using Newtonsoft.Json.Linq;
+
+namespace Gremlin.Net.Structure.IO.GraphSON
+{
+ internal class ByteBufferDeserializer : IGraphSONDeserializer
+ {
+ public dynamic Objectify(JToken graphsonObject, GraphSONReader reader)
+ {
+ var base64String = graphsonObject.ToObject<string>();
+ return Convert.FromBase64String(base64String);
+ }
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/ByteBufferSerializer.cs
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/ByteBufferSerializer.cs b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/ByteBufferSerializer.cs
new file mode 100644
index 0000000..09d4f27
--- /dev/null
+++ b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/ByteBufferSerializer.cs
@@ -0,0 +1,36 @@
+#region License
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+#endregion
+
+using System;
+using System.Collections.Generic;
+
+namespace Gremlin.Net.Structure.IO.GraphSON
+{
+ internal class ByteBufferSerializer : IGraphSONSerializer
+ {
+ public Dictionary<string, dynamic> Dictify(dynamic objectData, GraphSONWriter writer)
+ {
+ byte[] value = objectData;
+ return GraphSONUtil.ToTypedValue("ByteBuffer", Convert.ToBase64String(value), "gx");
+ }
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/ByteConverter.cs
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/ByteConverter.cs b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/ByteConverter.cs
new file mode 100644
index 0000000..6525d52
--- /dev/null
+++ b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/ByteConverter.cs
@@ -0,0 +1,33 @@
+#region License
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+#endregion
+
+using System;
+
+namespace Gremlin.Net.Structure.IO.GraphSON
+{
+ internal class ByteConverter : NumberConverter
+ {
+ protected override string GraphSONTypeName => "Byte";
+ protected override Type HandledType => typeof(byte);
+ protected override string Prefix => "gx";
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/CharConverter.cs
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/CharConverter.cs b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/CharConverter.cs
new file mode 100644
index 0000000..b7023be
--- /dev/null
+++ b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/CharConverter.cs
@@ -0,0 +1,34 @@
+#region License
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+#endregion
+
+using System;
+
+namespace Gremlin.Net.Structure.IO.GraphSON
+{
+ internal class CharConverter : NumberConverter
+ {
+ protected override string GraphSONTypeName => "Char";
+ protected override Type HandledType => typeof(char);
+ protected override string Prefix => "gx";
+ protected override bool StringifyValue => true;
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DateDeserializer.cs
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DateDeserializer.cs b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DateDeserializer.cs
new file mode 100644
index 0000000..98ca25e
--- /dev/null
+++ b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DateDeserializer.cs
@@ -0,0 +1,38 @@
+#region License
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+#endregion
+
+using System;
+using Newtonsoft.Json.Linq;
+
+namespace Gremlin.Net.Structure.IO.GraphSON
+{
+ internal class DateDeserializer : IGraphSONDeserializer
+ {
+ private static readonly DateTimeOffset UnixStart = new DateTimeOffset(1970, 1, 1, 0, 0, 0, 0, TimeSpan.Zero);
+
+ public dynamic Objectify(JToken graphsonObject, GraphSONReader reader)
+ {
+ var milliseconds = graphsonObject.ToObject<long>();
+ return UnixStart.AddTicks(TimeSpan.TicksPerMillisecond * milliseconds);
+ }
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DateSerializer.cs
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DateSerializer.cs b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DateSerializer.cs
index 3333f0c..d6c830a 100644
--- a/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DateSerializer.cs
+++ b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DateSerializer.cs
@@ -23,11 +23,10 @@
using System;
using System.Collections.Generic;
