From 8f2a9b9fd0d4d691b06805da4947fd6b6c5b8e64 Mon Sep 17 00:00:00 2001 From: Ryan Ernst Date: Tue, 21 Sep 2021 10:39:48 -0700 Subject: [PATCH] Fix split package in keystore-cli (#78047) The keystore-cli contains cli command classes for reading and writing the elasticsearch-keystore. These classes need access to the save methods of the KeyStoreWrapper, but those are package private. This change openes those methods to make them available. Note that setString was already public, only setFile and a couple minor methods were necessary to open up. Additionally, some methods from bootstrap for reading the keystore needed to be accessible to tests. This change moves those to a public utility class, as they were already static. --- distribution/src/bin/elasticsearch-keystore | 2 +- .../src/bin/elasticsearch-keystore.bat | 2 +- distribution/tools/keystore-cli/build.gradle | 14 ---- .../keystore}/AddFileKeyStoreCommand.java | 3 +- .../keystore}/AddStringKeyStoreCommand.java | 3 +- .../keystore}/BaseKeyStoreCommand.java | 4 +- .../ChangeKeyStorePasswordCommand.java | 4 +- .../keystore}/CreateKeyStoreCommand.java | 4 +- .../keystore}/HasPasswordKeyStoreCommand.java | 3 +- .../keystore}/KeyStoreCli.java | 2 +- .../keystore}/ListKeyStoreCommand.java | 3 +- .../RemoveSettingKeyStoreCommand.java | 3 +- .../keystore}/UpgradeKeyStoreCommand.java | 3 +- .../AddFileKeyStoreCommandTests.java | 3 +- .../AddStringKeyStoreCommandTests.java | 3 +- .../keystore}/BootstrapTests.java | 13 ++-- .../ChangeKeyStorePasswordCommandTests.java | 2 +- .../keystore}/CreateKeyStoreCommandTests.java | 3 +- .../HasPasswordKeyStoreCommandTests.java | 2 +- .../keystore}/KeyStoreCommandTestCase.java | 4 +- .../keystore}/KeyStoreWrapperTests.java | 4 +- .../keystore}/ListKeyStoreCommandTests.java | 2 +- .../RemoveSettingKeyStoreCommandTests.java | 2 +- .../UpgradeKeyStoreCommandTests.java | 3 +- .../elasticsearch/bootstrap/Bootstrap.java | 43 +----------- .../bootstrap/BootstrapUtil.java | 65 +++++++++++++++++++ .../common/settings/KeyStoreWrapper.java | 6 +- 27 files changed, 117 insertions(+), 88 deletions(-) rename distribution/tools/keystore-cli/src/main/java/org/elasticsearch/{common/settings => cli/keystore}/AddFileKeyStoreCommand.java (96%) rename distribution/tools/keystore-cli/src/main/java/org/elasticsearch/{common/settings => cli/keystore}/AddStringKeyStoreCommand.java (97%) rename distribution/tools/keystore-cli/src/main/java/org/elasticsearch/{common/settings => cli/keystore}/BaseKeyStoreCommand.java (95%) rename distribution/tools/keystore-cli/src/main/java/org/elasticsearch/{common/settings => cli/keystore}/ChangeKeyStorePasswordCommand.java (89%) rename distribution/tools/keystore-cli/src/main/java/org/elasticsearch/{common/settings => cli/keystore}/CreateKeyStoreCommand.java (93%) rename distribution/tools/keystore-cli/src/main/java/org/elasticsearch/{common/settings => cli/keystore}/HasPasswordKeyStoreCommand.java (94%) rename distribution/tools/keystore-cli/src/main/java/org/elasticsearch/{common/settings => cli/keystore}/KeyStoreCli.java (96%) rename distribution/tools/keystore-cli/src/main/java/org/elasticsearch/{common/settings => cli/keystore}/ListKeyStoreCommand.java (92%) rename distribution/tools/keystore-cli/src/main/java/org/elasticsearch/{common/settings => cli/keystore}/RemoveSettingKeyStoreCommand.java (94%) rename distribution/tools/keystore-cli/src/main/java/org/elasticsearch/{common/settings => cli/keystore}/UpgradeKeyStoreCommand.java (90%) rename distribution/tools/keystore-cli/src/test/java/org/elasticsearch/{common/settings => cli/keystore}/AddFileKeyStoreCommandTests.java (98%) rename distribution/tools/keystore-cli/src/test/java/org/elasticsearch/{common/settings => cli/keystore}/AddStringKeyStoreCommandTests.java (99%) rename distribution/tools/keystore-cli/src/test/java/org/elasticsearch/{bootstrap => cli/keystore}/BootstrapTests.java (89%) rename distribution/tools/keystore-cli/src/test/java/org/elasticsearch/{common/settings => cli/keystore}/ChangeKeyStorePasswordCommandTests.java (98%) rename distribution/tools/keystore-cli/src/test/java/org/elasticsearch/{common/settings => cli/keystore}/CreateKeyStoreCommandTests.java (97%) rename distribution/tools/keystore-cli/src/test/java/org/elasticsearch/{common/settings => cli/keystore}/HasPasswordKeyStoreCommandTests.java (98%) rename distribution/tools/keystore-cli/src/test/java/org/elasticsearch/{common/settings => cli/keystore}/KeyStoreCommandTestCase.java (96%) rename distribution/tools/keystore-cli/src/test/java/org/elasticsearch/{common/settings => cli/keystore}/KeyStoreWrapperTests.java (99%) rename distribution/tools/keystore-cli/src/test/java/org/elasticsearch/{common/settings => cli/keystore}/ListKeyStoreCommandTests.java (98%) rename distribution/tools/keystore-cli/src/test/java/org/elasticsearch/{common/settings => cli/keystore}/RemoveSettingKeyStoreCommandTests.java (98%) rename distribution/tools/keystore-cli/src/test/java/org/elasticsearch/{common/settings => cli/keystore}/UpgradeKeyStoreCommandTests.java (96%) create mode 100644 server/src/main/java/org/elasticsearch/bootstrap/BootstrapUtil.java diff --git a/distribution/src/bin/elasticsearch-keystore b/distribution/src/bin/elasticsearch-keystore index 334eda30d1a21..c24eb47536e25 100755 --- a/distribution/src/bin/elasticsearch-keystore +++ b/distribution/src/bin/elasticsearch-keystore @@ -1,6 +1,6 @@ #!