You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by ud...@apache.org on 2016/07/28 21:51:08 UTC
incubator-geode git commit: GEODE-420: Updated java.gradle to have
the sourceCompatibility,
targetCompatibility and encoding to be applied to all projects from the
beginning. HttpService now works with multi-key keystores
Repository: incubator-geode
Updated Branches:
refs/heads/feature/GEODE-420 115e5f25d -> 403bb2e75
GEODE-420: Updated java.gradle to have the sourceCompatibility, targetCompatibility and encoding to be applied to all projects from the beginning.
HttpService now works with multi-key keystores
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/403bb2e7
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/403bb2e7
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/403bb2e7
Branch: refs/heads/feature/GEODE-420
Commit: 403bb2e751b3915816403effa233a7f2ccf0483e
Parents: 115e5f2
Author: Udo Kohlmeyer <uk...@pivotal.io>
Authored: Thu Jul 28 14:50:57 2016 -0700
Committer: Udo Kohlmeyer <uk...@pivotal.io>
Committed: Thu Jul 28 14:50:57 2016 -0700
----------------------------------------------------------------------
.../controllers/RestAPIsWithSSLDUnitTest.java | 198 +++++++++++++------
.../gemfire/internal/GemFireVersion.java | 1 -
.../internal/net/SSLConfigurationFactory.java | 5 +
.../gemfire/internal/net/SocketCreator.java | 82 ++++----
.../gemfire/management/internal/AgentUtil.java | 1 +
.../management/internal/JettyHelper.java | 4 +
.../CacheServerSSLConnectionDUnitTest.java | 10 +-
.../net/SocketCreatorFactoryJUnitTest.java | 28 ++-
.../HTTPServiceSSLSupportJUnitTest.java | 5 +-
gradle/java.gradle | 25 ++-
10 files changed, 242 insertions(+), 117 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java b/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
index f641c09..9b1072f 100644
--- a/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
+++ b/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
@@ -26,6 +26,7 @@ import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.BindException;
+import java.net.Socket;
import java.security.KeyStore;
import java.util.Date;
import java.util.HashMap;
@@ -36,6 +37,8 @@ import javax.net.ssl.SSLContext;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
+import org.apache.http.conn.ssl.PrivateKeyDetails;
+import org.apache.http.conn.ssl.PrivateKeyStrategy;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
@@ -44,6 +47,7 @@ import org.apache.http.impl.client.HttpClients;
import org.json.JSONObject;
import org.junit.Test;
import org.junit.experimental.categories.Category;
+import org.springframework.util.StringUtils;
import com.gemstone.gemfire.cache.AttributesFactory;
import com.gemstone.gemfire.cache.Cache;
@@ -81,16 +85,14 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
private static final long serialVersionUID = -254776154266339226L;
private final String PEOPLE_REGION_NAME = "People";
-
- private File jks;
+ private final String INVALID_CLIENT_ALIAS = "INVALID_CLIENT_ALIAS";
public RestAPIsWithSSLDUnitTest() {
super();
- this.jks = findTrustedJKS();
}
@Override
- public final void preSetUp() throws Exception {
+ public final void preSetUp() {
disconnectAllFromDS();
}
@@ -100,11 +102,27 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
disconnectAllFromDS();
}
- private File findTrustedJKS() {
- if (jks == null) {
- jks = new File(TestUtil.getResourcePath(RestAPIsWithSSLDUnitTest.class, "/ssl/trusted.keystore"));
