From 7ffd2df49a66bd7fbd018dbf0fffbcdb052751ce Mon Sep 17 00:00:00 2001 From: Egor Krivokon Date: Mon, 2 Jul 2018 13:39:02 +0300 Subject: [PATCH] MapR [SPARK-279] Can't connect to spark thrift server with new spark and hive packages (#307) --- .../hive/service/auth/HiveAuthFactory.java | 48 ++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/sql/hive-thriftserver/src/main/java/org/apache/hive/service/auth/HiveAuthFactory.java b/sql/hive-thriftserver/src/main/java/org/apache/hive/service/auth/HiveAuthFactory.java index a45a2bff22e30..0bc1144a18d6b 100644 --- a/sql/hive-thriftserver/src/main/java/org/apache/hive/service/auth/HiveAuthFactory.java +++ b/sql/hive-thriftserver/src/main/java/org/apache/hive/service/auth/HiveAuthFactory.java @@ -21,7 +21,12 @@ import java.lang.reflect.Field; import java.lang.reflect.Method; import java.net.InetSocketAddress; +import java.net.Socket; import java.net.UnknownHostException; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Arrays; import java.util.HashMap; @@ -30,7 +35,7 @@ import java.util.Map; import java.util.Objects; -import javax.net.ssl.SSLServerSocket; +import javax.net.ssl.*; import javax.security.auth.login.LoginException; import javax.security.sasl.Sasl; @@ -265,6 +270,47 @@ public static TTransport getSSLSocket(String host, int port, int loginTimeout, return TSSLTransportFactory.getClientSocket(host, port, loginTimeout, params); } + //Create SSL Socket for MAPRSASL connection. Ignore SSL trusted servers as MAPRSASL perform encryption by itself + public static TTransport getTrustAllSSLSocket(String host, int port, int loginTimeout) throws TTransportException { + TrustManager[] trustAllCerts = new TrustManager[]{ + new X509ExtendedTrustManager() { + @Override + public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { + } + @Override + public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { + } + @Override + public X509Certificate[] getAcceptedIssuers() { + return null; + } + @Override + public void checkClientTrusted(X509Certificate[] x509Certificates, String s, Socket socket) throws CertificateException { + } + @Override + public void checkServerTrusted(X509Certificate[] x509Certificates, String s, Socket socket) throws CertificateException { + } + @Override + public void checkClientTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) throws CertificateException { + } + @Override + public void checkServerTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) throws CertificateException { + } + } + }; + SSLSocket socket; + try { + SSLContext sslContext = SSLContext.getInstance("SSL"); + sslContext.init(null, trustAllCerts, new java.security.SecureRandom()); + SSLSocketFactory factory = sslContext.getSocketFactory(); + socket = (SSLSocket) factory.createSocket(host, port); + socket.setSoTimeout(loginTimeout); + } catch (NoSuchAlgorithmException | IOException | KeyManagementException e) { + throw new TTransportException("Couldn't create Trust All SSL socket", e); + } + return new TSocket(socket); + } + public static TServerSocket getServerSocket(String hiveHost, int portNum) throws TTransportException { InetSocketAddress serverAddress;