big-data/hadoop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
24,661 Commits 2 Branches 2 Tags 264 MiB
9fd2198daa
Commit Graph

111 Commits

Author SHA1 Message Date
Xiao Chen
9daa9979a1 HADOOP-13437. KMS should reload whitelist and default key ACLs when hot-reloading. Contributed by Xiao Chen. 2016-08-15 18:14:45 -07:00
Wei-Chiu Chuang
070548943a HADOOP-13395. Enhance TestKMSAudit. Contributed by Xiao Chen. 2016-08-08 15:11:05 -07:00
Andrew Wang
713cb71820 HADOOP-13155. Implement TokenRenewer to renew and cancel delegation tokens in KMS. Contributed by Xiao Chen. 2016-06-03 16:48:54 -07:00
Allen Wittenauer
35cf503149 HADOOP-13077. Handle special characters in passwords in httpfs.sh (Xiao Chen via aw) 2016-05-05 11:33:06 -07:00
Andrew Wang
6f26b66587 HADOOP-13030. Handle special characters in passwords in KMS startup script. Contributed by Xiao Chen. 2016-04-27 15:56:16 -07:00
Andrew Wang
a74580a4d3 HADOOP-12811. Change kms server port number which conflicts with HMaster port number. Contributed by Xiao Chen. 2016-04-14 11:36:12 -07:00
Allen Wittenauer
0a74610d1c HADOOP-11393. Revert HADOOP_PREFIX, go back to HADOOP_HOME (aw) 2016-03-31 07:51:05 -07:00
Andrew Wang
d4df7849a5 HADOOP-12962. KMS key names are incorrectly encoded when creating key. Contributed by Xiao Chen. 2016-03-25 15:28:53 -07:00
Yongjun Zhang
a963baba10 HADOOP-12828. Print user when services are started. (Wei-Chiu Chuang via Yongjun Zhang) 2016-02-19 09:41:22 -08:00
Andrew Wang
8fdef0bd9d HADOOP-12699. TestKMS#testKMSProvider intermittently fails during 'test rollover draining'. Contributed by Xiao Chen. 2016-02-11 17:20:10 -08:00
cnauroth
70c756d35e HADOOP-12795. KMS does not log detailed stack trace for unexpected errors. Contributed by Chris Nauroth. 2016-02-11 16:52:58 -08:00
Zhe Zhang
4ef1324ff6 HADOOP-12764. Increase default value of KMX maxHttpHeaderSize and make it configurable. 
Change-Id: I6e970563c201152e1428feafb8124e61c15a6fc0
 2016-02-10 09:56:40 -08:00
Steve Loughran
bac798abfc HADOOP-12597. In kms-site.xml configuration "hadoop.security.keystore.JavaKeyStoreProvider.password" should be updated with new name. (Surendra Singh Lilhore via stevel) 2016-01-07 16:00:54 +00:00
Haohui Mai
66428d33a7 HADOOP-11218. Add TLSv1.1,TLSv1.2 to KMS, HttpFS, SSLFactory. Contributed by Vijay Singh. 2015-11-22 16:00:34 -08:00
Varun Vasudev
73b9c7b82b HADOOP-10787. Rename/remove non-HADOOP_*, etc from the shell scripts. Contributed by Allen Wittenauer. 2015-11-04 15:56:17 +05:30
Allen Wittenauer
666cafca8d HADOOP-12249. pull argument parsing into a function (aw) 2015-07-31 14:32:21 -07:00
Colin Patrick Mccabe
7dba7005b7 HADOOP-11969. ThreadLocal initialization in several classes is not thread safe (Sean Busbey via Colin P. McCabe) 2015-05-26 12:15:46 -07:00
Robert Kanter
9fec02c069 HADOOP-11870. [JDK8] AuthenticationFilter, CertificateUtil, SignerSecretProviders, KeyAuthorizationKeyProvider Javadoc issues (rkanter) 2015-04-27 13:25:11 -07:00
