diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java index 3b9e9c53e4..59383dfefb 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java @@ -608,11 +608,8 @@ protected static class QualifiedHostResolver implements HostResolver { private List searchDomains = new ArrayList<>(); { ResolverConfig resolverConfig = ResolverConfig.getCurrentConfig(); - Name[] names = resolverConfig.searchPath(); - if (names != null) { - for (Name name : names) { - searchDomains.add(name.toString()); - } + for (Name name : resolverConfig.searchPath()) { + searchDomains.add(name.toString()); } } diff --git a/hadoop-common-project/hadoop-registry/src/main/java/org/apache/hadoop/registry/server/dns/RegistryDNS.java b/hadoop-common-project/hadoop-registry/src/main/java/org/apache/hadoop/registry/server/dns/RegistryDNS.java index eeee581540..8dbe79682e 100644 --- a/hadoop-common-project/hadoop-registry/src/main/java/org/apache/hadoop/registry/server/dns/RegistryDNS.java +++ b/hadoop-common-project/hadoop-registry/src/main/java/org/apache/hadoop/registry/server/dns/RegistryDNS.java @@ -75,7 +75,6 @@ import java.net.Socket; import java.net.SocketAddress; import java.net.SocketException; -import java.net.UnknownHostException; import java.nio.BufferUnderflowException; import java.nio.ByteBuffer; import java.nio.channels.DatagramChannel; @@ -87,8 +86,10 @@ import java.security.spec.InvalidKeySpecException; import java.security.spec.RSAPrivateKeySpec; import java.text.SimpleDateFormat; +import java.time.Duration; +import java.time.Instant; +import java.time.temporal.ChronoUnit; import java.util.ArrayList; -import java.util.Calendar; import java.util.Collection; import java.util.Date; import java.util.Enumeration; @@ -232,13 +233,7 @@ private void updateDNSServer(Configuration conf) { } catch (SocketException e) { } ResolverConfig.refresh(); - ExtendedResolver resolver; - try { - resolver = new ExtendedResolver(); - } catch (UnknownHostException e) { - LOG.error("Can not resolve DNS servers: ", e); - return; - } + ExtendedResolver resolver = new ExtendedResolver(); for (Resolver check : resolver.getResolvers()) { if (check instanceof SimpleResolver) { InetAddress address = ((SimpleResolver) check).getAddress() @@ -247,7 +242,7 @@ private void updateDNSServer(Configuration conf) { resolver.deleteResolver(check); continue; } else { - check.setTimeout(30); + check.setTimeout(Duration.ofSeconds(30)); } } else { LOG.error("Not simple resolver!!!?" + check); @@ -260,12 +255,10 @@ private void updateDNSServer(Configuration conf) { } StringBuilder message = new StringBuilder(); message.append("DNS servers: "); - if (ResolverConfig.getCurrentConfig().servers() != null) { - for (String server : ResolverConfig.getCurrentConfig() - .servers()) { - message.append(server); - message.append(" "); - } + for (InetSocketAddress address : + ResolverConfig.getCurrentConfig().servers()) { + message.append(address); + message.append(" "); } LOG.info(message.toString()); } @@ -331,11 +324,10 @@ private void signZones() throws IOException { if (isDNSSECEnabled()) { Collection zoneCollection = zones.values(); for (Zone zone : zoneCollection) { - Iterator itor = zone.iterator(); + Iterator itor = zone.iterator(); while (itor.hasNext()) { - RRset rRset = (RRset) itor.next(); - Iterator sigs = rRset.sigs(); - if (!sigs.hasNext()) { + RRset rRset = itor.next(); + if (!rRset.sigs().isEmpty()) { try { signSiteRecord(zone, rRset.first()); } catch (DNSSEC.DNSSECException e) { @@ -692,10 +684,8 @@ private void signSiteRecord(Zone zone, Record