diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt index 1176a21cfa..051eac19bb 100644 --- a/hadoop-common-project/hadoop-common/CHANGES.txt +++ b/hadoop-common-project/hadoop-common/CHANGES.txt @@ -793,6 +793,9 @@ Release 2.6.0 - UNRELEASED HADOOP-11083. After refactoring of HTTP proxyuser to common, doAs param is case sensitive. (tucu) + HADOOP-11088. Unittest TestKeyShell, TestCredShell and TestKMS assume UNIX + path separator for JECKS key store path. (Xiaoyu Yao via cnauroth) + Release 2.5.1 - 2014-09-05 INCOMPATIBLE CHANGES diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyShell.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyShell.java index d65d9b212b..3407eb7cec 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyShell.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyShell.java @@ -24,6 +24,7 @@ import java.util.UUID; import org.apache.hadoop.conf.Configuration; +import org.apache.hadoop.fs.Path; import org.junit.After; import org.junit.Before; import org.junit.Test; @@ -51,7 +52,8 @@ public void setup() throws Exception { if (!tmpDir.mkdirs()) { throw new IOException("Unable to create " + tmpDir); } - jceksProvider = "jceks://file" + tmpDir + "/keystore.jceks"; + final Path jksPath = new Path(tmpDir.toString(), "keystore.jceks"); + jceksProvider = "jceks://file" + jksPath.toUri(); initialStdOut = System.out; initialStdErr = System.err; System.setOut(new PrintStream(outContent)); diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/alias/TestCredShell.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/alias/TestCredShell.java index b9f0dc937c..c89036272b 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/alias/TestCredShell.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/alias/TestCredShell.java @@ -29,6 +29,7 @@ import java.util.List; import org.apache.hadoop.conf.Configuration; +import org.apache.hadoop.fs.Path; import org.junit.Before; import org.junit.Test; @@ -37,18 +38,23 @@ public class TestCredShell { private final ByteArrayOutputStream errContent = new ByteArrayOutputStream(); private static final File tmpDir = new File(System.getProperty("test.build.data", "/tmp"), "creds"); - + + /* The default JCEKS provider - for testing purposes */ + private String jceksProvider; + @Before public void setup() throws Exception { System.setOut(new PrintStream(outContent)); System.setErr(new PrintStream(errContent)); + final Path jksPath = new Path(tmpDir.toString(), "keystore.jceks"); + jceksProvider = "jceks://file" + jksPath.toUri(); } @Test public void testCredentialSuccessfulLifecycle() throws Exception { outContent.reset(); String[] args1 = {"create", "credential1", "-value", "p@ssw0rd", "-provider", - "jceks://file" + tmpDir + "/credstore.jceks"}; + jceksProvider}; int rc = 0; CredentialShell cs = new CredentialShell(); cs.setConf(new Configuration()); @@ -59,14 +65,14 @@ public void testCredentialSuccessfulLifecycle() throws Exception { outContent.reset(); String[] args2 = {"list", "-provider", - "jceks://file" + tmpDir + "/credstore.jceks"}; + jceksProvider}; rc = cs.run(args2); assertEquals(0, rc); assertTrue(outContent.toString().contains("credential1")); outContent.reset(); String[] args4 = {"delete", "credential1", "-provider", - "jceks://file" + tmpDir + "/credstore.jceks"}; + jceksProvider}; rc = cs.run(args4); assertEquals(0, rc); assertTrue(outContent.toString().contains("credential1 has been successfully " + @@ -74,7 +80,7 @@ public void testCredentialSuccessfulLifecycle() throws Exception { outContent.reset(); String[] args5 = {"list", "-provider", - "jceks://file" + tmpDir + "/credstore.jceks"}; + jceksProvider}; rc = cs.run(args5); assertEquals(0, rc); assertFalse(outContent.toString(), outContent.toString().contains("credential1")); @@ -132,7 +138,7 @@ public void testTransientProviderOnlyConfig() throws Exception { @Test public void testPromptForCredentialWithEmptyPasswd() throws Exception { String[] args1 = {"create", "credential1", "-provider", - "jceks://file" + tmpDir + "/credstore.jceks"}; + jceksProvider}; ArrayList passwords = new ArrayList(); passwords.add(null); passwords.add("p@ssw0rd"); @@ -148,7 +154,7 @@ public void testPromptForCredentialWithEmptyPasswd() throws Exception { @Test public void testPromptForCredential() throws Exception { String[] args1 = {"create", "credential1", "-provider", - "jceks://file" + tmpDir + "/credstore.jceks"}; + jceksProvider}; ArrayList