Google Git
Sign in
apache / hbase-site / 0082cda45f48d1755543336c908ec6d80d4ec0a9 / . / testapidocs / src-html / org / apache / hadoop / hbase / ipc / TestNettyTlsIPC.html
blob: 037a02468573f7efa4d5ea53bbdcabca6e7cd6dc [file] [log] [blame]
<!DOCTYPE HTML>
<html lang="en">
<head>
<!-- Generated by javadoc (17) -->
<title>Source code</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="source: package: org.apache.hadoop.hbase.ipc, class: TestNettyTlsIPC">
<meta name="generator" content="javadoc/SourceToHTMLConverter">
<link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style">
</head>
<body class="source-page">
<main role="main">
<div class="source-container">
<pre><span class="source-line-no">001</span><span id="line-1">/*</span>
<span class="source-line-no">002</span><span id="line-2"> * Licensed to the Apache Software Foundation (ASF) under one</span>
<span class="source-line-no">003</span><span id="line-3"> * or more contributor license agreements. See the NOTICE file</span>
<span class="source-line-no">004</span><span id="line-4"> * distributed with this work for additional information</span>
<span class="source-line-no">005</span><span id="line-5"> * regarding copyright ownership. The ASF licenses this file</span>
<span class="source-line-no">006</span><span id="line-6"> * to you under the Apache License, Version 2.0 (the</span>
<span class="source-line-no">007</span><span id="line-7"> * "License"); you may not use this file except in compliance</span>
<span class="source-line-no">008</span><span id="line-8"> * with the License. You may obtain a copy of the License at</span>
<span class="source-line-no">009</span><span id="line-9"> *</span>
<span class="source-line-no">010</span><span id="line-10"> * http://www.apache.org/licenses/LICENSE-2.0</span>
<span class="source-line-no">011</span><span id="line-11"> *</span>
<span class="source-line-no">012</span><span id="line-12"> * Unless required by applicable law or agreed to in writing, software</span>
<span class="source-line-no">013</span><span id="line-13"> * distributed under the License is distributed on an "AS IS" BASIS,</span>
<span class="source-line-no">014</span><span id="line-14"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span>
<span class="source-line-no">015</span><span id="line-15"> * See the License for the specific language governing permissions and</span>
<span class="source-line-no">016</span><span id="line-16"> * limitations under the License.</span>
<span class="source-line-no">017</span><span id="line-17"> */</span>
<span class="source-line-no">018</span><span id="line-18">package org.apache.hadoop.hbase.ipc;</span>
<span class="source-line-no">019</span><span id="line-19"></span>
<span class="source-line-no">020</span><span id="line-20">import static org.mockito.Mockito.mock;</span>
<span class="source-line-no">021</span><span id="line-21">import static org.mockito.Mockito.when;</span>
<span class="source-line-no">022</span><span id="line-22"></span>
<span class="source-line-no">023</span><span id="line-23">import java.io.File;</span>
<span class="source-line-no">024</span><span id="line-24">import java.io.IOException;</span>
<span class="source-line-no">025</span><span id="line-25">import java.net.InetSocketAddress;</span>
<span class="source-line-no">026</span><span id="line-26">import java.security.Security;</span>
<span class="source-line-no">027</span><span id="line-27">import java.util.ArrayList;</span>
<span class="source-line-no">028</span><span id="line-28">import java.util.List;</span>
<span class="source-line-no">029</span><span id="line-29">import org.apache.commons.io.FileUtils;</span>
<span class="source-line-no">030</span><span id="line-30">import org.apache.hadoop.conf.Configuration;</span>
<span class="source-line-no">031</span><span id="line-31">import org.apache.hadoop.hbase.HBaseClassTestRule;</span>
<span class="source-line-no">032</span><span id="line-32">import org.apache.hadoop.hbase.HBaseCommonTestingUtil;</span>
<span class="source-line-no">033</span><span id="line-33">import org.apache.hadoop.hbase.HBaseServerBase;</span>
<span class="source-line-no">034</span><span id="line-34">import org.apache.hadoop.hbase.Server;</span>
<span class="source-line-no">035</span><span id="line-35">import org.apache.hadoop.hbase.client.ConnectionRegistryEndpoint;</span>
<span class="source-line-no">036</span><span id="line-36">import org.apache.hadoop.hbase.codec.Codec;</span>