-using Newtonsoft.Json.Linq;
namespace Gremlin.Net.Structure.IO.GraphSON
{
- internal class DateSerializer : IGraphSONSerializer, IGraphSONDeserializer
+ internal class DateSerializer : IGraphSONSerializer
{
private static readonly DateTimeOffset UnixStart = new DateTimeOffset(1970, 1, 1, 0, 0, 0, 0, TimeSpan.Zero);
@@ -37,11 +36,5 @@ namespace Gremlin.Net.Structure.IO.GraphSON
var ticks = (value - UnixStart).Ticks;
return GraphSONUtil.ToTypedValue("Date", ticks / TimeSpan.TicksPerMillisecond);
}
-
- public dynamic Objectify(JToken graphsonObject, GraphSONReader reader)
- {
- var milliseconds = graphsonObject.ToObject<long>();
- return UnixStart.AddTicks(TimeSpan.TicksPerMillisecond * milliseconds);
- }
}
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DurationDeserializer.cs
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DurationDeserializer.cs b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DurationDeserializer.cs
new file mode 100644
index 0000000..00a9a70
--- /dev/null
+++ b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DurationDeserializer.cs
@@ -0,0 +1,37 @@
+#region License
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#endregion
+
+using System.Xml;
+using Newtonsoft.Json.Linq;
+
+namespace Gremlin.Net.Structure.IO.GraphSON
+{
+ internal class DurationDeserializer : IGraphSONDeserializer
+ {
+ public dynamic Objectify(JToken graphsonObject, GraphSONReader reader)
+ {
+ var duration = graphsonObject.ToObject<string>();
+ return XmlConvert.ToTimeSpan(duration);
+ }
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DurationSerializer.cs
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DurationSerializer.cs b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DurationSerializer.cs
new file mode 100644
index 0000000..9fe5fcd
--- /dev/null
+++ b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/DurationSerializer.cs
@@ -0,0 +1,38 @@
+#region License
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#endregion
+
+using System;
+using System.Collections.Generic;
+using System.Xml;
+
+namespace Gremlin.Net.Structure.IO.GraphSON
+{
+ internal class DurationSerializer : IGraphSONSerializer
+ {
+ public Dictionary<string, dynamic> Dictify(dynamic objectData, GraphSONWriter writer)
+ {
+ TimeSpan value = objectData;
+ return GraphSONUtil.ToTypedValue("Duration", XmlConvert.ToString(value), "gx");
+ }
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/GraphSONReader.cs
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/GraphSONReader.cs b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/GraphSONReader.cs
index db03dd4..d11b14c 100644
--- a/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/GraphSONReader.cs
+++ b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/GraphSONReader.cs
@@ -42,14 +42,22 @@ namespace Gremlin.Net.Structure.IO.GraphSON
{"g:Float", new FloatConverter()},
{"g:Double", new DoubleConverter()},
{"g:UUID", new UuidDeserializer()},
- {"g:Date", new DateSerializer()},
- {"g:Timestamp", new DateSerializer()},
+ {"g:Date", new DateDeserializer()},
+ {"g:Timestamp", new DateDeserializer()},
{"g:Vertex", new VertexDeserializer()},
{"g:Edge", new EdgeDeserializer()},
{"g:Property", new PropertyDeserializer()},
{"g:VertexProperty", new VertexPropertyDeserializer()},
{"g:Path", new PathDeserializer()},
- {"gx:BigDecimal", new DecimalConverter()}
+
+ //Extended
+ {"gx:BigDecimal", new DecimalConverter()},
+ {"gx:Duration", new DurationDeserializer()},
+ {"gx:BigInteger", new BigIntegerDeserializer()},
+ {"gx:Byte", new ByteConverter()},
+ {"gx:ByteBuffer", new ByteBufferDeserializer()},
+ {"gx:Char", new CharConverter()},
+ {"gx:Int16", new Int16Converter() }
};
/// <summary>
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/GraphSONWriter.cs
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/GraphSONWriter.cs b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/GraphSONWriter.cs
index 8926d23..5994180 100644
--- a/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/GraphSONWriter.cs
+++ b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/GraphSONWriter.cs
