Search in sources :

Example 6 with ClientX509Util

use of org.apache.zookeeper.common.ClientX509Util in project zookeeper by apache.

the class X509AuthFailureTest method setup.

@BeforeEach
public void setup() throws Exception {
    clientX509Util = new ClientX509Util();
    String testDataPath = System.getProperty("test.data.dir", "src/test/resources/data");
    System.setProperty(ServerCnxnFactory.ZOOKEEPER_SERVER_CNXN_FACTORY, "org.apache.zookeeper.server.NettyServerCnxnFactory");
    System.setProperty(ZKClientConfig.ZOOKEEPER_CLIENT_CNXN_SOCKET, "org.apache.zookeeper.ClientCnxnSocketNetty");
    System.setProperty(ZKClientConfig.SECURE_CLIENT, "true");
    System.setProperty(clientX509Util.getSslKeystoreLocationProperty(), testDataPath + "/ssl/testKeyStore.jks");
    System.setProperty(clientX509Util.getSslKeystorePasswdProperty(), "testpass");
    System.setProperty("zookeeper.admin.serverPort", "" + PortAssignment.unique());
}
Also used : ClientX509Util(org.apache.zookeeper.common.ClientX509Util) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 7 with ClientX509Util

use of org.apache.zookeeper.common.ClientX509Util in project zookeeper by apache.

the class ClientSSLTest method setup.

@BeforeEach
public void setup() {
    System.setProperty(NettyServerCnxnFactory.PORT_UNIFICATION_KEY, Boolean.TRUE.toString());
    clientX509Util = new ClientX509Util();
    String testDataPath = System.getProperty("test.data.dir", "src/test/resources/data");
    System.setProperty(ServerCnxnFactory.ZOOKEEPER_SERVER_CNXN_FACTORY, "org.apache.zookeeper.server.NettyServerCnxnFactory");
    System.setProperty(ZKClientConfig.ZOOKEEPER_CLIENT_CNXN_SOCKET, "org.apache.zookeeper.ClientCnxnSocketNetty");
    System.setProperty(ZKClientConfig.SECURE_CLIENT, "true");
    System.setProperty(clientX509Util.getSslKeystoreLocationProperty(), testDataPath + "/ssl/testKeyStore.jks");
    System.setProperty(clientX509Util.getSslKeystorePasswdProperty(), "testpass");
    System.setProperty(clientX509Util.getSslTruststoreLocationProperty(), testDataPath + "/ssl/testTrustStore.jks");
    System.setProperty(clientX509Util.getSslTruststorePasswdProperty(), "testpass");
}
Also used : ClientX509Util(org.apache.zookeeper.common.ClientX509Util) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 8 with ClientX509Util

use of org.apache.zookeeper.common.ClientX509Util in project hive by apache.

the class MiniZooKeeperCluster method createServerCnxnFactory.

private ServerCnxnFactory createServerCnxnFactory(int currentClientPort) throws IOException {
    ServerCnxnFactory serverCnxnFactory = null;
    if (sslEnabled) {
        System.setProperty(ServerCnxnFactory.ZOOKEEPER_SERVER_CNXN_FACTORY, "org.apache.zookeeper.server.NettyServerCnxnFactory");
        String dataFileDir = !System.getProperty("test.data.files", "").isEmpty() ? System.getProperty("test.data.files") : configuration.get("test.data.files").replace('\\', '/').replace("c:", "");
        X509Util x509Util = new ClientX509Util();
        System.setProperty(x509Util.getSslKeystoreLocationProperty(), dataFileDir + File.separator + LOCALHOST_KEY_STORE_NAME);
        System.setProperty(x509Util.getSslKeystorePasswdProperty(), KEY_STORE_TRUST_STORE_PASSWORD);
        System.setProperty(x509Util.getSslTruststoreLocationProperty(), dataFileDir + File.separator + TRUST_STORE_NAME);
        System.setProperty(x509Util.getSslTruststorePasswdProperty(), KEY_STORE_TRUST_STORE_PASSWORD);
        serverCnxnFactory = ServerCnxnFactory.createFactory();
        serverCnxnFactory.configure(new InetSocketAddress(currentClientPort), configuration.getInt(HConstants.ZOOKEEPER_MAX_CLIENT_CNXNS, HConstants.DEFAULT_ZOOKEPER_MAX_CLIENT_CNXNS), true);
    } else {
        serverCnxnFactory = ServerCnxnFactory.createFactory();
        serverCnxnFactory.configure(new InetSocketAddress(currentClientPort), configuration.getInt(HConstants.ZOOKEEPER_MAX_CLIENT_CNXNS, HConstants.DEFAULT_ZOOKEPER_MAX_CLIENT_CNXNS));
    }
    return serverCnxnFactory;
}
Also used : ClientX509Util(org.apache.zookeeper.common.ClientX509Util) InetSocketAddress(java.net.InetSocketAddress) ServerCnxnFactory(org.apache.zookeeper.server.ServerCnxnFactory) X509Util(org.apache.zookeeper.common.X509Util) ClientX509Util(org.apache.zookeeper.common.ClientX509Util)

Example 9 with ClientX509Util

use of org.apache.zookeeper.common.ClientX509Util in project hive by apache.

the class SSLZookeeperFactory method newZooKeeper.

