MapR [SPARK-279] Can't connect to spark thrift server with new spark …

…and hive packages (apache#307)
arjunshroff · Sep 19, 2019 · 7ffd2df · 7ffd2df
1 parent 20fea0e
commit 7ffd2df
Showing 1 changed file with 47 additions and 1 deletion.
diff --git a/sql/hive-thriftserver/src/main/java/org/apache/hive/service/auth/HiveAuthFactory.java b/sql/hive-thriftserver/src/main/java/org/apache/hive/service/auth/HiveAuthFactory.java
@@ -21,7 +21,12 @@
 import java.lang.reflect.Field;
 import java.lang.reflect.Method;
 import java.net.InetSocketAddress;
+import java.net.Socket;
 import java.net.UnknownHostException;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.HashMap;
@@ -30,7 +35,7 @@
 import java.util.Map;
 import java.util.Objects;
 
-import javax.net.ssl.SSLServerSocket;
+import javax.net.ssl.*;
 import javax.security.auth.login.LoginException;
 import javax.security.sasl.Sasl;
 
@@ -265,6 +270,47 @@ public static TTransport getSSLSocket(String host, int port, int loginTimeout,
     return TSSLTransportFactory.getClientSocket(host, port, loginTimeout, params);
   }
 
+  //Create SSL Socket for MAPRSASL connection. Ignore SSL trusted servers as MAPRSASL perform encryption by itself
+  public static TTransport getTrustAllSSLSocket(String host, int port, int loginTimeout) throws TTransportException {
+    TrustManager[] trustAllCerts = new TrustManager[]{
+            new X509ExtendedTrustManager() {
+              @Override
+              public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
+              }
+              @Override
+              public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
+              }
+              @Override
+              public X509Certificate[] getAcceptedIssuers() {
+                return null;
+              }
+              @Override
+              public void checkClientTrusted(X509Certificate[] x509Certificates, String s, Socket socket) throws CertificateException {
+              }
+              @Override
+              public void checkServerTrusted(X509Certificate[] x509Certificates, String s, Socket socket) throws CertificateException {
+              }
+              @Override
+              public void checkClientTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) throws CertificateException {
+              }
+              @Override
+              public void checkServerTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) throws CertificateException {
+              }
+            }
+    };
+    SSLSocket socket;
+    try {
+      SSLContext sslContext = SSLContext.getInstance("SSL");
+      sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
+      SSLSocketFactory factory = sslContext.getSocketFactory();
+      socket = (SSLSocket) factory.createSocket(host, port);
+      socket.setSoTimeout(loginTimeout);
+    } catch (NoSuchAlgorithmException | IOException | KeyManagementException e) {
+      throw new TTransportException("Couldn't create Trust All SSL socket", e);
+    }
+    return new TSocket(socket);
+  }
+
   public static TServerSocket getServerSocket(String hiveHost, int portNum)
     throws TTransportException {
     InetSocketAddress serverAddress;