@@ -25,6 +25,7 @@ using System;
using System.Collections;
using System.Collections.Generic;
using System.Linq;
+using System.Numerics;
using System.Reflection;
using Gremlin.Net.Driver.Messages;
using Gremlin.Net.Process.Traversal;
@@ -49,7 +50,6 @@ namespace Gremlin.Net.Structure.IO.GraphSON
{typeof(long), new Int64Converter()},
{typeof(float), new FloatConverter()},
{typeof(double), new DoubleConverter()},
- {typeof(decimal), new DecimalConverter()},
{typeof(Guid), new UuidSerializer()},
{typeof(DateTimeOffset), new DateSerializer()},
{typeof(Type), new ClassSerializer()},
@@ -60,7 +60,16 @@ namespace Gremlin.Net.Structure.IO.GraphSON
{typeof(Property), new PropertySerializer()},
{typeof(VertexProperty), new VertexPropertySerializer()},
{typeof(AbstractTraversalStrategy), new TraversalStrategySerializer()},
- {typeof(ILambda), new LambdaSerializer()}
+ {typeof(ILambda), new LambdaSerializer()},
+
+ //Extended
+ {typeof(decimal), new DecimalConverter()},
+ {typeof(TimeSpan), new DurationSerializer()},
+ {typeof(BigInteger), new BigIntegerSerializer()},
+ {typeof(byte), new ByteConverter()},
+ {typeof(byte[]), new ByteBufferSerializer()},
+ {typeof(char), new CharConverter() },
+ {typeof(short), new Int16Converter() }
};
/// <summary>
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/Int16Converter.cs
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/Int16Converter.cs b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/Int16Converter.cs
new file mode 100644
index 0000000..abe5a77
--- /dev/null
+++ b/gremlin-dotnet/src/Gremlin.Net/Structure/IO/GraphSON/Int16Converter.cs
@@ -0,0 +1,34 @@
+#region License
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#endregion
+
+using System;
+
+namespace Gremlin.Net.Structure.IO.GraphSON
+{
+ internal class Int16Converter : NumberConverter
+ {
+ protected override string GraphSONTypeName => "Int16";
+ protected override Type HandledType => typeof(short);
+ protected override string Prefix => "gx";
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/test/Gremlin.Net.UnitTest/Gremlin.Net.UnitTest.csproj
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/test/Gremlin.Net.UnitTest/Gremlin.Net.UnitTest.csproj b/gremlin-dotnet/test/Gremlin.Net.UnitTest/Gremlin.Net.UnitTest.csproj
index d1d6372..0b44e57 100644
--- a/gremlin-dotnet/test/Gremlin.Net.UnitTest/Gremlin.Net.UnitTest.csproj
+++ b/gremlin-dotnet/test/Gremlin.Net.UnitTest/Gremlin.Net.UnitTest.csproj
@@ -15,6 +15,7 @@
</ItemGroup>
<ItemGroup>
+ <PackageReference Include="Newtonsoft.Json" Version="11.0.2" />
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.3.0" />
<PackageReference Include="Moq" Version="4.7.99" />
<PackageReference Include="xunit.runner.visualstudio" Version="2.2.0" />
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/test/Gremlin.Net.UnitTest/Structure/IO/GraphSON/GraphSONReaderTests.cs
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/test/Gremlin.Net.UnitTest/Structure/IO/GraphSON/GraphSONReaderTests.cs b/gremlin-dotnet/test/Gremlin.Net.UnitTest/Structure/IO/GraphSON/GraphSONReaderTests.cs
index d2ce40b..74bf385 100644
--- a/gremlin-dotnet/test/Gremlin.Net.UnitTest/Structure/IO/GraphSON/GraphSONReaderTests.cs
+++ b/gremlin-dotnet/test/Gremlin.Net.UnitTest/Structure/IO/GraphSON/GraphSONReaderTests.cs
@@ -23,9 +23,12 @@
using System;
using System.Collections.Generic;
+using System.Numerics;
+using Gremlin.Net.Process.Traversal;
using Gremlin.Net.Structure;
using Gremlin.Net.Structure.IO.GraphSON;
using Moq;
+using Newtonsoft.Json;
using Newtonsoft.Json.Linq;
using Xunit;
@@ -38,6 +41,17 @@ namespace Gremlin.Net.UnitTest.Structure.IO.GraphSON
return new GraphSONReader();
}
+ //During CI, we encountered a case where Newtonsoft.Json version 9.0.0
+ //was loaded although there is no obvious direct nor indirect dependency
+ //on that version of the library. An explicit reference to version
+ //11.0.0 from Gremlin.Net.UnitTest fixes that, however, it is
+ //still unclear what causes the downgrade. Until resolution, we keep this test.