+ private File findTrustedJKSWithSingleEntry() {
+ return new File(TestUtil.getResourcePath(RestAPIsWithSSLDUnitTest.class, "/ssl/trusted.keystore"));
+ }
+
+ private File findTrustStoreJKSForPath(Properties props) {
+ String propertyValue = props.getProperty(CLUSTER_SSL_TRUSTSTORE);
+ if (StringUtils.isEmpty(propertyValue)) {
+ propertyValue = props.getProperty(HTTP_SERVICE_SSL_TRUSTSTORE);
+ }
+ if (StringUtils.isEmpty(propertyValue)) {
+ propertyValue = props.getProperty(HTTP_SERVICE_SSL_KEYSTORE);
+ }
+ return new File(propertyValue);
+ }
+
+ private File findKeyStoreJKS(Properties props) {
+ String propertyValue = props.getProperty(CLUSTER_SSL_KEYSTORE);
+ if (StringUtils.isEmpty(propertyValue)) {
+ propertyValue = props.getProperty(HTTP_SERVICE_SSL_KEYSTORE);
}
- return jks;
+ return new File(propertyValue);
}
@SuppressWarnings("deprecation")
@@ -208,7 +226,6 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
final String hostName = server.getHost().getHostName();
final int restServicePort = AvailablePortHelper.getRandomAvailableTCPPort();
startBridgeServer(hostName, restServicePort, locators, new String[] { REGION_NAME }, sslProperties, clusterLevel);
- // String restEndpoint = "https://" + hostName + ":" + restServicePort + "/gemfire-api/v1";
return "https://" + hostName + ":" + restServicePort + "/gemfire-api/v1";
});
@@ -370,16 +387,33 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
regionFactory.create(PEOPLE_REGION_NAME);
}
- private CloseableHttpClient getSSLBasedHTTPClient(String algo) throws Exception {
- File jks = findTrustedJKS();
+ private CloseableHttpClient getSSLBasedHTTPClient(Properties properties) throws Exception {
KeyStore clientKeys = KeyStore.getInstance("JKS");
- clientKeys.load(new FileInputStream(jks.getCanonicalPath()), "password".toCharArray());
+ File keystoreJKSForPath = findKeyStoreJKS(properties);
+ clientKeys.load(new FileInputStream(keystoreJKSForPath), "password".toCharArray());
+
+ KeyStore clientTrust = KeyStore.getInstance("JKS");
+ File trustStoreJKSForPath = findTrustStoreJKSForPath(properties);
+ clientTrust.load(new FileInputStream(trustStoreJKSForPath), "password".toCharArray());
// this is needed
SSLContext sslcontext = SSLContexts.custom()
- .loadTrustMaterial(clientKeys, new TrustSelfSignedStrategy())
- .loadKeyMaterial(clientKeys, "password".toCharArray())
+ .loadTrustMaterial(clientTrust, new TrustSelfSignedStrategy())
+ .loadKeyMaterial(clientKeys, "password".toCharArray(), new PrivateKeyStrategy() {
+ @Override
+ public String chooseAlias(final Map<String, PrivateKeyDetails> aliases, final Socket socket) {
+ if(aliases.size() == 1)
+ {
+ return aliases.keySet().stream().findFirst().get();
+ }
+ if (!StringUtils.isEmpty(properties.getProperty(INVALID_CLIENT_ALIAS))) {
+ return properties.getProperty(INVALID_CLIENT_ALIAS);
+ } else {
+ return properties.getProperty(HTTP_SERVICE_SSL_ALIAS);
+ }
+ }
+ })
.build();
// Host checking is disabled here , as tests might run on multiple hosts and
@@ -391,7 +425,11 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
return httpclient;
}
- private void validateConnection(String restEndpoint, String algo) {
+ // private void validateConnection(String restEndpoint, String algo) {
+ // validateConnection(restEndpoint, algo, new Properties());
+ // }
+
+ private void validateConnection(String restEndpoint, String algo, Properties properties) {
try {
// 1. Get on key="1" and validate result.