record) throws DNSSEC.DNSSECException { RRset rrset = zone.findExactMatch(record.getName(), record.getType()); - Calendar cal = Calendar.getInstance(); - Date inception = cal.getTime(); - cal.add(Calendar.YEAR, 1); - Date expiration = cal.getTime(); + Instant inception = Instant.now(); + Instant expiration = inception.plus(365, ChronoUnit.DAYS); RRSIGRecord rrsigRecord = DNSSEC.sign(rrset, dnsKeyRecs.get(zone.getOrigin()), privateKey, inception, expiration); @@ -1159,7 +1149,7 @@ private byte remoteLookup(Message response, Name name, int type, } } if (r.getType() == Type.CNAME) { - Name cname = ((CNAMERecord) r).getAlias(); + Name cname = r.getName(); if (iterations < 6) { remoteLookup(response, cname, type, iterations + 1); } @@ -1255,9 +1245,7 @@ private int getMaxLength(Socket s, OPTRecord queryOPT) { * @param flags the flags. */ private void addAdditional2(Message response, int section, int flags) { - Record[] records = response.getSectionArray(section); - for (int i = 0; i < records.length; i++) { - Record r = records[i]; + for (Record r : response.getSection(section)) { Name glueName = r.getAdditionalName(); if (glueName != null) { addGlue(response, glueName, flags); @@ -1403,11 +1391,10 @@ byte addAnswer(Message response, Name name, int type, int dclass, response.getHeader().setFlag(Flags.AA); } } else if (sr.isSuccessful()) { - RRset[] rrsets = sr.answers(); + List rrsets = sr.answers(); LOG.info("found answers {}", rrsets); - for (int i = 0; i < rrsets.length; i++) { - addRRset(name, response, rrsets[i], - Section.ANSWER, flags); + for (RRset rrset : rrsets) { + addRRset(name, response, rrset, Section.ANSWER, flags); } addNS(response, zone, flags); if (iterations == 0) { @@ -1456,7 +1443,7 @@ private void addSOA(Message response, Zone zone, int flags) { private void addNXT(Message response, int flags) throws DNSSEC.DNSSECException, IOException { Record nxtRecord = getNXTRecord( - response.getSectionArray(Section.QUESTION)[0]); + response.getSection(Section.QUESTION).get(0)); Zone zone = findBestZone(nxtRecord.getName()); addRecordCommand.exec(zone, nxtRecord); RRset nxtRR = zone.findExactMatch(nxtRecord.getName(), Type.NXT); @@ -1515,9 +1502,7 @@ private void addRRset(Name name, Message response, RRset rrset, int section, } } if ((flags & FLAG_SIGONLY) == 0) { - Iterator it = rrset.rrs(); - while (it.hasNext()) { - Record r = (Record) it.next(); + for (Record r : rrset.rrs()) { if (r.getName().isWild() && !name.isWild()) { r = r.withName(name); } @@ -1525,9 +1510,7 @@ private void addRRset(Name name, Message response, RRset rrset, int section, } } if ((flags & (FLAG_SIGONLY | FLAG_DNSSECOK)) != 0) { - Iterator it = rrset.sigs(); - while (it.hasNext()) { - Record r = (Record) it.next(); + for (Record r : rrset.sigs()) { if (r.getName().isWild() && !name.isWild()) { r = r.withName(name); } @@ -1554,13 +1537,13 @@ byte[] doAXFR(Name name, Message query, TSIG tsig, TSIGRecord qtsig, if (zone == null) { return errorMessage(query, Rcode.REFUSED); } - Iterator it = zone.AXFR(); + Iterator it = zone.AXFR(); try { DataOutputStream dataOut; dataOut = new DataOutputStream(s.getOutputStream()); int id = query.getHeader().getID(); while (it.hasNext()) { - RRset rrset = (RRset) it.next(); + RRset rrset = it.next(); Message response = new Message(id); Header header = response.getHeader(); header.setFlag(Flags.QR); @@ -1568,7 +1551,7 @@ byte[] doAXFR(Name name, Message query, TSIG tsig, TSIGRecord qtsig, addRRset(rrset.getName(), response, rrset, Section.ANSWER, FLAG_DNSSECOK); if (tsig != null) { - tsig.applyStream(response, qtsig, first); + tsig.apply(response, qtsig, first); qtsig = response.getTSIG(); } first = false; @@ -1688,10 +1671,8 @@ public void exec(Zone zone, Record record) throws IOException { zone.addRecord(record); LOG.info("Registered {}", record); if (isDNSSECEnabled()) { - Calendar cal = Calendar.getInstance(); - Date inception = cal.getTime(); - cal.add(Calendar.YEAR, 1); - Date expiration = cal.getTime(); + Instant inception = Instant.now(); + Instant expiration = inception.plus(365, ChronoUnit.DAYS); RRset rRset = zone.findExactMatch(record.getName(), record.getType()); try { @@ -1727,8 +1708,8 @@ public void exec(Zone zone, Record record) throws IOException { */ private void addDSRecord(Zone zone, Name name, int dClass, long dsTtl, - Date inception, - Date expiration) throws DNSSEC.DNSSECException { + Instant inception, + Instant expiration) throws DNSSEC.DNSSECException { RRset rRset; RRSIGRecord rrsigRecord; diff --git a/hadoop-common-project/hadoop-registry/src/main/java/org/apache/hadoop/registry/server/dns/SecureableZone.java b/hadoop-common-project/hadoop-registry/src/main/java/org/apache/hadoop/registry/server/dns/SecureableZone.java index 4b0a85269d..c2f65321dd 100644 --- a/hadoop-common-project/hadoop-registry/src/main/java/org/apache/hadoop/registry/server/dns/SecureableZone.java +++ b/hadoop-common-project/hadoop-registry/src/main/java/org/apache/hadoop/registry/server/dns/SecureableZone.java @@ -138,8 +138,7 @@ public Record getNXTRecord(Record queryRecord, Zone zone) { SetResponse sr = zone.findRecords(base.getName(), Type.ANY); BitSet bitMap = new BitSet(); bitMap.set(Type.NXT); - RRset[] rRsets = sr.answers(); - for (RRset rRset : rRsets) { + for (RRset rRset : sr.answers()) { int typeCode = rRset.getType(); if (typeCode > 0 && typeCode < 128) { bitMap.set(typeCode); diff --git a/hadoop-common-project/hadoop-registry/src/test/java/org/apache/hadoop/registry/server/dns/TestRegistryDNS.java b/hadoop-common-project/hadoop-registry/src/test/java/org/apache/hadoop/registry/server/dns/TestRegistryDNS.java index a0c4ca3970..56e617144a 100644 --- a/hadoop-common-project/hadoop-registry/src/test/java/org/apache/hadoop/registry/server/dns/TestRegistryDNS.java +++ b/hadoop-common-project/hadoop-registry/src/test/java/org/apache/hadoop/registry/server/dns/TestRegistryDNS.java @@ -51,8 +51,9 @@ import java.security.KeyFactory; import java.security.PrivateKey; import java.security.spec.RSAPrivateKeySpec; -import java.util.Calendar; -import java.util.Date; +import java.time.Instant; +import java.time.temporal.ChronoUnit; +import java.util.List; import java.util.concurrent.TimeUnit; import static org.apache.hadoop.registry.client.api.RegistryConstants.*; @@ -194,34 +195,37 @@ public void testAppRegistration() throws Exception { "/registry/users/root/services/org-apache-slider/test1/", record); // start assessing whether correct records are available - Record[] recs = assertDNSQuery("test1.root.dev.test."); + List recs = assertDNSQuery("test1.root.dev.test."); assertEquals("wrong result", "192.168.1.5", - ((ARecord) recs[0]).getAddress().getHostAddress()); + ((ARecord) recs.get(0)).getAddress().getHostAddress()); recs = assertDNSQuery("management-api.test1.root.dev.test.", 2); assertEquals("wrong target name", "test1.root.dev.test.", - ((CNAMERecord) recs[0]).getTarget().toString()); - assertTrue("not an ARecord", recs[isSecure() ? 2 : 1] instanceof ARecord); + ((CNAMERecord) recs.get(0)).getTarget().toString()); + assertTrue("not an ARecord", + recs.get(isSecure() ? 