<span class="source-line-no">037</span><span id="line-37">import org.apache.hadoop.hbase.io.crypto.tls.KeyStoreFileType;</span>
<span class="source-line-no">038</span><span id="line-38">import org.apache.hadoop.hbase.io.crypto.tls.X509KeyType;</span>
<span class="source-line-no">039</span><span id="line-39">import org.apache.hadoop.hbase.io.crypto.tls.X509TestContext;</span>
<span class="source-line-no">040</span><span id="line-40">import org.apache.hadoop.hbase.io.crypto.tls.X509TestContextProvider;</span>
<span class="source-line-no">041</span><span id="line-41">import org.apache.hadoop.hbase.io.crypto.tls.X509Util;</span>
<span class="source-line-no">042</span><span id="line-42">import org.apache.hadoop.hbase.ipc.RpcServer.BlockingServiceAndInterface;</span>
<span class="source-line-no">043</span><span id="line-43">import org.apache.hadoop.hbase.testclassification.MediumTests;</span>
<span class="source-line-no">044</span><span id="line-44">import org.apache.hadoop.hbase.testclassification.RPCTests;</span>
<span class="source-line-no">045</span><span id="line-45">import org.apache.hadoop.hbase.util.NettyEventLoopGroupConfig;</span>
<span class="source-line-no">046</span><span id="line-46">import org.bouncycastle.jce.provider.BouncyCastleProvider;</span>
<span class="source-line-no">047</span><span id="line-47">import org.junit.After;</span>
<span class="source-line-no">048</span><span id="line-48">import org.junit.AfterClass;</span>
<span class="source-line-no">049</span><span id="line-49">import org.junit.Before;</span>
<span class="source-line-no">050</span><span id="line-50">import org.junit.BeforeClass;</span>
<span class="source-line-no">051</span><span id="line-51">import org.junit.ClassRule;</span>
<span class="source-line-no">052</span><span id="line-52">import org.junit.experimental.categories.Category;</span>
<span class="source-line-no">053</span><span id="line-53">import org.junit.runner.RunWith;</span>
<span class="source-line-no">054</span><span id="line-54">import org.junit.runners.Parameterized;</span>
<span class="source-line-no">055</span><span id="line-55"></span>
<span class="source-line-no">056</span><span id="line-56">@RunWith(Parameterized.class)</span>
<span class="source-line-no">057</span><span id="line-57">@Category({ RPCTests.class, MediumTests.class })</span>
<span class="source-line-no">058</span><span id="line-58">public class TestNettyTlsIPC extends AbstractTestIPC {</span>
<span class="source-line-no">059</span><span id="line-59"></span>
<span class="source-line-no">060</span><span id="line-60"> @ClassRule</span>
<span class="source-line-no">061</span><span id="line-61"> public static final HBaseClassTestRule CLASS_RULE =</span>
<span class="source-line-no">062</span><span id="line-62"> HBaseClassTestRule.forClass(TestNettyTlsIPC.class);</span>
<span class="source-line-no">063</span><span id="line-63"></span>
<span class="source-line-no">064</span><span id="line-64"> private static final HBaseCommonTestingUtil UTIL = new HBaseCommonTestingUtil(CONF);</span>
<span class="source-line-no">065</span><span id="line-65"></span>
<span class="source-line-no">066</span><span id="line-66"> private static X509TestContextProvider PROVIDER;</span>
<span class="source-line-no">067</span><span id="line-67"></span>
<span class="source-line-no">068</span><span id="line-68"> private static NettyEventLoopGroupConfig EVENT_LOOP_GROUP_CONFIG;</span>
<span class="source-line-no">069</span><span id="line-69"></span>
<span class="source-line-no">070</span><span id="line-70"> @Parameterized.Parameter(1)</span>
<span class="source-line-no">071</span><span id="line-71"> public X509KeyType caKeyType;</span>
<span class="source-line-no">072</span><span id="line-72"></span>
<span class="source-line-no">073</span><span id="line-73"> @Parameterized.Parameter(2)</span>
<span class="source-line-no">074</span><span id="line-74"> public X509KeyType certKeyType;</span>
<span class="source-line-no">075</span><span id="line-75"></span>
<span class="source-line-no">076</span><span id="line-76"> @Parameterized.Parameter(3)</span>
<span class="source-line-no">077</span><span id="line-77"> public char[] keyPassword;</span>
<span class="source-line-no">078</span><span id="line-78"></span>
<span class="source-line-no">079</span><span id="line-79"> @Parameterized.Parameter(4)</span>
<span class="source-line-no">080</span><span id="line-80"> public boolean acceptPlainText;</span>