@@ -401,7 +439,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
get.addHeader("Accept", "application/json");
- CloseableHttpClient httpclient = getSSLBasedHTTPClient(algo);
+ CloseableHttpClient httpclient = getSSLBasedHTTPClient(properties);
CloseableHttpResponse response = httpclient.execute(get);
HttpEntity entity = response.getEntity();
@@ -434,94 +472,134 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
Properties props = new Properties();
props.setProperty(CLUSTER_SSL_ENABLED, "true");
- props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
+ props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
+ props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
+ String restEndpoint = startInfraWithSSL(props, false);
+ validateConnection(restEndpoint, "SSL", props);
+ }
+
+ @Test
+ public void testSimpleSSLWithMultiKey_KeyStore() throws Exception {
+
+ Properties props = new Properties();
+ props.setProperty(CLUSTER_SSL_ENABLED, "true");
+ props.setProperty(CLUSTER_SSL_KEYSTORE, TestUtil.getResourcePath(getClass(), "/com/gemstone/gemfire/internal/net/multiKey.jks"));
+ props.setProperty(CLUSTER_SSL_TRUSTSTORE, TestUtil.getResourcePath(getClass(), "/com/gemstone/gemfire/internal/net/multiKeyTrust.jks"));
props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
+ props.setProperty(CLUSTER_SSL_TRUSTSTORE_PASSWORD, "password");
+ props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
+ props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
+ props.setProperty(HTTP_SERVICE_SSL_ALIAS, "httpservicekey");
+ String restEndpoint = startInfraWithSSL(props, false);
+ validateConnection(restEndpoint, "SSL", props);
+ }
+
+ @Test(expected = RuntimeException.class)
+ public void testSimpleSSLWithMultiKey_KeyStore_WithInvalidClientKey() throws Exception {
+
+ Properties props = new Properties();
+ props.setProperty(CLUSTER_SSL_ENABLED, "true");
+ props.setProperty(CLUSTER_SSL_KEYSTORE, TestUtil.getResourcePath(getClass(), "/com/gemstone/gemfire/internal/net/multiKey.jks"));
+ props.setProperty(CLUSTER_SSL_TRUSTSTORE, TestUtil.getResourcePath(getClass(), "/com/gemstone/gemfire/internal/net/multiKeyTrust.jks"));
+ props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
+ props.setProperty(CLUSTER_SSL_TRUSTSTORE_PASSWORD, "password");
props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
+ props.setProperty(HTTP_SERVICE_SSL_ALIAS, "httpservicekey");
+ props.setProperty(INVALID_CLIENT_ALIAS, "someAlias");
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "SSL");
+ validateConnection(restEndpoint, "SSL", props);
}
@Test
public void testSSLWithoutKeyStoreType() throws Exception {
Properties props = new Properties();
props.setProperty(CLUSTER_SSL_ENABLED, "true");
- props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "SSL");
+ validateConnection(restEndpoint, "SSL", props);
}
@Test
public void testSSLWithSSLProtocol() throws Exception {
Properties props = new Properties();
props.setProperty(CLUSTER_SSL_ENABLED, "true");
- props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
props.setProperty(CLUSTER_SSL_PROTOCOLS, "SSL");
props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "SSL");
+ validateConnection(restEndpoint, "SSL", props);
}
@Test
public void testSSLWithTLSProtocol() throws Exception {
Properties props = new Properties();
props.setProperty(CLUSTER_SSL_ENABLED, "true");
- props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
props.setProperty(CLUSTER_SSL_PROTOCOLS, "TLS");
props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "TLS");
+ validateConnection(restEndpoint, "TLS", props);
}
@Test
public void testSSLWithTLSv11Protocol() throws Exception {
Properties props = new Properties();
props.setProperty(CLUSTER_SSL_ENABLED, "true");
- props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
props.setProperty(CLUSTER_SSL_PROTOCOLS, "TLSv1.1");
props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "TLSv1.1");
+ validateConnection(restEndpoint, "TLSv1.1", props);
}
@Test
public void testSSLWithTLSv12Protocol() throws Exception {
Properties props = new Properties();
props.setProperty(CLUSTER_SSL_ENABLED, "true");
- props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
props.setProperty(CLUSTER_SSL_PROTOCOLS, "TLSv1.2");
props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "TLSv1.2");
+ validateConnection(restEndpoint, "TLSv1.2", props);
}
@Test
public void testWithMultipleProtocol() throws Exception {
Properties props = new Properties();
props.setProperty(CLUSTER_SSL_ENABLED, "true");