2 : 1) instanceof ARecord); recs = assertDNSQuery("appmaster-ipc-api.test1.root.dev.test.", Type.SRV, 1); - assertTrue("not an SRV record", recs[0] instanceof SRVRecord); - assertEquals("wrong port", 1026, ((SRVRecord) recs[0]).getPort()); + assertTrue("not an SRV record", recs.get(0) instanceof SRVRecord); + assertEquals("wrong port", 1026, ((SRVRecord) recs.get(0)).getPort()); recs = assertDNSQuery("appmaster-ipc-api.test1.root.dev.test.", 2); assertEquals("wrong target name", "test1.root.dev.test.", - ((CNAMERecord) recs[0]).getTarget().toString()); - assertTrue("not an ARecord", recs[isSecure() ? 2 : 1] instanceof ARecord); + ((CNAMERecord) recs.get(0)).getTarget().toString()); + assertTrue("not an ARecord", + recs.get(isSecure() ? 2 : 1) instanceof ARecord); recs = assertDNSQuery("http-api.test1.root.dev.test.", 2); assertEquals("wrong target name", "test1.root.dev.test.", - ((CNAMERecord) recs[0]).getTarget().toString()); - assertTrue("not an ARecord", recs[isSecure() ? 2 : 1] instanceof ARecord); + ((CNAMERecord) recs.get(0)).getTarget().toString()); + assertTrue("not an ARecord", + recs.get(isSecure() ? 2 : 1) instanceof ARecord); recs = assertDNSQuery("http-api.test1.root.dev.test.", Type.SRV, 1); - assertTrue("not an SRV record", recs[0] instanceof SRVRecord); - assertEquals("wrong port", 1027, ((SRVRecord) recs[0]).getPort()); + assertTrue("not an SRV record", recs.get(0) instanceof SRVRecord); + assertEquals("wrong port", 1027, ((SRVRecord) recs.get(0)).getPort()); assertDNSQuery("test1.root.dev.test.", Type.TXT, 3); assertDNSQuery("appmaster-ipc-api.test1.root.dev.test.", Type.TXT, 1); @@ -239,13 +243,13 @@ public void testContainerRegistration() throws Exception { record); // start assessing whether correct records are available - Record[] recs = + List recs = assertDNSQuery("ctr-e50-1451931954322-0016-01-000002.dev.test."); assertEquals("wrong result", "172.17.0.19", - ((ARecord) recs[0]).getAddress().getHostAddress()); + ((ARecord) recs.get(0)).getAddress().getHostAddress()); recs = assertDNSQuery("httpd-1.test1.root.dev.test.", 1); - assertTrue("not an ARecord", recs[0] instanceof ARecord); + assertTrue("not an ARecord", recs.get(0) instanceof ARecord); } @Test @@ -277,16 +281,16 @@ public void testRecordTTL() throws Exception { record); // start assessing whether correct records are available - Record[] recs = assertDNSQuery( + List recs = assertDNSQuery( "ctr-e50-1451931954322-0016-01-000002.dev.test."); assertEquals("wrong result", "172.17.0.19", - ((ARecord) recs[0]).getAddress().getHostAddress()); - assertEquals("wrong ttl", 30L, recs[0].getTTL()); + ((ARecord) recs.get(0)).getAddress().getHostAddress()); + assertEquals("wrong ttl", 30L, recs.get(0).getTTL()); recs = assertDNSQuery("httpd-1.test1.root.dev.test.", 1); - assertTrue("not an ARecord", recs[0] instanceof ARecord); + assertTrue("not an ARecord", recs.get(0) instanceof ARecord); - assertEquals("wrong ttl", 30L, recs[0].getTTL()); + assertEquals("wrong ttl", 30L, recs.get(0).getTTL()); } @Test @@ -299,10 +303,11 @@ public void testReverseLookup() throws Exception { record); // start assessing whether correct records are available - Record[] recs = assertDNSQuery("19.0.17.172.in-addr.arpa.", Type.PTR, 1); + List recs = assertDNSQuery( + "19.0.17.172.in-addr.arpa.", Type.PTR, 1); assertEquals("wrong result", "httpd-1.test1.root.dev.test.", - ((PTRRecord) recs[0]).getTarget().toString()); + ((PTRRecord) recs.get(0)).getTarget().toString()); } @Test @@ -325,10 +330,11 @@ public void