/bin/bash -ES_MAIN_CLASS=org.elasticsearch.common.settings.KeyStoreCli \ +ES_MAIN_CLASS=org.elasticsearch.cli.keystore.KeyStoreCli \ ES_ADDITIONAL_CLASSPATH_DIRECTORIES=lib/tools/keystore-cli \ "`dirname "$0"`"/elasticsearch-cli \ "$@" diff --git a/distribution/src/bin/elasticsearch-keystore.bat b/distribution/src/bin/elasticsearch-keystore.bat index 9c0fb37ce6efa..59ca167ab519b 100644 --- a/distribution/src/bin/elasticsearch-keystore.bat +++ b/distribution/src/bin/elasticsearch-keystore.bat @@ -3,7 +3,7 @@ setlocal enabledelayedexpansion setlocal enableextensions -set ES_MAIN_CLASS=org.elasticsearch.common.settings.KeyStoreCli +set ES_MAIN_CLASS=org.elasticsearch.cli.keystore.KeyStoreCli set ES_ADDITIONAL_CLASSPATH_DIRECTORIES=lib/tools/keystore-cli call "%~dp0elasticsearch-cli.bat" ^ %%* ^ diff --git a/distribution/tools/keystore-cli/build.gradle b/distribution/tools/keystore-cli/build.gradle index a410608d18442..71c6724248340 100644 --- a/distribution/tools/keystore-cli/build.gradle +++ b/distribution/tools/keystore-cli/build.gradle @@ -15,17 +15,3 @@ dependencies { testImplementation "com.google.jimfs:jimfs:${versions.jimfs}" testRuntimeOnly "com.google.guava:guava:${versions.jimfs_guava}" } - -tasks.named('splitPackagesAudit').configure { - // common.settings is owned by server, this should be keystore specifici - ignoreClasses 'org.elasticsearch.common.settings.AddFileKeyStoreCommand', - 'org.elasticsearch.common.settings.AddStringKeyStoreCommand', - 'org.elasticsearch.common.settings.BaseKeyStoreCommand', - 'org.elasticsearch.common.settings.ChangeKeyStorePasswordCommand', - 'org.elasticsearch.common.settings.CreateKeyStoreCommand', - 'org.elasticsearch.common.settings.HasPasswordKeyStoreCommand', - 'org.elasticsearch.common.settings.KeyStoreCli', - 'org.elasticsearch.common.settings.ListKeyStoreCommand', - 'org.elasticsearch.common.settings.RemoveSettingKeyStoreCommand', - 'org.elasticsearch.common.settings.UpgradeKeyStoreCommand' -} diff --git a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/AddFileKeyStoreCommand.java b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/AddFileKeyStoreCommand.java similarity index 96% rename from distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/AddFileKeyStoreCommand.java rename to distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/AddFileKeyStoreCommand.java index ae432e6ab9a70..8a6b1e462eb83 100644 --- a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/AddFileKeyStoreCommand.java +++ b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/AddFileKeyStoreCommand.java @@ -6,7 +6,7 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import joptsimple.OptionSet; import joptsimple.OptionSpec; @@ -14,6 +14,7 @@ import org.elasticsearch.cli.ExitCodes; import org.elasticsearch.cli.Terminal; import org.elasticsearch.cli.UserException; +import org.elasticsearch.common.settings.KeyStoreWrapper; import org.elasticsearch.core.PathUtils; import org.elasticsearch.core.SuppressForbidden; import org.elasticsearch.env.Environment; diff --git a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/AddStringKeyStoreCommand.java b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/AddStringKeyStoreCommand.java similarity index 97% rename from distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/AddStringKeyStoreCommand.java rename to distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/AddStringKeyStoreCommand.java index a3ec9f6395000..0ad35c5512259 100644 --- a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/AddStringKeyStoreCommand.java +++ b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/AddStringKeyStoreCommand.java @@ -6,7 +6,7 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import joptsimple.OptionSet; import joptsimple.OptionSpec; @@ -14,6 +14,7 @@ import org.elasticsearch.cli.ExitCodes; import org.elasticsearch.cli.Terminal; import org.elasticsearch.cli.UserException; +import org.elasticsearch.common.settings.KeyStoreWrapper; import org.elasticsearch.core.CheckedFunction; import org.elasticsearch.env.Environment; diff --git a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/BaseKeyStoreCommand.java b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/BaseKeyStoreCommand.java similarity index 95% rename from distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/BaseKeyStoreCommand.java rename to distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/BaseKeyStoreCommand.java index 95c0e55748410..268cafe16bf1b 100644 --- a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/BaseKeyStoreCommand.java +++ b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/BaseKeyStoreCommand.java @@ -6,7 +6,7 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import