passwords = new ArrayList(); passwords.add("p@ssw0rd"); passwords.add("p@ssw0rd"); @@ -162,7 +168,7 @@ public void testPromptForCredential() throws Exception { "created.")); String[] args2 = {"delete", "credential1", "-provider", - "jceks://file" + tmpDir + "/credstore.jceks"}; + jceksProvider}; rc = shell.run(args2); assertEquals(0, rc); assertTrue(outContent.toString().contains("credential1 has been successfully " + diff --git a/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSConfiguration.java b/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSConfiguration.java index a7daa24692..f02811993f 100644 --- a/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSConfiguration.java +++ b/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSConfiguration.java @@ -19,6 +19,7 @@ import org.apache.hadoop.classification.InterfaceAudience; import org.apache.hadoop.conf.Configuration; +import org.apache.hadoop.fs.Path; import java.io.File; import java.net.MalformedURLException; @@ -72,15 +73,13 @@ static Configuration getConfiguration(boolean loadHadoopDefaults, String confDir = System.getProperty(KMS_CONFIG_DIR); if (confDir != null) { try { - if (!confDir.startsWith("/")) { + Path confPath = new Path(confDir); + if (!confPath.isUriPathAbsolute()) { throw new RuntimeException("System property '" + KMS_CONFIG_DIR + "' must be an absolute path: " + confDir); } - if (!confDir.endsWith("/")) { - confDir += "/"; - } for (String resource : resources) { - conf.addResource(new URL("file://" + confDir + resource)); + conf.addResource(new URL("file://" + new Path(confDir, resource).toUri())); } } catch (MalformedURLException ex) { throw new RuntimeException(ex); @@ -105,13 +104,11 @@ public static boolean isACLsFileNewer(long time) { boolean newer = false; String confDir = System.getProperty(KMS_CONFIG_DIR); if (confDir != null) { - if (!confDir.startsWith("/")) { + Path confPath = new Path(confDir); + if (!confPath.isUriPathAbsolute()) { throw new RuntimeException("System property '" + KMS_CONFIG_DIR + "' must be an absolute path: " + confDir); } - if (!confDir.endsWith("/")) { - confDir += "/"; - } File f = new File(confDir, KMS_ACLS_XML); // at least 100ms newer than time, we do this to ensure the file // has been properly closed/flushed diff --git a/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/MiniKMS.java b/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/MiniKMS.java index 5a6d4c5701..195eee86ad 100644 --- a/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/MiniKMS.java +++ b/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/MiniKMS.java @@ -19,6 +19,7 @@ import com.google.common.base.Preconditions; import org.apache.hadoop.conf.Configuration; +import org.apache.hadoop.fs.Path; import org.mortbay.jetty.Connector; import org.mortbay.jetty.Server; import org.mortbay.jetty.security.SslSocketConnector; @@ -158,7 +159,7 @@ public void start() throws Exception { if (!kmsFile.exists()) { Configuration kms = new Configuration(false); kms.set("hadoop.security.key.provider.path", - "jceks://file@" + kmsConfDir + "/kms.keystore"); + "jceks://file@" + new Path(kmsConfDir, "kms.keystore").toUri()); kms.set("hadoop.kms.authentication.type", "simple"); Writer writer = new FileWriter(kmsFile); kms.writeXml(writer); diff --git a/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java b/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java index 1ca0c0dc5b..f4f9fead63 100644 --- a/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java +++ b/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java @@ -26,6 +26,7 @@ import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion; import org.apache.hadoop.crypto.key.KeyProviderDelegationTokenExtension; import org.apache.hadoop.crypto.key.kms.KMSClientProvider; +import org.apache.hadoop.fs.Path; import org.apache.hadoop.io.Text; import org.apache.hadoop.minikdc.MiniKdc; import org.apache.hadoop.security.Credentials; @@ -117,7 +118,7 @@ protected void runServer(String keystore, String password, File confDir, protected Configuration createBaseKMSConf(File keyStoreDir) throws Exception { Configuration conf = new Configuration(false); conf.set("hadoop.security.key.provider.path", - "jceks://file@/" + keyStoreDir.getAbsolutePath() + "/kms.keystore"); + "jceks://file@" + new Path(keyStoreDir.getAbsolutePath(), "kms.keystore").toUri()); conf.set("hadoop.kms.authentication.type", "simple"); return conf; }