public QuorumPeer() throws SaslException { super("QuorumPeer"); quorumStats = new QuorumStats(this); jmxRemotePeerBean = new HashMap<Long, RemotePeerBean>(); adminServer = AdminServerFactory.createAdminServer(); x509Util = new QuorumX509Util(); initialize(); }
private Socket createSocket() throws X509Exception, IOException { Socket sock; if (self.isSslQuorum()) { sock = self.getX509Util().createSSLSocket(); } else { sock = new Socket(); } sock.setSoTimeout(self.tickTime * self.initLimit); return sock; }
private void clearSSLSystemProperties() { System.clearProperty(quorumX509Util.getSslKeystoreLocationProperty()); System.clearProperty(quorumX509Util.getSslKeystorePasswdProperty()); System.clearProperty(quorumX509Util.getSslTruststoreLocationProperty()); System.clearProperty(quorumX509Util.getSslTruststorePasswdProperty()); System.clearProperty(quorumX509Util.getSslHostnameVerificationEnabledProperty()); System.clearProperty(quorumX509Util.getSslOcspEnabledProperty()); System.clearProperty(quorumX509Util.getSslCrlEnabledProperty()); System.clearProperty(quorumX509Util.getCipherSuitesProperty()); System.clearProperty(quorumX509Util.getSslProtocolProperty()); }
public void setSSLSystemProperties() { System.setProperty(ServerCnxnFactory.ZOOKEEPER_SERVER_CNXN_FACTORY, "org.apache.zookeeper.server.NettyServerCnxnFactory"); System.setProperty(ZKClientConfig.ZOOKEEPER_CLIENT_CNXN_SOCKET, "org.apache.zookeeper.ClientCnxnSocketNetty"); System.setProperty(quorumX509Util.getSslKeystoreLocationProperty(), validKeystorePath); System.setProperty(quorumX509Util.getSslKeystorePasswdProperty(), "testpass"); System.setProperty(quorumX509Util.getSslTruststoreLocationProperty(), truststorePath); System.setProperty(quorumX509Util.getSslTruststorePasswdProperty(), "testpass"); }
public void shutdown() { running = false; x509Util.close(); if (leader != null) { leader.shutdown("quorum Peer shutdown"); } if (follower != null) { follower.shutdown(); } shutdownServerCnxnFactory(); if(udpSocket != null) { udpSocket.close(); } try { adminServer.shutdown(); } catch (AdminServerException e) { LOG.warn("Problem stopping AdminServer", e); } if(getElectionAlg() != null){ this.interrupt(); getElectionAlg().shutdown(); } try { zkDb.close(); } catch (IOException ie) { LOG.warn("Error closing logs ", ie); } }
System.setProperty(quorumX509Util.getSslHostnameVerificationEnabledProperty(), "false"); Assert.assertTrue(ClientBase.waitForServerUp("127.0.0.1:" + clientPortQp2, CONNECTION_TIMEOUT)); System.setProperty(quorumX509Util.getSslKeystoreLocationProperty(), keystorePath); System.clearProperty(quorumX509Util.getSslHostnameVerificationEnabledProperty()); Assert.assertTrue(ClientBase.waitForServerUp("127.0.0.1:" + clientPortQp2, CONNECTION_TIMEOUT)); System.setProperty(quorumX509Util.getSslKeystoreLocationProperty(), keystorePath); q3.start();
buildCRL(revokedInCRLCert, crlPath); System.setProperty(quorumX509Util.getSslKeystoreLocationProperty(), revokedInCRLKeystorePath); System.setProperty(quorumX509Util.getSslCrlEnabledProperty(), "true"); Assert.assertTrue(ClientBase.waitForServerUp("127.0.0.1:" + clientPortQp2, CONNECTION_TIMEOUT)); System.setProperty(quorumX509Util.getSslKeystoreLocationProperty(), revokedInCRLKeystorePath); q3.start();
ocspServer.start(); System.setProperty(quorumX509Util.getSslKeystoreLocationProperty(), revokedInOCSPKeystorePath); System.setProperty(quorumX509Util.getSslOcspEnabledProperty(), "true"); Assert.assertTrue(ClientBase.waitForServerUp("127.0.0.1:" + clientPortQp2, CONNECTION_TIMEOUT)); System.setProperty(quorumX509Util.getSslKeystoreLocationProperty(), revokedInOCSPKeystorePath); q3.start();
System.setProperty(quorumX509Util.getCipherSuitesProperty(), suitesOfEnsemble); System.setProperty(quorumX509Util.getCipherSuitesProperty(), suiteOfClient);
quorumPeer.setQuorumListenOnAllIPs(config.getQuorumListenOnAllIPs()); if (config.sslQuorumReloadCertFiles) { quorumPeer.getX509Util().enableCertFileReloading();
@After public void cleanUp() throws Exception { clearSSLSystemProperties(); if (q1 != null) { q1.shutdown(); } if (q2 != null) { q2.shutdown(); } if (q3 != null) { q3.shutdown(); } Security.removeProvider("BC"); quorumX509Util.close(); }
/** * Now onwards client code will use properties from this class but older * clients still be setting properties through system properties. So to make * this change backward compatible we should set old system properties in * this configuration. */ protected void handleBackwardCompatibility() { properties.put(JUTE_MAXBUFFER, System.getProperty(JUTE_MAXBUFFER)); properties.put(KINIT_COMMAND, System.getProperty(KINIT_COMMAND)); properties.put(JGSS_NATIVE, System.getProperty(JGSS_NATIVE)); try (ClientX509Util clientX509Util = new ClientX509Util()) { putSSLProperties(clientX509Util); properties.put(clientX509Util.getSslAuthProviderProperty(), System.getProperty(clientX509Util.getSslAuthProviderProperty())); } try (X509Util x509Util = new QuorumX509Util()) { putSSLProperties(x509Util); } }
LOG.debug("Opening channel to server " + sid); if (self.isSslQuorum()) { SSLSocket sslSock = self.getX509Util().createSSLSocket(); setSockOpts(sslSock); sslSock.connect(electionAddr, cnxTO);
@Before public void setup() throws Exception { quorumX509Util = new QuorumX509Util(); ClientBase.setupTestEnv();