joptsimple.OptionSet; import joptsimple.OptionSpec; @@ -15,6 +15,8 @@ import org.elasticsearch.cli.KeyStoreAwareCommand; import org.elasticsearch.cli.Terminal; import org.elasticsearch.cli.UserException; +import org.elasticsearch.common.settings.KeyStoreWrapper; +import org.elasticsearch.common.settings.SecureString; import org.elasticsearch.env.Environment; import java.nio.file.Path; diff --git a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/ChangeKeyStorePasswordCommand.java b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/ChangeKeyStorePasswordCommand.java similarity index 89% rename from distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/ChangeKeyStorePasswordCommand.java rename to distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/ChangeKeyStorePasswordCommand.java index d3a670b8c4952..47b5631ae5d21 100644 --- a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/ChangeKeyStorePasswordCommand.java +++ b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/ChangeKeyStorePasswordCommand.java @@ -6,13 +6,15 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import joptsimple.OptionSet; import org.elasticsearch.cli.ExitCodes; import org.elasticsearch.cli.Terminal; import org.elasticsearch.cli.UserException; +import org.elasticsearch.common.settings.KeyStoreWrapper; +import org.elasticsearch.common.settings.SecureString; import org.elasticsearch.env.Environment; /** diff --git a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/CreateKeyStoreCommand.java b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/CreateKeyStoreCommand.java similarity index 93% rename from distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/CreateKeyStoreCommand.java rename to distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/CreateKeyStoreCommand.java index 0bf6a1acf10ce..4ad64d8595df1 100644 --- a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/CreateKeyStoreCommand.java +++ b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/CreateKeyStoreCommand.java @@ -6,7 +6,7 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import joptsimple.OptionSet; import joptsimple.OptionSpec; @@ -15,6 +15,8 @@ import org.elasticsearch.cli.KeyStoreAwareCommand; import org.elasticsearch.cli.Terminal; import org.elasticsearch.cli.UserException; +import org.elasticsearch.common.settings.KeyStoreWrapper; +import org.elasticsearch.common.settings.SecureString; import org.elasticsearch.env.Environment; import java.nio.file.Files; diff --git a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/HasPasswordKeyStoreCommand.java b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/HasPasswordKeyStoreCommand.java similarity index 94% rename from distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/HasPasswordKeyStoreCommand.java rename to distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/HasPasswordKeyStoreCommand.java index 387536ebe7937..6a25a84637888 100644 --- a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/HasPasswordKeyStoreCommand.java +++ b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/HasPasswordKeyStoreCommand.java @@ -6,13 +6,14 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import joptsimple.OptionSet; import org.elasticsearch.cli.KeyStoreAwareCommand; import org.elasticsearch.cli.Terminal; import org.elasticsearch.cli.UserException; +import org.elasticsearch.common.settings.KeyStoreWrapper; import org.elasticsearch.env.Environment; import java.nio.file.Path; diff --git a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/KeyStoreCli.java b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/KeyStoreCli.java similarity index 96% rename from distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/KeyStoreCli.java rename to distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/KeyStoreCli.java index 440489051bf7a..dfaa358f66316 100644 --- a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/KeyStoreCli.java +++ b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/KeyStoreCli.java @@ -6,7 +6,7 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import org.elasticsearch.cli.LoggingAwareMultiCommand; import org.elasticsearch.cli.Terminal; diff --git a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/ListKeyStoreCommand.java b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/ListKeyStoreCommand.java similarity index 92% rename from distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/ListKeyStoreCommand.java rename to distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/ListKeyStoreCommand.java index 7dbc71eca69e6..37de590c3b58f 100644 --- a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/ListKeyStoreCommand.java +++ b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/ListKeyStoreCommand.java @@ -6,11 +6,12 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import joptsimple.OptionSet; import org.elasticsearch.cli.Terminal; +import org.elasticsearch.common.settings.KeyStoreWrapper; import org.elasticsearch.env.Environment; import java.util.ArrayList; diff --git