You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@asterixdb.apache.org by AsterixDB Code Review <do...@asterix-gerrit.ics.uci.edu> on 2021/09/05 00:54:52 UTC
Change in asterixdb[master]: [NO ISSUE][ENC] += CERTIFICATE_CHAIN_PATH to config
From Michael Blow <mb...@apache.org>:
Michael Blow has uploaded this change for review. ( https://asterix-gerrit.ics.uci.edu/c/asterixdb/+/13083 )
Change subject: [NO ISSUE][ENC] += CERTIFICATE_CHAIN_PATH to config
......................................................................
[NO ISSUE][ENC] += CERTIFICATE_CHAIN_PATH to config
Change-Id: Ia153e88f2ffdf89630b313572794594eaa27c446
---
M hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/CCConfig.java
M hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/NCConfig.java
M hyracks-fullstack/hyracks/hyracks-ipc/src/main/java/org/apache/hyracks/ipc/security/NetworkSecurityManager.java
3 files changed, 24 insertions(+), 3 deletions(-)
git pull ssh://asterix-gerrit.ics.uci.edu:29418/asterixdb refs/changes/83/13083/1
diff --git a/hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/CCConfig.java b/hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/CCConfig.java
index d148145..57d0813 100644
--- a/hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/CCConfig.java
+++ b/hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/CCConfig.java
@@ -79,6 +79,7 @@
CONTROLLER_ID(SHORT, (short) 0x0000),
KEY_STORE_PATH(STRING),
TRUST_STORE_PATH(STRING),
+ CERTIFICATE_CHAIN_PATH(STRING),
KEY_STORE_PASSWORD(STRING),
CREDENTIAL_FILE(
OptionTypes.STRING,
@@ -202,6 +203,8 @@
return "A fully-qualified path to a key store file that will be used for secured connections";
case TRUST_STORE_PATH:
return "A fully-qualified path to a trust store file that will be used for secured connections";
+ case CERTIFICATE_CHAIN_PATH:
+ return "A fully-qualified path to a certificate chain file that will be used for secured connections";
case KEY_STORE_PASSWORD:
return "The password to the provided key store";
case CREDENTIAL_FILE:
@@ -473,10 +476,17 @@
}
public void setTrustStorePath(String trustStorePath) {
-
configManager.set(Option.TRUST_STORE_PATH, trustStorePath);
}
+ public String getCertificateChainPath() {
+ return getAppConfig().getString(Option.CERTIFICATE_CHAIN_PATH);
+ }
+
+ public void setCertificateChainPath(String certChainPath) {
+ configManager.set(Option.CERTIFICATE_CHAIN_PATH, certChainPath);
+ }
+
public String getCredentialFilePath() {
return getAppConfig().getString(Option.CREDENTIAL_FILE);
}
diff --git a/hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/NCConfig.java b/hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/NCConfig.java
index 01cb9bf..7d6a519 100644
--- a/hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/NCConfig.java
+++ b/hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/NCConfig.java
@@ -89,6 +89,7 @@
JVM_ARGS(STRING, (String) null),
TRACE_CATEGORIES(STRING_ARRAY, new String[0]),
KEY_STORE_PATH(STRING, (String) null),
+ CERTIFICATE_CHAIN_PATH(STRING, (String) null),
TRUST_STORE_PATH(STRING, (String) null),
KEY_STORE_PASSWORD(STRING, (String) null),
IO_WORKERS_PER_PARTITION(POSITIVE_INTEGER, 2),
@@ -230,6 +231,8 @@
return "A fully-qualified path to a key store file that will be used for secured connections";
case TRUST_STORE_PATH:
return "A fully-qualified path to a trust store file that will be used for secured connections";
+ case CERTIFICATE_CHAIN_PATH:
+ return "A fully-qualified path to a certificate chain file that will be used for secured connections";
