You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by xi...@apache.org on 2018/08/17 17:09:24 UTC
hadoop git commit: HADOOP-15674. Test failure
TestSSLHttpServer.testExcludedCiphers with
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard
Nemeth.
Repository: hadoop
Updated Branches:
refs/heads/trunk fb5b3dce6 -> 8d7c93186
HADOOP-15674. Test failure TestSSLHttpServer.testExcludedCiphers with TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite. Contributed by Szilard Nemeth.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/8d7c9318
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/8d7c9318
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/8d7c9318
Branch: refs/heads/trunk
Commit: 8d7c93186e3090b19aa59006bb6b32ba929bd8e6
Parents: fb5b3dc
Author: Xiao Chen <xi...@apache.org>
Authored: Fri Aug 17 10:08:52 2018 -0700
Committer: Xiao Chen <xi...@apache.org>
Committed: Fri Aug 17 10:09:23 2018 -0700
----------------------------------------------------------------------
.../apache/hadoop/http/TestSSLHttpServer.java | 54 +++++++++++++++++++-
1 file changed, 53 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hadoop/blob/8d7c9318/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java
index 5af6d6f..2166464 100644
--- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java
+++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestSSLHttpServer.java
@@ -48,7 +48,7 @@ import org.slf4j.LoggerFactory;
/**
* This testcase issues SSL certificates configures the HttpServer to serve
- * HTTPS using the created certficates and calls an echo servlet using the
+ * HTTPS using the created certificates and calls an echo servlet using the
* corresponding HTTPS URL.
*/
public class TestSSLHttpServer extends HttpServerFunctionalTest {
@@ -58,11 +58,15 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest {
private static final Logger LOG =
LoggerFactory.getLogger(TestSSLHttpServer.class);
+ private static final String HTTPS_CIPHER_SUITES_KEY = "https.cipherSuites";
+ private static final String JAVAX_NET_DEBUG_KEY = "javax.net.debug";
private static Configuration conf;
private static HttpServer2 server;
private static String keystoresDir;
private static String sslConfDir;
private static SSLFactory clientSslFactory;
+ private static String cipherSuitesPropertyValue;
+ private static String sslDebugPropertyValue;
private static final String excludeCiphers = "TLS_ECDHE_RSA_WITH_RC4_128_SHA,"
+ "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, \n"
+ "SSL_RSA_WITH_DES_CBC_SHA,"
@@ -83,6 +87,9 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest {
@BeforeClass
public static void setup() throws Exception {
+ turnOnSSLDebugLogging();
+ storeHttpsCipherSuites();
+
conf = new Configuration();
conf.setInt(HttpServer2.HTTP_MAX_THREADS_KEY, 10);
@@ -127,6 +134,51 @@ public class TestSSLHttpServer extends HttpServerFunctionalTest {
FileUtil.fullyDelete(new File(BASEDIR));
KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, sslConfDir);
clientSslFactory.destroy();
+ restoreHttpsCipherSuites();
+ restoreSSLDebugLogging();
+ }
+
+ /**
+ * Stores the JVM property value of https.cipherSuites and sets its
+ * value to an empty string.
+ * This ensures that the value https.cipherSuites does
+ * not affect the result of tests.
+ */
+ private static void storeHttpsCipherSuites() {
+ String cipherSuites = System.getProperty(HTTPS_CIPHER_SUITES_KEY);
+ if (cipherSuites != null) {
+ LOG.info(
+ "Found value for property {}: {}", HTTPS_CIPHER_SUITES_KEY,
+ cipherSuites);
+ cipherSuitesPropertyValue = cipherSuites;
+ }
+ System.clearProperty(HTTPS_CIPHER_SUITES_KEY);
+ }
+
+ private static void restoreHttpsCipherSuites() {
+ if (cipherSuitesPropertyValue != null) {
+ LOG.info("Restoring property {} to value: {}", HTTPS_CIPHER_SUITES_KEY,
+ cipherSuitesPropertyValue);
+ System.setProperty(HTTPS_CIPHER_SUITES_KEY, cipherSuitesPropertyValue);
+ cipherSuitesPropertyValue = null;
+ }
+ }
+
+ private static void turnOnSSLDebugLogging() {
+ String sslDebug = System.getProperty(JAVAX_NET_DEBUG_KEY);
+ if (sslDebug != null) {
+ sslDebugPropertyValue = sslDebug;
+ }
+ System.setProperty(JAVAX_NET_DEBUG_KEY, "all");
+ }
+
+ private static void restoreSSLDebugLogging() {
+ if (sslDebugPropertyValue != null) {
+ System.setProperty(JAVAX_NET_DEBUG_KEY, sslDebugPropertyValue);
+ sslDebugPropertyValue = null;
+ } else {
+ System.clearProperty(JAVAX_NET_DEBUG_KEY);
+ }
}
@Test
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org