+ [Fact]
+ public void NewtonsoftJsonVersionShouldSupportReallyBigIntegers()
+ {
+ Assert.Equal(new Version(11, 0, 0, 0), typeof(JToken).Assembly.GetName().Version);
+ }
+
[Fact]
public void ShouldDeserializeWithCustomDeserializerForNewType()
{
@@ -320,6 +334,102 @@ namespace Gremlin.Net.UnitTest.Structure.IO.GraphSON
Assert.NotNull(d);
Assert.Equal("g:Traverser", (string)d["@type"]);
}
+
+ [Fact]
+ public void ShouldDeserializeDurationToTimeSpan()
+ {
+ var serializedValue = "{\"@type\":\"gx:Duration\",\"@value\":\"PT120H\"}";
+ var reader = CreateStandardGraphSONReader();
+
+ var jObject = JObject.Parse(serializedValue);
+ TimeSpan deserializedValue = reader.ToObject(jObject);
+
+ Assert.Equal(TimeSpan.FromDays(5), deserializedValue);
+ }
+
+ [Fact]
+ public void ShouldDeserializeBigInteger()
+ {
+ var serializedValue = "{\"@type\":\"gx:BigInteger\",\"@value\":123456789}";
+ var reader = CreateStandardGraphSONReader();
+
+ var jObject = JObject.Parse(serializedValue);
+ BigInteger deserializedValue = reader.ToObject(jObject);
+
+ Assert.Equal(BigInteger.Parse("123456789"), deserializedValue);
+ }
+
+ [Fact]
+ public void ShouldDeserializeBigIntegerValueAsString()
+ {
+ var serializedValue = "{\"@type\":\"gx:BigInteger\",\"@value\":\"123456789\"}";
+ var reader = CreateStandardGraphSONReader();
+
+ var jObject = JObject.Parse(serializedValue);
+ BigInteger deserializedValue = reader.ToObject(jObject);
+
+ Assert.Equal(BigInteger.Parse("123456789"), deserializedValue);
+ }
+
+ [Fact]
+ public void ShouldDeserializeReallyBigIntegerValue()
+ {
+ var serializedValue = "{\"@type\":\"gx:BigInteger\",\"@value\":123456789987654321123456789987654321}";
+ var reader = CreateStandardGraphSONReader();
+
+ var jObject = JObject.Parse(serializedValue);
+ BigInteger deserializedValue = reader.ToObject(jObject);
+
+ Assert.Equal(BigInteger.Parse("123456789987654321123456789987654321"), deserializedValue);
+ }
+
+ [Fact]
+ public void ShouldDeserializeByte()
+ {
+ var serializedValue = "{\"@type\":\"gx:Byte\",\"@value\":1}";
+ var reader = CreateStandardGraphSONReader();
+
+ var jObject = JObject.Parse(serializedValue);
+ var deserializedValue = reader.ToObject(jObject);
+
+ Assert.Equal(1, deserializedValue);
+ }
+
+ [Fact]
+ public void ShouldDeserializeByteBuffer()
+ {
+ var serializedValue = "{\"@type\":\"gx:ByteBuffer\",\"@value\":\"c29tZSBieXRlcyBmb3IgeW91\"}";
+ var reader = CreateStandardGraphSONReader();
+
+ var jObject = JObject.Parse(serializedValue);
+ var deserializedValue = reader.ToObject(jObject);
+
+ Assert.Equal(Convert.FromBase64String("c29tZSBieXRlcyBmb3IgeW91"), deserializedValue);
+ }
+