testReverseLookupInLargeNetwork() throws Exception { record); // start assessing whether correct records are available - Record[] recs = assertDNSQuery("19.0.17.172.in-addr.arpa.", Type.PTR, 1); + List recs = assertDNSQuery( + "19.0.17.172.in-addr.arpa.", Type.PTR, 1); assertEquals("wrong result", "httpd-1.test1.root.dev.test.", - ((PTRRecord) recs[0]).getTarget().toString()); + ((PTRRecord) recs.get(0)).getTarget().toString()); } @Test @@ -372,16 +378,16 @@ public void testNoContainerIP() throws Exception { assertEquals("wrong status", Rcode.NXDOMAIN, response.getRcode()); } - private Record[] assertDNSQuery(String lookup) throws IOException { + private List assertDNSQuery(String lookup) throws IOException { return assertDNSQuery(lookup, Type.A, 1); } - private Record[] assertDNSQuery(String lookup, int numRecs) + private List assertDNSQuery(String lookup, int numRecs) throws IOException { return assertDNSQuery(lookup, Type.A, numRecs); } - Record[] assertDNSQuery(String lookup, int type, int numRecs) + private List assertDNSQuery(String lookup, int type, int numRecs) throws IOException { Name name = Name.fromString(lookup); Record question = Record.newRecord(name, type, DClass.IN); @@ -394,9 +400,9 @@ Record[] assertDNSQuery(String lookup, int type, int numRecs) assertNotNull("Null response", response); assertEquals("Questions do not match", query.getQuestion(), response.getQuestion()); - Record[] recs = response.getSectionArray(Section.ANSWER); + List recs = response.getSection(Section.ANSWER); assertEquals("wrong number of answer records", - isSecure() ? numRecs * 2 : numRecs, recs.length); + isSecure() ? numRecs * 2 : numRecs, recs.size()); if (isSecure()) { boolean signed = false; for (Record record : recs) { @@ -410,8 +416,8 @@ Record[] assertDNSQuery(String lookup, int type, int numRecs) return recs; } - Record[] assertDNSQueryNotNull(String lookup, int type, int answerCount) - throws IOException { + private List assertDNSQueryNotNull( + String lookup, int type, int answerCount) throws IOException { Name name = Name.fromString(lookup); Record question = Record.newRecord(name, type, DClass.IN); Message query = Message.newQuery(question); @@ -423,9 +429,9 @@ Record[] assertDNSQueryNotNull(String lookup, int type, int answerCount) assertNotNull("Null response", response); assertEquals("Questions do not match", query.getQuestion(), response.getQuestion()); - Record[] recs = response.getSectionArray(Section.ANSWER); - assertEquals(answerCount, recs.length); - assertEquals(recs[0].getType(), type); + List recs = response.getSection(Section.ANSWER); + assertEquals(answerCount, recs.size()); + assertEquals(type, recs.get(0).getType()); return recs; } @@ -461,10 +467,8 @@ public void testDNSKEYRecord() throws Exception { ARecord aRecord = new ARecord(Name.fromString("some.test."), DClass.IN, 0, InetAddress.getByName("192.168.0.1")); - Calendar cal = Calendar.getInstance(); - Date inception = cal.getTime(); - cal.add(Calendar.YEAR, 1); - Date expiration = cal.getTime(); + Instant inception = Instant.now(); + Instant expiration = inception.plus(365, ChronoUnit.DAYS); RRset rrset = new RRset(aRecord); RRSIGRecord rrsigRecord = DNSSEC.sign(rrset, dnskeyRecord, @@ -495,13 +499,13 @@ public void testAAAALookup() throws Exception { record); // start assessing whether correct records are available - Record[] recs = assertDNSQuery( + List recs = assertDNSQuery( "ctr-e50-1451931954322-0016-01-000002.dev.test.", Type.AAAA, 1); assertEquals("wrong