You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by ja...@apache.org on 2017/12/01 13:31:58 UTC
cassandra-dtest git commit: Fix error in pre-4.0 internode ssl tests
due to CASSANDRA-10404
Repository: cassandra-dtest
Updated Branches:
refs/heads/master c0f4dfdfc -> 9da3a2594
Fix error in pre-4.0 internode ssl tests due to CASSANDRA-10404
patch by jasobrown; reviewed by mkjellman for CASSANDRA-14075
Project: http://git-wip-us.apache.org/repos/asf/cassandra-dtest/repo
Commit: http://git-wip-us.apache.org/repos/asf/cassandra-dtest/commit/9da3a259
Tree: http://git-wip-us.apache.org/repos/asf/cassandra-dtest/tree/9da3a259
Diff: http://git-wip-us.apache.org/repos/asf/cassandra-dtest/diff/9da3a259
Branch: refs/heads/master
Commit: 9da3a2594bf75cbfd4852ee9b4b3e44c28ff618f
Parents: c0f4dfd
Author: Jason Brown <ja...@gmail.com>
Authored: Wed Nov 29 05:21:31 2017 -0800
Committer: Jason Brown <ja...@gmail.com>
Committed: Fri Dec 1 05:31:16 2017 -0800
----------------------------------------------------------------------
sslnodetonode_test.py | 18 +++++++++++++-----
tools/sslkeygen.py | 2 +-
2 files changed, 14 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cassandra-dtest/blob/9da3a259/sslnodetonode_test.py
----------------------------------------------------------------------
diff --git a/sslnodetonode_test.py b/sslnodetonode_test.py
index d498b0f..a82f411 100644
--- a/sslnodetonode_test.py
+++ b/sslnodetonode_test.py
@@ -116,8 +116,12 @@ class TestNodeToNodeSSLEncryption(Tester):
self.cluster.stop()
self.assertTrue(found)
+ @since('4.0')
def optional_outbound_tls_test(self):
- """listen on TLS port, but optionally connect using TLS. this supports the upgrade case of starting with a non-encrypted cluster and then upgrading each node to use encryption."""
+ """listen on TLS port, but optionally connect using TLS. this supports the upgrade case of starting with a non-encrypted cluster and then upgrading each node to use encryption.
+
+ @jira_ticket CASSANDRA-10404
+ """
credNode1 = sslkeygen.generate_credentials("127.0.0.1")
credNode2 = sslkeygen.generate_credentials("127.0.0.2", credNode1.cakeystore, credNode1.cacert)
@@ -175,10 +179,7 @@ class TestNodeToNodeSSLEncryption(Tester):
shutil.copyfile(credentials.keystore, kspath)
shutil.copyfile(credentials.cakeystore, tspath)
- node.set_configuration_options(values={
- 'server_encryption_options': {
- 'enabled': encryption_enabled,
- 'optional': encryption_optional,
+ server_enc_options = {
'internode_encryption': internode_encryption,
'keystore': kspath,
'keystore_password': 'cassandra',
@@ -187,5 +188,12 @@ class TestNodeToNodeSSLEncryption(Tester):
'require_endpoint_verification': endpoint_verification,
'require_client_auth': client_auth,
}
+
+ if self.cluster.version() >= '4.0':
+ server_enc_options['enabled'] = encryption_enabled
+ server_enc_options['optional'] = encryption_optional
+
+ node.set_configuration_options(values={
+ 'server_encryption_options': server_enc_options
})
http://git-wip-us.apache.org/repos/asf/cassandra-dtest/blob/9da3a259/tools/sslkeygen.py
----------------------------------------------------------------------
diff --git a/tools/sslkeygen.py b/tools/sslkeygen.py
index ed90a83..cccad7e 100644
--- a/tools/sslkeygen.py
+++ b/tools/sslkeygen.py
@@ -71,7 +71,7 @@ def import_cert(dir, name, cert, keystore, opts=[]):
def _exec_keytool(dir, keystore, opts):
- args = ['keytool', '-keystore', keystore, '-storepass', 'cassandra'] + opts
+ args = ['keytool', '-keystore', keystore, '-storepass', 'cassandra', '-deststoretype', 'pkcs12'] + opts
subprocess.check_call(args)
return keystore
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org