+ [Fact]
+ public void ShouldDeserializeChar()
+ {
+ var serializedValue = "{\"@type\":\"gx:Char\",\"@value\":\"x\"}";
+ var reader = CreateStandardGraphSONReader();
+
+ var jObject = JObject.Parse(serializedValue);
+ var deserializedValue = reader.ToObject(jObject);
+
+ Assert.Equal('x', deserializedValue);
+ }
+
+ [Fact]
+ public void ShouldDeserializeInt16()
+ {
+ var serializedValue = "{\"@type\":\"gx:Int16\",\"@value\":100}";
+ var reader = CreateStandardGraphSONReader();
+
+ var jObject = JObject.Parse(serializedValue);
+ var deserializedValue = reader.ToObject(jObject);
+
+ Assert.Equal(100, deserializedValue);
+ }
}
internal class TestGraphSONDeserializer : IGraphSONDeserializer
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/ddeaf416/gremlin-dotnet/test/Gremlin.Net.UnitTest/Structure/IO/GraphSON/GraphSONWriterTests.cs
----------------------------------------------------------------------
diff --git a/gremlin-dotnet/test/Gremlin.Net.UnitTest/Structure/IO/GraphSON/GraphSONWriterTests.cs b/gremlin-dotnet/test/Gremlin.Net.UnitTest/Structure/IO/GraphSON/GraphSONWriterTests.cs
index 54dc8f3..a544fb3 100644
--- a/gremlin-dotnet/test/Gremlin.Net.UnitTest/Structure/IO/GraphSON/GraphSONWriterTests.cs
+++ b/gremlin-dotnet/test/Gremlin.Net.UnitTest/Structure/IO/GraphSON/GraphSONWriterTests.cs
@@ -23,6 +23,7 @@
using System;
using System.Collections.Generic;
+using System.Numerics;
using Gremlin.Net.Process.Traversal;
using Gremlin.Net.Process.Traversal.Strategy.Decoration;
using Gremlin.Net.Structure;
@@ -346,6 +347,70 @@ namespace Gremlin.Net.UnitTest.Structure.IO.GraphSON
"{\"@type\":\"g:Lambda\",\"@value\":{\"script\":\"{ it.get() }\",\"language\":\"gremlin-groovy\",\"arguments\":-1}}";
Assert.Equal(expected, graphSon);
}
+
+ [Fact]
+ public void ShouldSerializeTimeSpan()
+ {
+ var writer = CreateStandardGraphSONWriter();
+ var timeSpan = new TimeSpan(5, 4, 3, 2, 1);
+
+ var graphSon = writer.WriteObject(timeSpan);
+
+ const string expected = "{\"@type\":\"gx:Duration\",\"@value\":\"P5DT4H3M2.001S\"}";
+ Assert.Equal(expected, graphSon);
+ }
+
+ [Fact]
+ public void ShouldSerializeBigInteger()
+ {
+ var writer = CreateStandardGraphSONWriter();
+ var bigInteger = BigInteger.Parse("123456789987654321123456789987654321");
+
+ var graphSon = writer.WriteObject(bigInteger);
+
+ const string expected = "{\"@type\":\"gx:BigInteger\",\"@value\":\"123456789987654321123456789987654321\"}";
+ Assert.Equal(expected, graphSon);
+ }
+
+ [Fact]
+ public void ShouldSerializeByte()
+ {
+ var writer = CreateStandardGraphSONWriter();
+
+ var graphSon = writer.WriteObject((byte)1);
+