<span class="source-line-no">081</span><span id="line-81"></span>
<span class="source-line-no">082</span><span id="line-82"> @Parameterized.Parameter(5)</span>
<span class="source-line-no">083</span><span id="line-83"> public boolean clientTlsEnabled;</span>
<span class="source-line-no">084</span><span id="line-84"></span>
<span class="source-line-no">085</span><span id="line-85"> private X509TestContext x509TestContext;</span>
<span class="source-line-no">086</span><span id="line-86"></span>
<span class="source-line-no">087</span><span id="line-87"> // only netty rpc server supports TLS, so here we will only test NettyRpcServer</span>
<span class="source-line-no">088</span><span id="line-88"> @Parameterized.Parameters(</span>
<span class="source-line-no">089</span><span id="line-89"> name = "{index}: rpcServerImpl={0}, caKeyType={1}, certKeyType={2}, keyPassword={3},"</span>
<span class="source-line-no">090</span><span id="line-90"> + " acceptPlainText={4}, clientTlsEnabled={5}")</span>
<span class="source-line-no">091</span><span id="line-91"> public static List&lt;Object[]&gt; data() {</span>
<span class="source-line-no">092</span><span id="line-92"> List&lt;Object[]&gt; params = new ArrayList&lt;&gt;();</span>
<span class="source-line-no">093</span><span id="line-93"> for (X509KeyType caKeyType : X509KeyType.values()) {</span>
<span class="source-line-no">094</span><span id="line-94"> for (X509KeyType certKeyType : X509KeyType.values()) {</span>
<span class="source-line-no">095</span><span id="line-95"> for (char[] keyPassword : new char[][] { "".toCharArray(), "pa$$w0rd".toCharArray() }) {</span>
<span class="source-line-no">096</span><span id="line-96"> // do not accept plain text</span>
<span class="source-line-no">097</span><span id="line-97"> params.add(new Object[] { NettyRpcServer.class, caKeyType, certKeyType, keyPassword,</span>
<span class="source-line-no">098</span><span id="line-98"> false, true });</span>
<span class="source-line-no">099</span><span id="line-99"> // support plain text and client enables tls</span>
<span class="source-line-no">100</span><span id="line-100"> params.add(</span>
<span class="source-line-no">101</span><span id="line-101"> new Object[] { NettyRpcServer.class, caKeyType, certKeyType, keyPassword, true, true });</span>
<span class="source-line-no">102</span><span id="line-102"> // support plain text and client disables tls</span>
<span class="source-line-no">103</span><span id="line-103"> params.add(new Object[] { NettyRpcServer.class, caKeyType, certKeyType, keyPassword, true,</span>
<span class="source-line-no">104</span><span id="line-104"> false });</span>
<span class="source-line-no">105</span><span id="line-105"> }</span>
<span class="source-line-no">106</span><span id="line-106"> }</span>
<span class="source-line-no">107</span><span id="line-107"> }</span>
<span class="source-line-no">108</span><span id="line-108"> return params;</span>
<span class="source-line-no">109</span><span id="line-109"> }</span>
<span class="source-line-no">110</span><span id="line-110"></span>
<span class="source-line-no">111</span><span id="line-111"> @BeforeClass</span>
<span class="source-line-no">112</span><span id="line-112"> public static void setUpBeforeClass() throws IOException {</span>
<span class="source-line-no">113</span><span id="line-113"> Security.addProvider(new BouncyCastleProvider());</span>
<span class="source-line-no">114</span><span id="line-114"> File dir = new File(UTIL.getDataTestDir(TestNettyTlsIPC.class.getSimpleName()).toString())</span>
<span class="source-line-no">115</span><span id="line-115"> .getCanonicalFile();</span>
<span class="source-line-no">116</span><span id="line-116"> FileUtils.forceMkdir(dir);</span>
<span class="source-line-no">117</span><span id="line-117"> // server must enable tls</span>
<span class="source-line-no">118</span><span id="line-118"> CONF.setBoolean(X509Util.HBASE_SERVER_NETTY_TLS_ENABLED, true);</span>
<span class="source-line-no">119</span><span id="line-119"> PROVIDER = new X509TestContextProvider(CONF, dir);</span>
<span class="source-line-no">120</span><span id="line-120"> EVENT_LOOP_GROUP_CONFIG =</span>
<span class="source-line-no">121</span><span id="line-121"> NettyEventLoopGroupConfig.setup(CONF, TestNettyTlsIPC.class.getSimpleName());</span>
<span class="source-line-no">122</span><span id="line-122"> }</span>
<span class="source-line-no">123</span><span id="line-123"></span>