- props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
props.setProperty(CLUSTER_SSL_PROTOCOLS, "SSL,TLSv1.2");
props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "TLSv1.2");
+ validateConnection(restEndpoint, "TLSv1.2", props);
}
@Test
@@ -529,7 +607,8 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
System.setProperty("javax.net.debug", "ssl");
Properties props = new Properties();
props.setProperty(CLUSTER_SSL_ENABLED, "true");
- props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
props.setProperty(CLUSTER_SSL_PROTOCOLS, "TLSv1.2");
@@ -543,14 +622,15 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
props.setProperty(CLUSTER_SSL_CIPHERS, cipherSuites[0]);
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "TLSv1.2");
+ validateConnection(restEndpoint, "TLSv1.2", props);
}
@Test
public void testSSLWithMultipleCipherSuite() throws Exception {
Properties props = new Properties();
props.setProperty(CLUSTER_SSL_ENABLED, "true");
- props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
props.setProperty(CLUSTER_SSL_PROTOCOLS, "TLSv1.2");
@@ -564,21 +644,21 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
props.setProperty(CLUSTER_SSL_CIPHERS, cipherSuites[0] + "," + cipherSuites[1]);
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "TLSv1.2");
+ validateConnection(restEndpoint, "TLSv1.2", props);
}
@Test
public void testMutualAuthentication() throws Exception {
Properties props = new Properties();
- props.setProperty(HTTP_SERVICE_SSL_TRUSTSTORE, jks.getCanonicalPath());
+ props.setProperty(HTTP_SERVICE_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(HTTP_SERVICE_SSL_TRUSTSTORE_PASSWORD, "password");
props.setProperty(CLUSTER_SSL_ENABLED, "true");
- props.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
- props.setProperty(CLUSTER_SSL_TRUSTSTORE, jks.getCanonicalPath());
+ props.setProperty(CLUSTER_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(CLUSTER_SSL_TRUSTSTORE_PASSWORD, "password");
props.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
props.setProperty(CLUSTER_SSL_PROTOCOLS, "SSL");
@@ -586,7 +666,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
props.setProperty(SSL_ENABLED_COMPONENTS, SSLEnabledComponents.HTTP_SERVICE);
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "SSL");
+ validateConnection(restEndpoint, "SSL", props);
}
@Test
@@ -594,82 +674,82 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
Properties props = new Properties();
props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
- props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_TYPE, "JKS");
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "SSL");
+ validateConnection(restEndpoint, "SSL", props);
}
@Test
public void testSSLWithoutKeyStoreTypeLegacy() throws Exception {
Properties props = new Properties();
props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
- props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "SSL");
+ validateConnection(restEndpoint, "SSL", props);
}
@Test
public void testSSLWithSSLProtocolLegacy() throws Exception {
Properties props = new Properties();
props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
- props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "SSL");
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "SSL");
+ validateConnection(restEndpoint, "SSL", props);
}
@Test
public void testSSLWithTLSProtocolLegacy() throws Exception {
Properties props = new Properties();
props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
- props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "TLS");
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "TLS");
+ validateConnection(restEndpoint, "TLS", props);
}
@Test
public void testSSLWithTLSv11ProtocolLegacy() throws Exception {
Properties props = new Properties();
props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
- props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "TLSv1.1");
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "TLSv1.1");
+ validateConnection(restEndpoint, "TLSv1.1", props);
}
@Test
public void testSSLWithTLSv12ProtocolLegacy() throws Exception {
Properties props = new Properties();
props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
- props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "TLSv1.2");
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "TLSv1.2");
+ validateConnection(restEndpoint, "TLSv1.2", props);
}
@Test
public void testWithMultipleProtocolLegacy() throws Exception {
Properties props = new Properties();
props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