case KEY_STORE_PASSWORD:
return "The password to the provided key store";
case IO_WORKERS_PER_PARTITION:
@@ -613,6 +616,14 @@
configManager.set(nodeId, Option.TRUST_STORE_PATH, keyStorePath);
}
+ public String getCertificateChainPath() {
+ return appConfig.getString(Option.CERTIFICATE_CHAIN_PATH);
+ }
+
+ public void setCertificateChainPath(String certChainPath) {
+ configManager.set(nodeId, Option.CERTIFICATE_CHAIN_PATH, certChainPath);
+ }
+
public int getIOParallelism() {
return appConfig.getInt(Option.IO_WORKERS_PER_PARTITION);
}
diff --git a/hyracks-fullstack/hyracks/hyracks-ipc/src/main/java/org/apache/hyracks/ipc/security/NetworkSecurityManager.java b/hyracks-fullstack/hyracks/hyracks-ipc/src/main/java/org/apache/hyracks/ipc/security/NetworkSecurityManager.java
index b7c0d0f..0432312 100644
--- a/hyracks-fullstack/hyracks/hyracks-ipc/src/main/java/org/apache/hyracks/ipc/security/NetworkSecurityManager.java
+++ b/hyracks-fullstack/hyracks/hyracks-ipc/src/main/java/org/apache/hyracks/ipc/security/NetworkSecurityManager.java
@@ -37,7 +37,7 @@
private volatile INetworkSecurityConfig config;
private final ISocketChannelFactory sslSocketFactory;
- public static final String TSL_VERSION = "TLSv1.2";
+ public static final String TLS_VERSION = "TLSv1.2";
public NetworkSecurityManager(INetworkSecurityConfig config) {
this.config = config;
@@ -89,7 +89,7 @@
keyManagerFactory.init(engineKeyStore, password);
final KeyStore trustStore = loadTrustStoreFromFile(password, config);
trustManagerFactory.init(trustStore);
- SSLContext ctx = SSLContext.getInstance(TSL_VERSION);
+ SSLContext ctx = SSLContext.getInstance(TLS_VERSION);
ctx.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
return ctx;
} catch (Exception ex) {
--
To view, visit https://asterix-gerrit.ics.uci.edu/c/asterixdb/+/13083
To unsubscribe, or for help writing mail filters, visit https://asterix-gerrit.ics.uci.edu/settings
Gerrit-Project: asterixdb
Gerrit-Branch: master
Gerrit-Change-Id: Ia153e88f2ffdf89630b313572794594eaa27c446
Gerrit-Change-Number: 13083
Gerrit-PatchSet: 1
Gerrit-Owner: Michael Blow <mb...@apache.org>
Gerrit-MessageType: newchange
Change in asterixdb[master]: [NO ISSUE][ENC] += CERTIFICATE_CHAIN_PATH to config
Posted by AsterixDB Code Review <do...@asterix-gerrit.ics.uci.edu>.
From Michael Blow <mb...@apache.org>:
Michael Blow has abandoned this change. ( https://asterix-gerrit.ics.uci.edu/c/asterixdb/+/13083 )
Change subject: [NO ISSUE][ENC] += CERTIFICATE_CHAIN_PATH to config
......................................................................
Abandoned
--
To view, visit https://asterix-gerrit.ics.uci.edu/c/asterixdb/+/13083
To unsubscribe, or for help writing mail filters, visit https://asterix-gerrit.ics.uci.edu/settings
Gerrit-Project: asterixdb
Gerrit-Branch: master
Gerrit-Change-Id: Ia153e88f2ffdf89630b313572794594eaa27c446
Gerrit-Change-Number: 13083
Gerrit-PatchSet: 1
Gerrit-Owner: Michael Blow <mb...@apache.org>
Gerrit-Reviewer: Jenkins <je...@fulliautomatix.ics.uci.edu>
Gerrit-Reviewer: Michael Blow <mb...@apache.org>
Gerrit-MessageType: abandon
Change in asterixdb[master]: [NO ISSUE][ENC] += CERTIFICATE_CHAIN_PATH to config
Posted by AsterixDB Code Review <do...@asterix-gerrit.ics.uci.edu>.
From Michael Blow <mb...@apache.org>:
Michael Blow has uploaded this change for review. ( https://asterix-gerrit.ics.uci.edu/c/asterixdb/+/13083 )
Change subject: [NO ISSUE][ENC] += CERTIFICATE_CHAIN_PATH to config
......................................................................