<span class="source-line-no">124</span><span id="line-124"> @AfterClass</span>
<span class="source-line-no">125</span><span id="line-125"> public static void tearDownAfterClass() throws InterruptedException {</span>
<span class="source-line-no">126</span><span id="line-126"> Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);</span>
<span class="source-line-no">127</span><span id="line-127"> EVENT_LOOP_GROUP_CONFIG.group().shutdownGracefully().sync();</span>
<span class="source-line-no">128</span><span id="line-128"> UTIL.cleanupTestDir();</span>
<span class="source-line-no">129</span><span id="line-129"> }</span>
<span class="source-line-no">130</span><span id="line-130"></span>
<span class="source-line-no">131</span><span id="line-131"> @Before</span>
<span class="source-line-no">132</span><span id="line-132"> public void setUp() throws IOException {</span>
<span class="source-line-no">133</span><span id="line-133"> x509TestContext = PROVIDER.get(caKeyType, certKeyType, keyPassword);</span>
<span class="source-line-no">134</span><span id="line-134"> x509TestContext.setConfigurations(KeyStoreFileType.JKS, KeyStoreFileType.JKS);</span>
<span class="source-line-no">135</span><span id="line-135"> CONF.setBoolean(X509Util.HBASE_SERVER_NETTY_TLS_SUPPORTPLAINTEXT, acceptPlainText);</span>
<span class="source-line-no">136</span><span id="line-136"> CONF.setBoolean(X509Util.HBASE_CLIENT_NETTY_TLS_ENABLED, clientTlsEnabled);</span>
<span class="source-line-no">137</span><span id="line-137"> }</span>
<span class="source-line-no">138</span><span id="line-138"></span>
<span class="source-line-no">139</span><span id="line-139"> @After</span>
<span class="source-line-no">140</span><span id="line-140"> public void tearDown() {</span>
<span class="source-line-no">141</span><span id="line-141"> x509TestContext.clearConfigurations();</span>
<span class="source-line-no">142</span><span id="line-142"> x509TestContext.getConf().unset(X509Util.TLS_CONFIG_OCSP);</span>
<span class="source-line-no">143</span><span id="line-143"> x509TestContext.getConf().unset(X509Util.TLS_CONFIG_CLR);</span>
<span class="source-line-no">144</span><span id="line-144"> x509TestContext.getConf().unset(X509Util.TLS_CONFIG_PROTOCOL);</span>
<span class="source-line-no">145</span><span id="line-145"> System.clearProperty("com.sun.net.ssl.checkRevocation");</span>
<span class="source-line-no">146</span><span id="line-146"> System.clearProperty("com.sun.security.enableCRLDP");</span>
<span class="source-line-no">147</span><span id="line-147"> Security.setProperty("ocsp.enable", Boolean.FALSE.toString());</span>
<span class="source-line-no">148</span><span id="line-148"> Security.setProperty("com.sun.security.enableCRLDP", Boolean.FALSE.toString());</span>
<span class="source-line-no">149</span><span id="line-149"> }</span>
<span class="source-line-no">150</span><span id="line-150"></span>
<span class="source-line-no">151</span><span id="line-151"> @Override</span>
<span class="source-line-no">152</span><span id="line-152"> protected RpcServer createRpcServer(Server server, String name,</span>
<span class="source-line-no">153</span><span id="line-153"> List&lt;BlockingServiceAndInterface&gt; services, InetSocketAddress bindAddress, Configuration conf,</span>
<span class="source-line-no">154</span><span id="line-154"> RpcScheduler scheduler) throws IOException {</span>
<span class="source-line-no">155</span><span id="line-155"> HBaseServerBase&lt;?&gt; mockServer = mock(HBaseServerBase.class);</span>
<span class="source-line-no">156</span><span id="line-156"> when(mockServer.getEventLoopGroupConfig()).thenReturn(EVENT_LOOP_GROUP_CONFIG);</span>
<span class="source-line-no">157</span><span id="line-157"> if (server instanceof ConnectionRegistryEndpoint) {</span>
<span class="source-line-no">158</span><span id="line-158"> String clusterId = ((ConnectionRegistryEndpoint) server).getClusterId();</span>
<span class="source-line-no">159</span><span id="line-159"> when(mockServer.getClusterId()).thenReturn(clusterId);</span>
<span class="source-line-no">160</span><span id="line-160"> }</span>
<span class="source-line-no">161</span><span id="line-161"> return new NettyRpcServer(mockServer, name, services, bindAddress, conf, scheduler, true);</span>
<span class="source-line-no">162</span><span id="line-162"> }</span>
<span class="source-line-no">163</span><span id="line-163"></span>
<span class="source-line-no">164</span><span id="line-164"> @Override</span>
