You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by wa...@apache.org on 2014/11/17 23:00:49 UTC
hadoop git commit: HADOOP-11311. Restrict uppercase key names from
being created with JCEKS.
Repository: hadoop
Updated Branches:
refs/heads/trunk 351c5561c -> 48d62fad8
HADOOP-11311. Restrict uppercase key names from being created with JCEKS.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/48d62fad
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/48d62fad
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/48d62fad
Branch: refs/heads/trunk
Commit: 48d62fad80aaa13ee1a26fca14437722ed46da25
Parents: 351c556
Author: Andrew Wang <wa...@apache.org>
Authored: Mon Nov 17 13:59:46 2014 -0800
Committer: Andrew Wang <wa...@apache.org>
Committed: Mon Nov 17 13:59:46 2014 -0800
----------------------------------------------------------------------
hadoop-common-project/hadoop-common/CHANGES.txt | 3 +++
.../apache/hadoop/crypto/key/JavaKeyStoreProvider.java | 3 +++
.../apache/hadoop/crypto/key/TestKeyProviderFactory.java | 11 +++++++++++
3 files changed, 17 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hadoop/blob/48d62fad/hadoop-common-project/hadoop-common/CHANGES.txt
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt
index bc63c75..e4cc8e7 100644
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -444,6 +444,9 @@ Release 2.7.0 - UNRELEASED
HADOOP-11157. ZKDelegationTokenSecretManager never shuts down
listenerThreadPool. (Arun Suresh via atm)
+ HADOOP-11311. Restrict uppercase key names from being created with JCEKS.
+ (wang)
+
Release 2.6.0 - 2014-11-18
INCOMPATIBLE CHANGES
http://git-wip-us.apache.org/repos/asf/hadoop/blob/48d62fad/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/JavaKeyStoreProvider.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/JavaKeyStoreProvider.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/JavaKeyStoreProvider.java
index ac18e16..75981c4 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/JavaKeyStoreProvider.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/JavaKeyStoreProvider.java
@@ -18,6 +18,7 @@
package org.apache.hadoop.crypto.key;
+import com.google.common.base.Preconditions;
import org.apache.commons.io.IOUtils;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceAudience.Private;
@@ -423,6 +424,8 @@ public class JavaKeyStoreProvider extends KeyProvider {
@Override
public KeyVersion createKey(String name, byte[] material,
Options options) throws IOException {
+ Preconditions.checkArgument(name.equals(name.toLowerCase()),
+ "Uppercase key names are unsupported: %s", name);
writeLock.lock();
try {
try {
http://git-wip-us.apache.org/repos/asf/hadoop/blob/48d62fad/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyProviderFactory.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyProviderFactory.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyProviderFactory.java
index ec1fc59..998cd6f 100644
--- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyProviderFactory.java
+++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyProviderFactory.java
@@ -33,6 +33,7 @@ import org.apache.hadoop.io.Text;
import org.apache.hadoop.security.Credentials;
import org.apache.hadoop.security.ProviderUtils;
import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.hadoop.test.GenericTestUtils;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
@@ -328,6 +329,16 @@ public class TestKeyProviderFactory {
// check permission retention after explicit change
fs.setPermission(path, new FsPermission("777"));
checkPermissionRetention(conf, ourUrl, path);
+
+ // Check that an uppercase keyname results in an error
+ provider = KeyProviderFactory.getProviders(conf).get(0);
+ try {
+ provider.createKey("UPPERCASE", KeyProvider.options(conf));
+ Assert.fail("Expected failure on creating key name with uppercase " +
+ "characters");
+ } catch (IllegalArgumentException e) {
+ GenericTestUtils.assertExceptionContains("Uppercase key names", e);
+ }
}
private void verifyAfterReload(File file, KeyProvider provider)