Allen Wittenauer
dce8b9c4d0 HADOOP-11637. bash location hard-coded in shell scripts (aw) 2015-02-26 09:29:16 -08:00
Allen Wittenauer
43d5caef5e HADOOP-11460. Deprecate shell vars (John Smith via aw) 2015-02-04 16:35:50 -08:00
yliu
ee1e06a3ab HADOOP-11469. KMS should skip default.key.acl and whitelist.key.acl when loading key acl. (Dian Fu via yliu) 2015-01-28 00:07:21 +08:00
Akira Ajisaka
aee4500612 HADOOP-11493. Fix some typos in kms-acls.xml description. (Contributed by Charles Lamb) 2015-01-23 11:48:19 +09:00
Allen Wittenauer
0c45946e65 HADOOP-10788. Rewrite kms to use new shell framework (John Smith via aw) 2015-01-02 10:52:47 -08:00
Haohui Mai
1340617535 HADOOP-11378. Fix new findbugs warnings in hadoop-kms. Contributed by Li Lu. 2014-12-09 13:10:03 -08:00
Andrew Wang
ddffcd8fac HADOOP-11329. Add JAVA_LIBRARY_PATH to KMS startup options. Contributed by Arun Suresh. 2014-12-08 13:45:19 -08:00
Andrew Wang
9cdaec6a6f HADOOP-11355. When accessing data in HDFS and the key has been deleted, a Null Pointer Exception is shown. Contributed by Arun Suresh. 2014-12-05 12:01:23 -08:00
Andrew Wang
1812241ee1 HADOOP-11342. KMS key ACL should ignore ALL operation for default key ACL and whitelist key ACL. Contributed by Dian Fu. 2014-12-03 12:00:14 -08:00
Andrew Wang
3d48ad7eb4 HADOOP-11344. KMS kms-config.sh sets a default value for the keystore password even in non-ssl setup. Contributed by Arun Suresh. 2014-12-02 19:04:29 -08:00
Andrew Wang
31b4d2daa1 HADOOP-11341. KMS support for whitelist key ACLs. Contributed by Arun Suresh. 2014-12-01 21:53:37 -08:00
Andrew Wang
9fa2990257 HADOOP-11337. KeyAuthorizationKeyProvider access checks need to be done atomically. Contributed by Dian Fu. 2014-12-01 21:21:23 -08:00
Andrew Wang
56f3eecc12 HADOOP-11300. KMS startup scripts must not display the keystore / truststore passwords. Contributed by Arun Suresh. 2014-11-25 15:12:04 -08:00
yliu
61a2510b55 HADOOP-11322. key based ACL check in KMS always check KeyOpType.MANAGEMENT even actual KeyOpType is not MANAGEMENT. (Dian Fu via yliu) 2014-11-25 01:08:40 +08:00
Karthik Kambatla
87818ef4e7 HADOOP-11217. (Addendum to allow SSLv2Hello) Disable SSLv3 in KMS. (Robert Kanter via kasha) 2014-11-12 18:39:03 -08:00
Karthik Kambatla
1a78082338 HADOOP-11217. Disable SSLv3 in KMS. (Robert Kanter via kasha) 2014-10-28 17:18:24 -07:00
Andrew Wang
64aef18965 HADOOP-11153. Make number of KMS threads configurable. (wang) 2014-09-29 15:02:29 -07:00
Andrew Wang
adf0b67a71 HADOOP-10970. Cleanup KMS configuration keys. (wang) 2014-09-19 14:59:25 -07:00
Andrew Wang
10e8602f32 HDFS-7004. Update KeyProvider instantiation to create by URI. (wang) 2014-09-17 20:14:40 -07:00
Alejandro Abdelnur
123f20d42f HADOOP-11016. KMS should support signing cookies with zookeeper secret manager. (tucu) 2014-09-17 15:29:17 -07:00
Alejandro Abdelnur
8a7671d753 Revert "HADOOP-11016. KMS should support signing cookies with zookeeper secret manager. (tucu)" 
This reverts commit 0a495bef5c.