<span class="source-line-no">165</span><span id="line-165"> protected AbstractRpcClient&lt;?&gt; createRpcClientNoCodec(Configuration conf) {</span>
<span class="source-line-no">166</span><span id="line-166"> return new NettyRpcClient(conf) {</span>
<span class="source-line-no">167</span><span id="line-167"></span>
<span class="source-line-no">168</span><span id="line-168"> @Override</span>
<span class="source-line-no">169</span><span id="line-169"> protected Codec getCodec() {</span>
<span class="source-line-no">170</span><span id="line-170"> return null;</span>
<span class="source-line-no">171</span><span id="line-171"> }</span>
<span class="source-line-no">172</span><span id="line-172"> };</span>
<span class="source-line-no">173</span><span id="line-173"> }</span>
<span class="source-line-no">174</span><span id="line-174"></span>
<span class="source-line-no">175</span><span id="line-175"> @Override</span>
<span class="source-line-no">176</span><span id="line-176"> protected AbstractRpcClient&lt;?&gt; createRpcClient(Configuration conf) {</span>
<span class="source-line-no">177</span><span id="line-177"> return new NettyRpcClient(conf);</span>
<span class="source-line-no">178</span><span id="line-178"> }</span>
<span class="source-line-no">179</span><span id="line-179"></span>
<span class="source-line-no">180</span><span id="line-180"> @Override</span>
<span class="source-line-no">181</span><span id="line-181"> protected AbstractRpcClient&lt;?&gt; createRpcClientRTEDuringConnectionSetup(Configuration conf)</span>
<span class="source-line-no">182</span><span id="line-182"> throws IOException {</span>
<span class="source-line-no">183</span><span id="line-183"> return new NettyRpcClient(conf) {</span>
<span class="source-line-no">184</span><span id="line-184"></span>
<span class="source-line-no">185</span><span id="line-185"> @Override</span>
<span class="source-line-no">186</span><span id="line-186"> protected boolean isTcpNoDelay() {</span>
<span class="source-line-no">187</span><span id="line-187"> throw new RuntimeException("Injected fault");</span>
<span class="source-line-no">188</span><span id="line-188"> }</span>
<span class="source-line-no">189</span><span id="line-189"> };</span>
<span class="source-line-no">190</span><span id="line-190"> }</span>
<span class="source-line-no">191</span><span id="line-191"></span>
<span class="source-line-no">192</span><span id="line-192"> @Override</span>
<span class="source-line-no">193</span><span id="line-193"> protected RpcServer createTestFailingRpcServer(String name,</span>
<span class="source-line-no">194</span><span id="line-194"> List&lt;BlockingServiceAndInterface&gt; services, InetSocketAddress bindAddress, Configuration conf,</span>
<span class="source-line-no">195</span><span id="line-195"> RpcScheduler scheduler) throws IOException {</span>
<span class="source-line-no">196</span><span id="line-196"> HBaseServerBase&lt;?&gt; mockServer = mock(HBaseServerBase.class);</span>
<span class="source-line-no">197</span><span id="line-197"> when(mockServer.getEventLoopGroupConfig()).thenReturn(EVENT_LOOP_GROUP_CONFIG);</span>
<span class="source-line-no">198</span><span id="line-198"> return new FailingNettyRpcServer(mockServer, name, services, bindAddress, conf, scheduler);</span>
<span class="source-line-no">199</span><span id="line-199"> }</span>
<span class="source-line-no">200</span><span id="line-200"></span>
<span class="source-line-no">201</span><span id="line-201"> @Override</span>
<span class="source-line-no">202</span><span id="line-202"> protected AbstractRpcClient&lt;?&gt; createBadAuthRpcClient(Configuration conf) {</span>
<span class="source-line-no">203</span><span id="line-203"> return new NettyRpcClient(conf) {</span>
<span class="source-line-no">204</span><span id="line-204"></span>
<span class="source-line-no">205</span><span id="line-205"> @Override</span>
<span class="source-line-no">206</span><span id="line-206"> protected NettyRpcConnection createConnection(ConnectionId remoteId) throws IOException {</span>
<span class="source-line-no">207</span><span id="line-207"> return new BadAuthNettyRpcConnection(this, remoteId);</span>
<span class="source-line-no">208</span><span id="line-208"> }</span>
<span class="source-line-no">209</span><span id="line-209"> };</span>
<span class="source-line-no">210</span><span id="line-210"> }</span>
<span class="source-line-no">211</span><span id="line-211">}</span>
</pre>
</div>
</main>
</body>
</html>