result", "172.17.0.19", - ((AAAARecord) recs[0]).getAddress().getHostAddress()); + ((AAAARecord) recs.get(0)).getAddress().getHostAddress()); recs = assertDNSQuery("httpd-1.test1.root.dev.test.", Type.AAAA, 1); - assertTrue("not an ARecord", recs[0] instanceof AAAARecord); + assertTrue("not an ARecord", recs.get(0) instanceof AAAARecord); } @Test @@ -524,9 +528,9 @@ public void testNegativeLookup() throws Exception { assertNotNull("Null response", response); assertEquals("Questions do not match", query.getQuestion(), response.getQuestion()); - Record[] sectionArray = response.getSectionArray(Section.AUTHORITY); + List sectionArray = response.getSection(Section.AUTHORITY); assertEquals("Wrong number of recs in AUTHORITY", isSecure() ? 2 : 1, - sectionArray.length); + sectionArray.size()); boolean soaFound = false; for (Record rec : sectionArray) { soaFound = rec.getType() == Type.SOA; @@ -570,19 +574,19 @@ public void testReadMasterFile() throws Exception { record); // start assessing whether correct records are available - Record[] recs = + List recs = assertDNSQuery("ctr-e50-1451931954322-0016-01-000002.dev.test."); assertEquals("wrong result", "172.17.0.19", - ((ARecord) recs[0]).getAddress().getHostAddress()); + ((ARecord) recs.get(0)).getAddress().getHostAddress()); recs = assertDNSQuery("httpd-1.test1.root.dev.test.", 1); - assertTrue("not an ARecord", recs[0] instanceof ARecord); + assertTrue("not an ARecord", recs.get(0) instanceof ARecord); // lookup dyanmic reverse records recs = assertDNSQuery("19.0.17.172.in-addr.arpa.", Type.PTR, 1); assertEquals("wrong result", "httpd-1.test1.root.dev.test.", - ((PTRRecord) recs[0]).getTarget().toString()); + ((PTRRecord) recs.get(0)).getTarget().toString()); // now lookup static reverse records Name name = Name.fromString("5.0.17.172.in-addr.arpa."); @@ -592,9 +596,9 @@ public void testReadMasterFile() throws Exception { query.addRecord(optRecord, Section.ADDITIONAL); byte[] responseBytes = getRegistryDNS().generateReply(query, null); Message response = new Message(responseBytes); - recs = response.getSectionArray(Section.ANSWER); + recs = response.getSection(Section.ANSWER); assertEquals("wrong result", "cn005.dev.test.", - ((PTRRecord) recs[0]).getTarget().toString()); + ((PTRRecord) recs.get(0)).getTarget().toString()); } @Test @@ -655,8 +659,7 @@ public void testExternalCNAMERecord() throws Exception { getRegistryDNS().initializeZones(conf); // start assessing whether correct records are available - Record[] recs = - assertDNSQueryNotNull("mail.yahoo.com.", Type.CNAME, 1); + assertDNSQueryNotNull("mail.yahoo.com.", Type.CNAME, 1); } @Test @@ -672,8 +675,7 @@ public void testRootLookup() throws Exception { getRegistryDNS().initializeZones(conf); // start assessing whether correct records are available - Record[] recs = - assertDNSQueryNotNull(".", Type.NS, 13); + assertDNSQueryNotNull(".", Type.NS, 13); } @Test @@ -692,10 +694,10 @@ public void testMultiARecord() throws Exception { record2); // start assessing whether correct records are available - Record[] recs = + List recs = assertDNSQuery("httpd.test1.root.dev.test.", 2); - assertTrue("not an ARecord", recs[0] instanceof ARecord); - assertTrue("not an ARecord", recs[1] instanceof ARecord); + assertTrue("not an ARecord", recs.get(0) instanceof ARecord); + assertTrue("not an ARecord", recs.get(1) instanceof ARecord); } @Test(timeout=5000) diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml index dec43558ac..c69ebcfdda 100644 --- a/hadoop-project/pom.xml +++ b/hadoop-project/pom.xml @@ -100,7 +100,7 @@ 3.5.6 4.2.0 3.0.5 - 2.1.7 + 3.4.0 27.0-jre 4.2.3