 2014-09-17 11:11:33 -07:00
Alejandro Abdelnur
0a495bef5c HADOOP-11016. KMS should support signing cookies with zookeeper secret manager. (tucu) 2014-09-17 11:08:00 -07:00
Alejandro Abdelnur
e4ddb6da15 HADOOP-11099. KMS return HTTP UNAUTHORIZED 401 on ACL failure. (tucu) 2014-09-17 11:07:56 -07:00
Alejandro Abdelnur
e14e71d5fe HADOOP-11096. KMS: KeyAuthorizationKeyProvider should verify the keyversion belongs to the keyname on decrypt. (tucu) 2014-09-16 23:20:35 -07:00
cnauroth
957414d4cb HADOOP-11088. Unittest TestKeyShell, TestCredShell and TestKMS assume UNIX path separator for JECKS key store path. Contributed by Xiaoyu Yao. 2014-09-12 14:50:07 -07:00
Alejandro Abdelnur
b02a4b4061 HADOOP-10758. KMS: add ACLs on per key basis. (tucu) 2014-09-10 14:26:15 -07:00
Alejandro Abdelnur
df8c84cba8 HADOOP-11071. KMSClientProvider should drain the local generated EEK cache on key rollover. (tucu) 2014-09-08 11:31:30 -07:00
Alejandro Abdelnur
70b218748b HADOOP-11015. Http server/client utils to propagate and recreate Exceptions from server to client. (tucu) 2014-09-04 09:11:10 -07:00
Alejandro Abdelnur
d9a03e272a HADOOP-10863. KMS should have a blacklist for decrypting EEKs. (asuresh via tucu) 2014-09-03 15:08:55 -07:00
Alejandro Abdelnur
e932365d6d HADOOP-10698. KMS, add proxyuser support. (tucu) 
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1618217 13f79535-47bb-0310-9956-ffa450edef68
 2014-08-15 15:53:28 +00:00
Alejandro Abdelnur
e86c9ef651 HADOOP-10770. KMS add delegation token support. (tucu) 
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1618096 13f79535-47bb-0310-9956-ffa450edef68
 2014-08-15 05:03:58 +00:00
Alejandro Abdelnur
021ae47115 HADOOP-10862. Miscellaneous trivial corrections to KMS classes. (asuresh via tucu) 
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1616903 13f79535-47bb-0310-9956-ffa450edef68
 2014-08-08 23:10:11 +00:00
Alejandro Abdelnur
b9984e59d8 HADOOP-10918. JMXJsonServlet fails when used within Tomcat. (tucu) 
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1616002 13f79535-47bb-0310-9956-ffa450edef68
 2014-08-05 20:58:25 +00:00
Andrew Wang
b7e67db372 HADOOP-10936. Change default KeyProvider bitlength to 128. (wang) 
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1615850 13f79535-47bb-0310-9956-ffa450edef68
 2014-08-05 02:32:44 +00:00
Alejandro Abdelnur
bda9c584c8 HADOOP-10756. KMS audit log should consolidate successful similar requests. (asuresh via tucu) 
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1614725 13f79535-47bb-0310-9956-ffa450edef68
 2014-07-30 17:54:10 +00:00
Andrew Wang
e0f00e12ce HADOOP-10881. Clarify usage of encryption and encrypted encryption key in KeyProviderCryptoExtension. (wang) 
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1612737 13f79535-47bb-0310-9956-ffa450edef68
 2014-07-23 01:24:22 +00:00
Alejandro Abdelnur
0c1469ece3 HADOOP-10720. KMS: Implement generateEncryptedKey and decryptEncryptedKey in the REST API. (asuresh via tucu) 
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1612399 13f79535-47bb-0310-9956-ffa450edef68
 2014-07-21 20:55:42 +00:00
Alejandro Abdelnur
0a3ea6c486 HADOOP-10750. KMSKeyProviderCache should be in hadoop-common. (asuresh via tucu) 
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1611823 13f79535-47bb-0310-9956-ffa450edef68
 2014-07-18 22:01:18 +00:00
Uma Maheswara Rao G
80d7f0911c HADOOP-10824. Refactor KMSACLs to avoid locking. (Benoy Antony via umamahesh) 
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1610969 13f79535-47bb-0310-9956-ffa450edef68
 2014-07-16 11:24:41 +00:00
Alejandro Abdelnur
7b5295513d HADOOP-10757. KeyProvider KeyVersion should provide the key name. (asuresh via tucu) 
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1607896 13f79535-47bb-0310-9956-ffa450edef68
 2014-07-04 17:31:55 +00:00
Alejandro Abdelnur
38e2322d84 HADOOP-10696. Add optional attributes to KeyProvider Options and Metadata. (tucu) 
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1604041 13f79535-47bb-0310-9956-ffa450edef68
 2014-06-19 22:18:03 +00:00
Alejandro Abdelnur
12cf17555f HADOOP-10611. KMS, keyVersion name should not be assumed to be keyName@versionNumber. (tucu) 
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1598775 13f79535-47bb-0310-9956-ffa450edef68
 2014-05-30 23:19:11 +00:00
Alejandro Abdelnur
17d4fbbf0a HADOOP-10433. Key Management Server based on KeyProvider API. (tucu) 
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1592637 13f79535-47bb-0310-9956-ffa450edef68
 2014-05-05 21:43:14 +00:00