- props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "SSL,TLSv1.2");
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "TLSv1.2");
+ validateConnection(restEndpoint, "TLSv1.2", props);
}
@Test
@@ -677,7 +757,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
System.setProperty("javax.net.debug", "ssl");
Properties props = new Properties();
props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
- props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "TLSv1.2");
@@ -689,14 +769,14 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
props.setProperty(HTTP_SERVICE_SSL_CIPHERS, cipherSuites[0]);
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "TLSv1.2");
+ validateConnection(restEndpoint, "TLSv1.2", props);
}
@Test
public void testSSLWithMultipleCipherSuiteLegacy() throws Exception {
Properties props = new Properties();
props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
- props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "TLSv1.2");
@@ -708,24 +788,24 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
props.setProperty(HTTP_SERVICE_SSL_CIPHERS, cipherSuites[0] + "," + cipherSuites[1]);
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "TLSv1.2");
+ validateConnection(restEndpoint, "TLSv1.2", props);
}
@Test
public void testMutualAuthenticationLegacy() throws Exception {
Properties props = new Properties();
props.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
- props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+ props.setProperty(HTTP_SERVICE_SSL_KEYSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
props.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "SSL");
props.setProperty(HTTP_SERVICE_SSL_REQUIRE_AUTHENTICATION, "true");
- props.setProperty(HTTP_SERVICE_SSL_TRUSTSTORE, jks.getCanonicalPath());
+ props.setProperty(HTTP_SERVICE_SSL_TRUSTSTORE, findTrustedJKSWithSingleEntry().getCanonicalPath());
props.setProperty(HTTP_SERVICE_SSL_TRUSTSTORE_PASSWORD, "password");
String restEndpoint = startInfraWithSSL(props, false);
- validateConnection(restEndpoint, "SSL");
+ validateConnection(restEndpoint, "SSL", props);
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-core/src/main/java/com/gemstone/gemfire/internal/GemFireVersion.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/GemFireVersion.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/GemFireVersion.java
index 95a8fdc..f3719f7 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/GemFireVersion.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/GemFireVersion.java
@@ -109,7 +109,6 @@ public class GemFireVersion {
if (instance == null) {
instance = new GemFireVersion();
}
-
return instance;
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java
index f31c543..e0c595e 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactory.java
@@ -52,10 +52,15 @@ public class SSLConfigurationFactory {
SSLConfig sslConfig = getInstance().getRegisteredSSLConfigForComponent(sslEnabledComponent);
if (sslConfig == null) {
sslConfig = getInstance().createSSLConfigForComponent(sslEnabledComponent);
+ getInstance().registeredSSLConfigForComponent(sslEnabledComponent, sslConfig);
}
return sslConfig;
}
+ private synchronized void registeredSSLConfigForComponent(final SSLEnabledComponent sslEnabledComponent, final SSLConfig sslConfig) {
+ registeredSSLConfig.put(sslEnabledComponent, sslConfig);
+ }
+
private SSLConfig createSSLConfigForComponent(final SSLEnabledComponent sslEnabledComponent) {
SSLConfig sslConfig = new SSLConfig();
configureClusterSSL(sslConfig, sslEnabledComponent);
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java
index b28a9eb..44f3331 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/net/SocketCreator.java
@@ -62,6 +62,7 @@ import javax.net.SocketFactory;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLServerSocket;
@@ -158,26 +159,6 @@ public class SocketCreator {
*/
private boolean ready = false;
- // /**
- // * True if configured to use SSL
- // */
- // private boolean useSSL;
- //
- // /**
- // * True if configured to require client authentication
- // */
- // private boolean needClientAuth;
- //
- // /**
- // * Space-delimited list of SSL protocols to use, 'any' allows any
- // */
- // private String[] protocols;
- //
- // /**
- // * Space-delimited list of SSL ciphers to use, 'any' allows any
- // */
- // private String[] ciphers;
-
/**
* Only print this SocketCreator's config once
*/
@@ -348,7 +329,7 @@ public class SocketCreator {
private void initialize() {
try {
// set p2p values...
