From 2e99af7785246a11164ebb11c73e2e4eb364da0a Mon Sep 17 00:00:00 2001 From: Esteban Gutierrez Date: Sat, 7 Feb 2015 00:32:15 -0800 Subject: [PATCH] HBASE-12984 SSL cannot be used by the InfoPort after removing deprecated code in HBASE-10336 --- .../org/apache/hadoop/hbase/http/HttpConfig.java | 7 +++--- .../org/apache/hadoop/hbase/http/HttpServer.java | 2 +- .../org/apache/hadoop/hbase/http/InfoServer.java | 24 ++++++++++++------ .../hadoop/hbase/TestHBaseTestingUtility.java | 29 ++++++++++++++++++++++ 4 files changed, 50 insertions(+), 12 deletions(-) diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpConfig.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpConfig.java index d6180b5..1fe78e9 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpConfig.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpConfig.java @@ -51,11 +51,10 @@ public class HttpConfig { } } - static { - Configuration conf = new Configuration(); + public HttpConfig(final Configuration conf) { boolean sslEnabled = conf.getBoolean( - ServerConfigurationKeys.HBASE_SSL_ENABLED_KEY, - ServerConfigurationKeys.HBASE_SSL_ENABLED_DEFAULT); + ServerConfigurationKeys.HBASE_SSL_ENABLED_KEY, + ServerConfigurationKeys.HBASE_SSL_ENABLED_DEFAULT); policy = sslEnabled ? Policy.HTTPS_ONLY : Policy.HTTP_ONLY; } diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpServer.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpServer.java index c0bf6f9..a8df938 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpServer.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/http/HttpServer.java @@ -484,7 +484,7 @@ public class HttpServer implements FilterContainer { boolean findPort, Configuration conf, AccessControlList adminsAcl, Connector connector, String[] pathSpecs) throws IOException { this(new Builder().setName(name) - .addEndpoint(URI.create("http://" + bindAddress + ":" + port)) + .addEndpoint(URI.create(HttpConfig.getSchemePrefix() + bindAddress + ":" + port)) .setFindPort(findPort).setConf(conf).setACL(adminsAcl) .setConnector(connector).setPathSpec(pathSpecs)); } diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/http/InfoServer.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/http/InfoServer.java index ffaaeaa..9b99892 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/http/InfoServer.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/http/InfoServer.java @@ -54,15 +54,25 @@ public class InfoServer { public InfoServer(String name, String bindAddress, int port, boolean findPort, final Configuration c) throws IOException { + HttpConfig httpConfig = new HttpConfig(c); HttpServer.Builder builder = new org.apache.hadoop.hbase.http.HttpServer.Builder(); - builder - .setName(name) - .addEndpoint(URI.create("http://" + bindAddress + ":" + port)) - .setAppDir(HBASE_APP_DIR).setFindPort(findPort).setConf(c); - String logDir = System.getProperty("hbase.log.dir"); - if (logDir != null) { - builder.setLogDir(logDir); + + builder.setName(name).addEndpoint(URI.create(httpConfig.getSchemePrefix() + + bindAddress + ":" + + port)).setAppDir(HBASE_APP_DIR).setFindPort(findPort).setConf(c); + String logDir = System.getProperty("hbase.log.dir"); + if (logDir != null) { + builder.setLogDir(logDir); + } + if (httpConfig.isSecure()) { + builder.keyPassword(c.get("ssl.server.keystore.keypassword")) + .keyStore(c.get("ssl.server.keystore.location"), + c.get("ssl.server.keystore.password"), + c.get("ssl.server.keystore.type", "jks")) + .trustStore(c.get("ssl.server.truststore.location"), + c.get("ssl.server.truststore.password"), + c.get("ssl.server.truststore.type", "jks")).build(); } this.httpServer = builder.build(); } diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/TestHBaseTestingUtility.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/TestHBaseTestingUtility.java index 56720a3..f3e3dc2 100644 --- a/hbase-server/src/test/java/org/apache/hadoop/hbase/TestHBaseTestingUtility.java +++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/TestHBaseTestingUtility.java @@ -26,6 +26,7 @@ import static org.junit.Assert.assertTrue; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.hadoop.fs.FileSystem; +import org.apache.hadoop.fs.FileUtil; import org.apache.hadoop.fs.Path; import org.apache.hadoop.hbase.client.Get; import org.apache.hadoop.hbase.client.Put; @@ -36,8 +37,10 @@ import org.apache.hadoop.hbase.testclassification.MiscTests; import org.apache.hadoop.hbase.util.Bytes; import org.apache.hadoop.hbase.zookeeper.MiniZooKeeperCluster; import org.apache.hadoop.hdfs.MiniDFSCluster; +import org.apache.hadoop.hbase.http.ssl.KeyStoreTestUtil; import org.junit.Test; import org.junit.experimental.categories.Category; +import java.io.File; /** * Test our testing utility class @@ -137,6 +140,32 @@ public class TestHBaseTestingUtility { } } + @Test + public void testMiniClusterWithSSLOn() throws Exception { + final String BASEDIR = System.getProperty("test.build.dir", + "target/test-dir") + "/" + TestHBaseTestingUtility.class.getSimpleName(); + String sslConfDir = KeyStoreTestUtil.getClasspathDir(TestHBaseTestingUtility.class); + String keystoresDir = new File(BASEDIR).getAbsolutePath(); + + HBaseTestingUtility hbt = new HBaseTestingUtility(); + File base = new File(BASEDIR); + FileUtil.fullyDelete(base); + base.mkdirs(); + + KeyStoreTestUtil.setupSSLConfig(keystoresDir, sslConfDir, hbt.getConfiguration(), false); + + hbt.getConfiguration().set("hbase.ssl.enabled", "true"); + hbt.getConfiguration().addResource("ssl-server.xml"); + hbt.getConfiguration().addResource("ssl-client.xml"); + + MiniHBaseCluster cluster = hbt.startMiniCluster(); + try { + assertEquals(1, cluster.getLiveRegionServerThreads().size()); + } finally { + hbt.shutdownMiniCluster(); + } + } + /** * Test that we can start and stop multiple time a cluster * with the same HBaseTestingUtility. -- 2.2.2