+ Assert.Equal("{\"@type\":\"gx:Byte\",\"@value\":1}", graphSon);
+ }
+
+ [Fact]
+ public void ShouldSerializeByteBuffer()
+ {
+ var writer = CreateStandardGraphSONWriter();
+
+ var graphSon = writer.WriteObject(Convert.FromBase64String("c29tZSBieXRlcyBmb3IgeW91"));
+
+ Assert.Equal("{\"@type\":\"gx:ByteBuffer\",\"@value\":\"c29tZSBieXRlcyBmb3IgeW91\"}", graphSon);
+ }
+
+ [Fact]
+ public void ShouldSerializeChar()
+ {
+ var writer = CreateStandardGraphSONWriter();
+
+ var graphSon = writer.WriteObject('x');
+
+ Assert.Equal("{\"@type\":\"gx:Char\",\"@value\":\"x\"}", graphSon);
+ }
+
+ [Fact]
+ public void ShouldSerializeInt16()
+ {
+ var writer = CreateStandardGraphSONWriter();
+
+ var graphSon = writer.WriteObject((short)100);
+
+ Assert.Equal("{\"@type\":\"gx:Int16\",\"@value\":100}", graphSon);
+ }
}
internal class TestGraphSONSerializer : IGraphSONSerializer
[03/16] tinkerpop git commit: TINKERPOP-2017 Updated changelog
Posted by rd...@apache.org.
TINKERPOP-2017 Updated changelog
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/180da8d9
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/180da8d9
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/180da8d9
Branch: refs/heads/TINKERPOP-2023
Commit: 180da8d9f83fdc57f887b3a3cd883bd1d449e794
Parents: a0a243b
Author: Stephen Mallette <sp...@genoprime.com>
Authored: Mon Aug 13 10:35:57 2018 -0400
Committer: Stephen Mallette <sp...@genoprime.com>
Committed: Mon Aug 13 10:35:57 2018 -0400
----------------------------------------------------------------------
CHANGELOG.asciidoc | 1 +
1 file changed, 1 insertion(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/180da8d9/CHANGELOG.asciidoc
----------------------------------------------------------------------
diff --git a/CHANGELOG.asciidoc b/CHANGELOG.asciidoc
index a45f0f8..79db967 100644
--- a/CHANGELOG.asciidoc
+++ b/CHANGELOG.asciidoc
@@ -28,6 +28,7 @@ image::https://raw.githubusercontent.com/apache/tinkerpop/master/docs/static/ima
* Added an system error code for failed plugin installs for Gremlin Server `-i` option.
* Match numbers in `choose()` options using `NumberHelper` (match values, ignore data type).
* Added support for GraphSON serialization of `Date` in Javascript.
+* Added better internal processing of `Column` in `by(Function)`.
* Fixed bug in Java driver where an disorderly shutdown of the server would cause the client to hang.
* Added a dotnet template project that should make it easier to get started with Gremlin.Net.
* Removed `ThreadInterruptCustomizerProvider` from documentation as a way to timeout.
[13/16] tinkerpop git commit: TINKERPOP-2023 minor edits
Posted by rd...@apache.org.