@Override
public ZooKeeper newZooKeeper(String connectString, int sessionTimeout, Watcher watcher, boolean canBeReadOnly) throws Exception {
    if (!this.sslEnabled) {
        return new ZooKeeper(connectString, sessionTimeout, watcher, canBeReadOnly);
    }
    ZKClientConfig clientConfig = new ZKClientConfig();
    clientConfig.setProperty(ZKClientConfig.SECURE_CLIENT, "true");
    clientConfig.setProperty(ZKClientConfig.ZOOKEEPER_CLIENT_CNXN_SOCKET, "org.apache.zookeeper.ClientCnxnSocketNetty");
    ClientX509Util x509Util = new ClientX509Util();
    clientConfig.setProperty(x509Util.getSslKeystoreLocationProperty(), this.keyStoreLocation);
    clientConfig.setProperty(x509Util.getSslKeystorePasswdProperty(), this.keyStorePassword);
    clientConfig.setProperty(x509Util.getSslTruststoreLocationProperty(), this.trustStoreLocation);
    clientConfig.setProperty(x509Util.getSslTruststorePasswdProperty(), this.trustStorePassword);
    return new ZooKeeper(connectString, sessionTimeout, watcher, canBeReadOnly, clientConfig);
}
Also used : ZooKeeper(org.apache.zookeeper.ZooKeeper) ZKClientConfig(org.apache.zookeeper.client.ZKClientConfig) ClientX509Util(org.apache.zookeeper.common.ClientX509Util)

Example 10 with ClientX509Util

use of org.apache.zookeeper.common.ClientX509Util in project zookeeper by apache.

the class FourLetterWordMain method send4LetterWord.

/**
 * Send the 4letterword
 * @param host the destination host
 * @param port the destination port
 * @param cmd the 4letterword
 * @param secure whether to use SSL
 * @param timeout in milliseconds, maximum time to wait while connecting/reading data
 * @return server response
 * @throws java.io.IOException
 * @throws SSLContextException
 */
public static String send4LetterWord(String host, int port, String cmd, boolean secure, int timeout) throws IOException, SSLContextException {
    LOG.info("connecting to {} {}", host, port);
    Socket sock;
    InetSocketAddress hostaddress = host != null ? new InetSocketAddress(host, port) : new InetSocketAddress(InetAddress.getByName(null), port);
    if (secure) {
        LOG.info("using secure socket");
        try (X509Util x509Util = new ClientX509Util()) {
            SSLContext sslContext = x509Util.getDefaultSSLContext();
            SSLSocketFactory socketFactory = sslContext.getSocketFactory();
            SSLSocket sslSock = (SSLSocket) socketFactory.createSocket();
            sslSock.connect(hostaddress, timeout);
            sslSock.startHandshake();
            sock = sslSock;
        }
    } else {
        sock = new Socket();
        sock.connect(hostaddress, timeout);
    }
    sock.setSoTimeout(timeout);
    BufferedReader reader = null;
    try {
        OutputStream outstream = sock.getOutputStream();
        outstream.write(cmd.getBytes(UTF_8));
        outstream.flush();
        // this replicates NC - close the output stream before reading
        if (!secure) {
            // SSL prohibits unilateral half-close
            sock.shutdownOutput();
        }
        reader = new BufferedReader(new InputStreamReader(sock.getInputStream()));
        StringBuilder sb = new StringBuilder();
        String line;
        while ((line = reader.readLine()) != null) {
            sb.append(line).append("\n");
        }
        return sb.toString();
    } catch (SocketTimeoutException e) {
        throw new IOException("Exception while executing four letter word: " + cmd, e);
    } finally {
        sock.close();
        if (reader != null) {
            reader.close();
        }
    }
}
Also used : InputStreamReader(java.io.InputStreamReader) InetSocketAddress(java.net.InetSocketAddress) SSLSocket(javax.net.ssl.SSLSocket) OutputStream(java.io.OutputStream) SSLContext(javax.net.ssl.SSLContext) IOException(java.io.IOException) X509Util(org.apache.zookeeper.common.X509Util) ClientX509Util(org.apache.zookeeper.common.ClientX509Util) ClientX509Util(org.apache.zookeeper.common.ClientX509Util) SocketTimeoutException(java.net.SocketTimeoutException) BufferedReader(java.io.BufferedReader) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) Socket(java.net.Socket) SSLSocket(javax.net.ssl.SSLSocket)

Aggregations

ClientX509Util (org.apache.zookeeper.common.ClientX509Util)12 InetSocketAddress (java.net.InetSocketAddress)4 IOException (java.io.IOException)2 Socket (java.net.Socket)2 ZooKeeper (org.apache.zookeeper.ZooKeeper)2 X509Util (org.apache.zookeeper.common.X509Util)2 BeforeEach (org.junit.jupiter.api.BeforeEach)2 BufferedReader (java.io.BufferedReader)1 InputStreamReader (java.io.InputStreamReader)1 OutputStream (java.io.OutputStream)1 ServerSocket (java.net.ServerSocket)1 SocketTimeoutException (java.net.SocketTimeoutException)1 Properties (java.util.Properties)1 Random (java.util.Random)1 Callable (java.util.concurrent.Callable)1 CountDownLatch (java.util.concurrent.CountDownLatch)1 AtomicBoolean (java.util.concurrent.atomic.AtomicBoolean)1 AtomicInteger (java.util.concurrent.atomic.AtomicInteger)1 SSLContext (javax.net.ssl.SSLContext)1 SSLSocket (javax.net.ssl.SSLSocket)1