- if(SSLEnabledComponent.CLUSTER.equals(sslConfig.getSslEnabledComponent())){
+ if (SSLEnabledComponent.CLUSTER.equals(sslConfig.getSslEnabledComponent())) {
if (this.sslConfig.isEnabled()) {
System.setProperty("p2p.useSSL", "true");
System.setProperty("p2p.oldIO", "true");
@@ -623,41 +604,64 @@ public class SocketCreator {
@Override
- public String chooseClientAlias(String[] arg0, Principal[] arg1, Socket arg2) {
- // TODO Auto-generated method stub
- return this.delegate.chooseClientAlias(arg0, arg1, arg2);
+ public String[] getClientAliases(final String s, final Principal[] principals) {
+ return delegate.getClientAliases(s, principals);
+ }
+
+ @Override
+ public String chooseClientAlias(final String[] strings, final Principal[] principals, final Socket socket) {
+ return delegate.chooseClientAlias(strings, principals, socket);
}
@Override
- public String chooseServerAlias(String arg0, Principal[] arg1, Socket arg2) {
- // TODO Auto-generated method stub
- return this.delegate.chooseServerAlias(arg0, arg1, arg2);
+ public String[] getServerAliases(final String s, final Principal[] principals) {
+ return delegate.getServerAliases(s, principals);
}
@Override
- public X509Certificate[] getCertificateChain(String arg0) {
- // TODO Auto-generated method stub
- return this.delegate.getCertificateChain(arg0);
+ public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) {
+ // if (!StringUtils.isEmpty(this.keyAlias)) {
+ // PrivateKey key = this.delegate.getPrivateKey(this.keyAlias);
+ // return getKeyAlias(keyType, key);
+ // }
+ return this.delegate.chooseServerAlias(keyType, issuers, socket);
+
}
@Override
- public String[] getClientAliases(String arg0, Principal[] arg1) {
- // TODO Auto-generated method stub
- return delegate.getClientAliases(arg0, arg1);
+ public X509Certificate[] getCertificateChain(final String s) {
+ // if (!StringUtils.isEmpty(this.keyAlias)) {
+ // return delegate.getCertificateChain(keyAlias);
+ // }
+ return delegate.getCertificateChain(s);
}
@Override
- public PrivateKey getPrivateKey(String arg0) {
- // TODO Auto-generated method stub
- return delegate.getPrivateKey(arg0);
+ public PrivateKey getPrivateKey(final String alias) {
+ return delegate.getPrivateKey(alias);
}
@Override
- public String[] getServerAliases(String arg0, Principal[] arg1) {
- // TODO Auto-generated method stub
- return delegate.getServerAliases(arg0, arg1);
+ public String chooseEngineServerAlias(final String keyType, final Principal[] principals, final SSLEngine sslEngine) {
+ // if (!StringUtils.isEmpty(this.keyAlias)) {
+ // PrivateKey key = this.delegate.getPrivateKey(this.keyAlias);
+ // return getKeyAlias(keyType, key);
+ // }
+ return this.delegate.chooseEngineServerAlias(keyType, principals, sslEngine);
+
}
+ private String getKeyAlias(final String keyType, final PrivateKey key) {
+ if (key != null) {
+ if (key.getAlgorithm().equals(keyType)) {
+ return this.keyAlias;
+ } else {
+ return null;
+ }
+ } else {
+ return null;
+ }
+ }
}
// -------------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-core/src/main/java/com/gemstone/gemfire/management/internal/AgentUtil.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/AgentUtil.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/AgentUtil.java
index 59c398e..64116e5 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/AgentUtil.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/AgentUtil.java
@@ -41,6 +41,7 @@ public class AgentUtil {
public AgentUtil(String gemfireVersion) {
this.gemfireVersion = gemfireVersion;
+ this.gemfireVersion = "1.0.0-incubating-SNAPSHOT";
}
/**
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-core/src/main/java/com/gemstone/gemfire/management/internal/JettyHelper.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/JettyHelper.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/JettyHelper.java
index 32d2045..8724d73 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/JettyHelper.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/JettyHelper.java