[NO ISSUE][ENC] += CERTIFICATE_CHAIN_PATH to config
Change-Id: Ia153e88f2ffdf89630b313572794594eaa27c446
---
M hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/CCConfig.java
M hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/NCConfig.java
M hyracks-fullstack/hyracks/hyracks-ipc/src/main/java/org/apache/hyracks/ipc/security/NetworkSecurityManager.java
3 files changed, 24 insertions(+), 3 deletions(-)
git pull ssh://asterix-gerrit.ics.uci.edu:29418/asterixdb refs/changes/83/13083/1
diff --git a/hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/CCConfig.java b/hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/CCConfig.java
index d148145..57d0813 100644
--- a/hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/CCConfig.java
+++ b/hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/CCConfig.java
@@ -79,6 +79,7 @@
CONTROLLER_ID(SHORT, (short) 0x0000),
KEY_STORE_PATH(STRING),
TRUST_STORE_PATH(STRING),
+ CERTIFICATE_CHAIN_PATH(STRING),
KEY_STORE_PASSWORD(STRING),
CREDENTIAL_FILE(
OptionTypes.STRING,
@@ -202,6 +203,8 @@
return "A fully-qualified path to a key store file that will be used for secured connections";
case TRUST_STORE_PATH:
return "A fully-qualified path to a trust store file that will be used for secured connections";
+ case CERTIFICATE_CHAIN_PATH:
+ return "A fully-qualified path to a certificate chain file that will be used for secured connections";
case KEY_STORE_PASSWORD:
return "The password to the provided key store";
case CREDENTIAL_FILE:
@@ -473,10 +476,17 @@
}
public void setTrustStorePath(String trustStorePath) {
-
configManager.set(Option.TRUST_STORE_PATH, trustStorePath);
}
+ public String getCertificateChainPath() {
+ return getAppConfig().getString(Option.CERTIFICATE_CHAIN_PATH);
+ }
+
+ public void setCertificateChainPath(String certChainPath) {
+ configManager.set(Option.CERTIFICATE_CHAIN_PATH, certChainPath);
+ }
+
public String getCredentialFilePath() {
return getAppConfig().getString(Option.CREDENTIAL_FILE);
}
diff --git a/hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/NCConfig.java b/hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/NCConfig.java
index 01cb9bf..7d6a519 100644
--- a/hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/NCConfig.java
+++ b/hyracks-fullstack/hyracks/hyracks-control/hyracks-control-common/src/main/java/org/apache/hyracks/control/common/controllers/NCConfig.java
@@ -89,6 +89,7 @@
JVM_ARGS(STRING, (String) null),
TRACE_CATEGORIES(STRING_ARRAY, new String[0]),
KEY_STORE_PATH(STRING, (String) null),
+ CERTIFICATE_CHAIN_PATH(STRING, (String) null),
TRUST_STORE_PATH(STRING, (String) null),
KEY_STORE_PASSWORD(STRING, (String) null),
IO_WORKERS_PER_PARTITION(POSITIVE_INTEGER, 2),
@@ -230,6 +231,8 @@
return "A fully-qualified path to a key store file that will be used for secured connections";
case TRUST_STORE_PATH:
return "A fully-qualified path to a trust store file that will be used for secured connections";
+ case CERTIFICATE_CHAIN_PATH:
+ return "A fully-qualified path to a certificate chain file that will be used for secured connections";
case KEY_STORE_PASSWORD:
return "The password to the provided key store";
case IO_WORKERS_PER_PARTITION:
@@ -613,6 +616,14 @@
configManager.set(nodeId, Option.TRUST_STORE_PATH, keyStorePath);
}
+ public String getCertificateChainPath() {
+ return appConfig.getString(Option.CERTIFICATE_CHAIN_PATH);
+ }
+
+ public void setCertificateChainPath(String certChainPath) {
+ configManager.set(nodeId, Option.CERTIFICATE_CHAIN_PATH, certChainPath);
+ }
+
public int getIOParallelism() {
return appConfig.getInt(Option.IO_WORKERS_PER_PARTITION);
}
diff --git a/hyracks-fullstack/hyracks/hyracks-ipc/src/main/java/org/apache/hyracks/ipc/security/NetworkSecurityManager.java b/hyracks-fullstack/hyracks/hyracks-ipc/src/main/java/org/apache/hyracks/ipc/security/NetworkSecurityManager.java
index b7c0d0f..0432312 100644
--- a/hyracks-fullstack/hyracks/hyracks-ipc/src/main/java/org/apache/hyracks/ipc/security/NetworkSecurityManager.java
+++ b/hyracks-fullstack/hyracks/hyracks-ipc/src/main/java/org/apache/hyracks/ipc/security/NetworkSecurityManager.java
@@ -37,7 +37,7 @@
private volatile INetworkSecurityConfig config;
private final ISocketChannelFactory sslSocketFactory;
- public static final String TSL_VERSION = "TLSv1.2";
+ public static final String TLS_VERSION = "TLSv1.2";
public NetworkSecurityManager(INetworkSecurityConfig config) {
this.config = config;
@@ -89,7 +89,7 @@
keyManagerFactory.init(engineKeyStore, password);
final KeyStore trustStore = loadTrustStoreFromFile(password, config);
trustManagerFactory.init(trustStore);
- SSLContext ctx = SSLContext.getInstance(TSL_VERSION);
+ SSLContext ctx = SSLContext.getInstance(TLS_VERSION);
ctx.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
return ctx;
} catch (Exception ex) {
--
To view, visit https://asterix-gerrit.ics.uci.edu/c/asterixdb/+/13083
To unsubscribe, or for help writing mail filters, visit https://asterix-gerrit.ics.uci.edu/settings
Gerrit-Project: asterixdb
Gerrit-Branch: master
Gerrit-Change-Id: Ia153e88f2ffdf89630b313572794594eaa27c446
Gerrit-Change-Number: 13083
Gerrit-PatchSet: 1
Gerrit-Owner: Michael Blow <mb...@apache.org>
Gerrit-MessageType: newchange