HADOOP-11311. Restrict uppercase key names from being created with JCEKS.
This commit is contained in:
parent
351c5561c2
commit
48d62fad80
@ -444,6 +444,9 @@ Release 2.7.0 - UNRELEASED
|
||||
HADOOP-11157. ZKDelegationTokenSecretManager never shuts down
|
||||
listenerThreadPool. (Arun Suresh via atm)
|
||||
|
||||
HADOOP-11311. Restrict uppercase key names from being created with JCEKS.
|
||||
(wang)
|
||||
|
||||
Release 2.6.0 - 2014-11-18
|
||||
|
||||
INCOMPATIBLE CHANGES
|
||||
|
@ -18,6 +18,7 @@
|
||||
|
||||
package org.apache.hadoop.crypto.key;
|
||||
|
||||
import com.google.common.base.Preconditions;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.apache.hadoop.classification.InterfaceAudience;
|
||||
import org.apache.hadoop.classification.InterfaceAudience.Private;
|
||||
@ -423,6 +424,8 @@ public Metadata getMetadata(String name) throws IOException {
|
||||
@Override
|
||||
public KeyVersion createKey(String name, byte[] material,
|
||||
Options options) throws IOException {
|
||||
Preconditions.checkArgument(name.equals(name.toLowerCase()),
|
||||
"Uppercase key names are unsupported: %s", name);
|
||||
writeLock.lock();
|
||||
try {
|
||||
try {
|
||||
|
@ -33,6 +33,7 @@
|
||||
import org.apache.hadoop.security.Credentials;
|
||||
import org.apache.hadoop.security.ProviderUtils;
|
||||
import org.apache.hadoop.security.UserGroupInformation;
|
||||
import org.apache.hadoop.test.GenericTestUtils;
|
||||
import org.junit.Assert;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
@ -328,6 +329,16 @@ public void testJksProvider() throws Exception {
|
||||
// check permission retention after explicit change
|
||||
fs.setPermission(path, new FsPermission("777"));
|
||||
checkPermissionRetention(conf, ourUrl, path);
|
||||
|
||||
// Check that an uppercase keyname results in an error
|
||||
provider = KeyProviderFactory.getProviders(conf).get(0);
|
||||
try {
|
||||
provider.createKey("UPPERCASE", KeyProvider.options(conf));
|
||||
Assert.fail("Expected failure on creating key name with uppercase " +
|
||||
"characters");
|
||||
} catch (IllegalArgumentException e) {
|
||||
GenericTestUtils.assertExceptionContains("Uppercase key names", e);
|
||||
}
|
||||
}
|
||||
|
||||
private void verifyAfterReload(File file, KeyProvider provider)
|
||||
|
Loading…
Reference in New Issue
Block a user