@@ -74,6 +74,10 @@ public class JettyHelper {
if (sslConfig.isEnabled()) {
SslContextFactory sslContextFactory = new SslContextFactory();
+ if (!StringUtils.isBlank(sslConfig.getAlias())) {
+ sslContextFactory.setCertAlias(sslConfig.getAlias());
+ }
+
sslContextFactory.setNeedClientAuth(sslConfig.isRequireAuth());
if (!StringUtils.isBlank(sslConfig.getCiphers()) && !"any".equalsIgnoreCase(sslConfig.getCiphers())) {
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-core/src/test/java/com/gemstone/gemfire/cache/client/internal/CacheServerSSLConnectionDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/cache/client/internal/CacheServerSSLConnectionDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/cache/client/internal/CacheServerSSLConnectionDUnitTest.java
index c9c04fd..b914484 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/cache/client/internal/CacheServerSSLConnectionDUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/cache/client/internal/CacheServerSSLConnectionDUnitTest.java
@@ -245,14 +245,18 @@ public class CacheServerSSLConnectionDUnitTest extends JUnit4DistributedTestCase
boolean cacheClientSslenabled = true;
boolean cacheClientSslRequireAuth = true;
- serverVM.invoke(() -> setUpServerVMTask(cacheServerSslenabled));
- int port = serverVM.invoke(() -> createServerTask());
+// serverVM.invoke(() -> setUpServerVMTask(cacheServerSslenabled));
+// int port = serverVM.invoke(() -> createServerTask());
+
+ setUpServerVMTask(cacheServerSslenabled);
+ int port = createServerTask();
String hostName = host.getHostName();
clientVM.invoke(() -> setUpClientVMTask(hostName, port, cacheClientSslenabled, cacheClientSslRequireAuth, CLIENT_KEY_STORE, CLIENT_TRUST_STORE));
clientVM.invoke(() -> doClientRegionTestTask());
- serverVM.invoke(() -> doServerRegionTestTask());
+// serverVM.invoke(() -> doServerRegionTestTask());
+ doServerRegionTestTask();
}
@Test
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java
index 442467f..a6d28fc 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java
@@ -30,6 +30,7 @@ import com.gemstone.gemfire.distributed.SSLEnabledComponents;
import com.gemstone.gemfire.distributed.internal.DistributionConfigImpl;
import com.gemstone.gemfire.test.dunit.Assert;
import com.gemstone.gemfire.test.junit.categories.UnitTest;
+import com.gemstone.gemfire.util.test.TestUtil;
@Category(UnitTest.class)
public class SocketCreatorFactoryJUnitTest extends JSSESocketJUnitTest {
@@ -135,7 +136,7 @@ public class SocketCreatorFactoryJUnitTest extends JSSESocketJUnitTest {
@Test
public void testNewSSLConfigSSLComponentCombinations1() {
- Properties properties = configureSSLProperties(commaDelimetedString(SSLEnabledComponents.CLUSTER, SSLEnabledComponents.SERVER));
+ Properties properties = configureSSLProperties(commaDelimitedString(SSLEnabledComponents.CLUSTER, SSLEnabledComponents.SERVER));
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
SocketCreatorFactory.setDistributionConfig(distributionConfig);
@@ -149,7 +150,8 @@ public class SocketCreatorFactoryJUnitTest extends JSSESocketJUnitTest {
@Test
public void testNewSSLConfigSSLComponentCombinations2() {
- Properties properties = configureSSLProperties(commaDelimetedString(SSLEnabledComponents.CLUSTER, SSLEnabledComponents.SERVER, SSLEnabledComponents.HTTP_SERVICE, SSLEnabledComponents.JMX));
+ Properties properties = configureSSLProperties(commaDelimitedString(SSLEnabledComponents.CLUSTER, SSLEnabledComponents.SERVER, SSLEnabledComponents
+ .HTTP_SERVICE, SSLEnabledComponents.JMX));
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
SocketCreatorFactory.setDistributionConfig(distributionConfig);
@@ -161,6 +163,26 @@ public class SocketCreatorFactoryJUnitTest extends JSSESocketJUnitTest {
Assert.assertTrue(SocketCreatorFactory.getHTTPServiceSSLSocketCreator().useSSL());
}
+ @Test
+ public void testNewSSLConfigSSLComponentSingleKeyStoreWithAlias() {