TINKERPOP-2023 minor edits
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/6434d040
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/6434d040
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/6434d040
Branch: refs/heads/TINKERPOP-2023
Commit: 6434d0406c13ca2b5315fbfd0ff1c7b49c2fddfe
Parents: d05e3c5
Author: Robert Dale <ro...@gmail.com>
Authored: Mon Aug 13 15:45:27 2018 -0400
Committer: Robert Dale <ro...@gmail.com>
Committed: Fri Aug 17 15:06:33 2018 -0400
----------------------------------------------------------------------
docs/src/reference/gremlin-applications.asciidoc | 4 ++--
docs/src/upgrade/release-3.2.x-incubating.asciidoc | 3 ++-
2 files changed, 4 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/6434d040/docs/src/reference/gremlin-applications.asciidoc
----------------------------------------------------------------------
diff --git a/docs/src/reference/gremlin-applications.asciidoc b/docs/src/reference/gremlin-applications.asciidoc
index 8ad8a0a..d13e2ef 100644
--- a/docs/src/reference/gremlin-applications.asciidoc
+++ b/docs/src/reference/gremlin-applications.asciidoc
@@ -751,7 +751,7 @@ The following table describes the various configuration options for the Gremlin
|connectionPool.sslCipherSuites |The list of JSSE ciphers to support for SSL connections. If specified, only the ciphers that are listed and supported will be enabled. If not specified, the JVM default is used. |_none_
|connectionPool.sslEnabledProtocols |The list of SSL protocols to support for SSL connections. If specified, only the protocols that are listed and supported will be enabled. If not specified, the JVM default is used. |_none_
|connectionPool.sslSkipCertValidation |Configures the `TrustManager` to trust all certs without any validation. Should not be used in production.|false
-|connectionPool.trustCertChainFile |File location for a SSL Certificate Chain to use when SSL is enabled. If this value is not provided and SSL is enabled, the default `TrustManager` will be uesd. |_none_
+|connectionPool.trustCertChainFile |File location for a SSL Certificate Chain to use when SSL is enabled. If this value is not provided and SSL is enabled, the default `TrustManager` will be used. |_none_
|connectionPool.trustStore |File location for a SSL Certificate Chain to use when SSL is enabled. If this value is not provided and SSL is enabled, the default `TrustManager` will be used. |_none_
|connectionPool.trustStorePassword |The password of the `trustStore` if it is password-protected |_none_
|hosts |The list of hosts that the driver will connect to. |localhost
@@ -1161,7 +1161,7 @@ The following table describes the various configuration options that Gremlin Ser
|ssl.keyPassword |The password of the `keyFile` if it is password-protected. |_none_
|ssl.keyStore |The private key in JKS or PKCS#12 format. |_none_
|ssl.keyStorePassword |The password of the `keyStore` if it is password-protected. |_none_
-|ssl.keyStoreType |JKS (Java 8 default) or PKCS#12 (Java 9+ default) |_none_
+|ssl.keyStoreType |`JKS` (Java 8 default) or `PKCS12` (Java 9+ default) |_none_
|ssl.needClientAuth | Optional. One of NONE, OPTIONAL, REQUIRE. Enables client certificate authentication at the enforcement level specified. Can be used in combination with Authenticator. |_none_
|ssl.sslCipherSuites |The list of JSSE ciphers to support for SSL connections. If specified, only the ciphers that are listed and supported will be enabled. If not specified, the JVM default is used. |_none_
|ssl.sslEnabledProtocols |The list of SSL protocols to support for SSL connections. If specified, only the protocols that are listed and supported will be enabled. If not specified, the JVM default is used. |_none_
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/6434d040/docs/src/upgrade/release-3.2.x-incubating.asciidoc
----------------------------------------------------------------------
diff --git a/docs/src/upgrade/release-3.2.x-incubating.asciidoc b/docs/src/upgrade/release-3.2.x-incubating.asciidoc
index 9b0a120..ec973de 100644
--- a/docs/src/upgrade/release-3.2.x-incubating.asciidoc
+++ b/docs/src/upgrade/release-3.2.x-incubating.asciidoc
@@ -49,7 +49,8 @@ The packaged `*-secure.yaml` files now restrict the protocol to `TLSv1.2` by def
PEM-based configurations are deprecated and may be removed in a future release.
-See the section on configuring SSL.
+See also http://tinkerpop.apache.org/docs/current/reference/#_configuration[Connecting via Java Configuration],
+http://tinkerpop.apache.org/docs/current/reference/#_configuring_2[Gremlin Server Configuration].
link:https://issues.apache.org/jira/browse/TINKERPOP-2022[TINKERPOP-2022]
link:https://issues.apache.org/jira/browse/TINKERPOP-2023[TINKERPOP-2023]