HDDS-1355. Only FQDN is accepted for OM rpc address in secure environment. Contributed by Ajay Kumar.
Closes #677
This commit is contained in:
parent
aeb43dfba3
commit
bfc90bdc64
@ -51,6 +51,7 @@
|
||||
import static org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_ACL_ENABLED;
|
||||
import static org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_OPEN_KEY_EXPIRE_THRESHOLD_SECONDS;
|
||||
import static org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_SECURITY_ENABLED_KEY;
|
||||
import static org.apache.hadoop.ozone.om.OMConfigKeys.OZONE_OM_ADDRESS_KEY;
|
||||
import static org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod.KERBEROS;
|
||||
import static org.apache.hadoop.test.GenericTestUtils.*;
|
||||
|
||||
@ -221,4 +222,20 @@ public void testSecureOmInitFailures() throws Exception {
|
||||
omLogs.clearOutput();
|
||||
}
|
||||
|
||||
/**
|
||||
* Test om bind socket address.
|
||||
*/
|
||||
@Test
|
||||
public void testSecureOmInitFailure() throws Exception {
|
||||
OzoneConfiguration config = new OzoneConfiguration(conf);
|
||||
OMStorage omStorage = new OMStorage(config);
|
||||
omStorage.setClusterId(clusterId);
|
||||
omStorage.setScmId(scmId);
|
||||
omStorage.setOmId(omId);
|
||||
config.set(OZONE_OM_ADDRESS_KEY, "om-unknown");
|
||||
LambdaTestUtils.intercept(RuntimeException.class, "Can't get SCM signed" +
|
||||
" certificate",
|
||||
() -> OzoneManager.initializeSecurity(config, omStorage));
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -1374,8 +1374,12 @@ private static void getSCMSignedCert(CertificateClient client,
|
||||
KeyPair keyPair = new KeyPair(client.getPublicKey(),
|
||||
client.getPrivateKey());
|
||||
InetSocketAddress omRpcAdd;
|
||||
|
||||
omRpcAdd = OmUtils.getOmAddress(config);
|
||||
if (omRpcAdd == null || omRpcAdd.getAddress() == null) {
|
||||
LOG.error("Incorrect om rpc address. omRpcAdd:{}", omRpcAdd);
|
||||
throw new RuntimeException("Can't get SCM signed certificate. " +
|
||||
"omRpcAdd: " + omRpcAdd);
|
||||
}
|
||||
// Get host name.
|
||||
String hostname = omRpcAdd.getAddress().getHostName();
|
||||
|
||||
@ -1388,7 +1392,7 @@ private static void getSCMSignedCert(CertificateClient client,
|
||||
.setScmID(omStore.getScmId())
|
||||
.setClusterID(omStore.getClusterID())
|
||||
.setSubject(subject)
|
||||
.addIpAddress(omRpcAdd.getAddress().getHostAddress());
|
||||
.addIpAddress(hostname);
|
||||
|
||||
LOG.info("Creating csr for OM->dns:{},ip:{},scmId:{},clusterId:{}," +
|
||||
"subject:{}", hostname, omRpcAdd.getAddress().getHostAddress(),
|
||||
@ -1397,7 +1401,7 @@ private static void getSCMSignedCert(CertificateClient client,
|
||||
HddsProtos.OzoneManagerDetailsProto.Builder omDetailsProtoBuilder =
|
||||
HddsProtos.OzoneManagerDetailsProto.newBuilder()
|
||||
.setHostName(omRpcAdd.getHostName())
|
||||
.setIpAddress(omRpcAdd.getAddress().getHostAddress())
|
||||
.setIpAddress(hostname)
|
||||
.setUuid(omStore.getOmId())
|
||||
.addPorts(HddsProtos.Port.newBuilder()
|
||||
.setName(RPC_PORT)
|
||||
|
Loading…
Reference in New Issue
Block a user