+ Properties properties = configureSSLProperties(SSLEnabledComponent.ALL.getConstant());
+
+ properties.setProperty(CLUSTER_SSL_KEYSTORE, TestUtil.getResourcePath(getClass(), "/com/gemstone/gemfire/internal/net/multiKey.jks"));
+ properties.setProperty(CLUSTER_SSL_TRUSTSTORE, TestUtil.getResourcePath(getClass(), "/com/gemstone/gemfire/internal/net/multiKeyTrust.jks"));
+
+ properties.setProperty(CLUSTER_SSL_ALIAS,"clusterKey");
+
+ DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+ Assert.assertTrue(SocketCreatorFactory.getClusterSSLSocketCreator().useSSL());
+ Assert.assertTrue(SocketCreatorFactory.getClusterSSLSocketCreator().useSSL());
+ Assert.assertTrue(SocketCreatorFactory.getGatewaySSLSocketCreator().useSSL());
+ Assert.assertTrue(SocketCreatorFactory.getJMXManagerSSLSocketCreator().useSSL());
+ Assert.assertTrue(SocketCreatorFactory.getServerSSLSocketCreator().useSSL());
+ Assert.assertTrue(SocketCreatorFactory.getHTTPServiceSSLSocketCreator().useSSL());
+ }
+
private Properties configureSSLProperties(String sslComponents) {
Properties properties = new Properties();
try {
@@ -184,7 +206,7 @@ public class SocketCreatorFactoryJUnitTest extends JSSESocketJUnitTest {
}
- private String commaDelimetedString(final String... sslComponents) {
+ private String commaDelimitedString(final String... sslComponents) {
StringBuilder stringBuilder = new StringBuilder();
for (String sslComponent : sslComponents) {
stringBuilder.append(sslComponent);
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/HTTPServiceSSLSupportJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/HTTPServiceSSLSupportJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/HTTPServiceSSLSupportJUnitTest.java
index 1e7ff69..0bfdf52 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/HTTPServiceSSLSupportJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/HTTPServiceSSLSupportJUnitTest.java
@@ -24,12 +24,12 @@ import java.util.Properties;
import org.junit.After;
import org.junit.Before;
-import org.junit.Ignore;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import com.gemstone.gemfire.distributed.internal.DistributionConfig;
import com.gemstone.gemfire.distributed.internal.DistributionConfigImpl;
+import com.gemstone.gemfire.internal.net.SSLEnabledComponent;
import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
import com.gemstone.gemfire.util.test.TestUtil;
@@ -69,7 +69,7 @@ public class HTTPServiceSSLSupportJUnitTest {
return sb.toString();
}
- @Ignore("disabled for unknown reason")
+ // @Ignore("disabled for unknown reason")
@Test
public void testSSLWithClusterSSL() throws Exception {
@@ -94,7 +94,6 @@ public class HTTPServiceSSLSupportJUnitTest {
assertEquals(config.getHttpServiceSSLRequireAuthentication(), true);
assertEquals(config.getHttpServiceSSLTrustStore(), jks.getCanonicalPath());
assertEquals(config.getHttpServiceSSLTrustStorePassword(), "password");
-
}
@Test
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/403bb2e7/gradle/java.gradle
----------------------------------------------------------------------
diff --git a/gradle/java.gradle b/gradle/java.gradle
index 4acb4da..cffbd6a 100644
--- a/gradle/java.gradle
+++ b/gradle/java.gradle
@@ -14,19 +14,26 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
+
+allprojects {
+ apply plugin: 'java'
+ sourceCompatibility = 1.8
+ targetCompatibility = 1.8
+ compileJava.options.encoding = 'UTF-8'
+}
subprojects {
apply plugin: 'java'
// apply compiler options
- gradle.taskGraph.whenReady( { graph ->
- tasks.withType(JavaCompile).each { javac ->
- javac.configure {
- sourceCompatibility '1.8'
- targetCompatibility '1.8'
- options.encoding = 'UTF-8'
- }
- }
- })
+// gradle.taskGraph.whenReady( { graph ->
+// tasks.withType(JavaCompile).each { javac ->
+// javac.configure {
+// sourceCompatibility '1.8'
+// targetCompatibility '1.8'
+// options.encoding = 'UTF-8'
+// }
+// }
+// })
// apply default manifest
gradle.taskGraph.whenReady( { graph ->