a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/RemoveSettingKeyStoreCommand.java b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/RemoveSettingKeyStoreCommand.java similarity index 94% rename from distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/RemoveSettingKeyStoreCommand.java rename to distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/RemoveSettingKeyStoreCommand.java index 3a69b55d40df5..a50f4580b370c 100644 --- a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/RemoveSettingKeyStoreCommand.java +++ b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/RemoveSettingKeyStoreCommand.java @@ -6,7 +6,7 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import joptsimple.OptionSet; import joptsimple.OptionSpec; @@ -14,6 +14,7 @@ import org.elasticsearch.cli.ExitCodes; import org.elasticsearch.cli.Terminal; import org.elasticsearch.cli.UserException; +import org.elasticsearch.common.settings.KeyStoreWrapper; import org.elasticsearch.env.Environment; import java.util.List; diff --git a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/UpgradeKeyStoreCommand.java b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/UpgradeKeyStoreCommand.java similarity index 90% rename from distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/UpgradeKeyStoreCommand.java rename to distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/UpgradeKeyStoreCommand.java index fa44ee23ec0e8..16579c25eab9d 100644 --- a/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/common/settings/UpgradeKeyStoreCommand.java +++ b/distribution/tools/keystore-cli/src/main/java/org/elasticsearch/cli/keystore/UpgradeKeyStoreCommand.java @@ -6,11 +6,12 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import joptsimple.OptionSet; import org.elasticsearch.cli.Terminal; +import org.elasticsearch.common.settings.KeyStoreWrapper; import org.elasticsearch.env.Environment; /** diff --git a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/AddFileKeyStoreCommandTests.java b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/AddFileKeyStoreCommandTests.java similarity index 98% rename from distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/AddFileKeyStoreCommandTests.java rename to distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/AddFileKeyStoreCommandTests.java index 197ea614357a2..637214f3911dc 100644 --- a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/AddFileKeyStoreCommandTests.java +++ b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/AddFileKeyStoreCommandTests.java @@ -6,11 +6,12 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import org.elasticsearch.cli.Command; import org.elasticsearch.cli.ExitCodes; import org.elasticsearch.cli.UserException; +import org.elasticsearch.common.settings.KeyStoreWrapper; import org.elasticsearch.core.Tuple; import org.elasticsearch.env.Environment; diff --git a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/AddStringKeyStoreCommandTests.java b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/AddStringKeyStoreCommandTests.java similarity index 99% rename from distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/AddStringKeyStoreCommandTests.java rename to distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/AddStringKeyStoreCommandTests.java index 1df98b51ff861..2d62c00f6ceab 100644 --- a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/AddStringKeyStoreCommandTests.java +++ b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/AddStringKeyStoreCommandTests.java @@ -6,11 +6,12 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import org.elasticsearch.cli.Command; import org.elasticsearch.cli.ExitCodes; import org.elasticsearch.cli.UserException; +import org.elasticsearch.common.settings.KeyStoreWrapper; import org.elasticsearch.env.Environment; import java.io.ByteArrayInputStream; diff --git a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/bootstrap/BootstrapTests.java b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/BootstrapTests.java similarity index 89% rename from distribution/tools/keystore-cli/src/test/java/org/elasticsearch/bootstrap/BootstrapTests.java rename to distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/BootstrapTests.java index b64fb7d796f9c..2f5f133ed9288 100644 --- a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/bootstrap/BootstrapTests.java +++ b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/BootstrapTests.java @@ -5,11 +5,10 @@ * in compliance with, at your election, the Elastic License 2.0 or the Server * Side Public License, v 1. */ -package org.elasticsearch.bootstrap; +package org.elasticsearch.cli.keystore; -import org.elasticsearch.common.settings.KeyStoreCommandTestCase; +import org.elasticsearch.bootstrap.BootstrapUtil; import org.elasticsearch.common.settings.KeyStoreWrapper; -import org.elasticsearch.common.settings.KeyStoreWrapperTests; import org.elasticsearch.common.settings.SecureSettings; import org.elasticsearch.common.settings.SecureString; import org.elasticsearch.common.settings.Settings; @@ -61,7 +60,7 @@ public void testLoadSecureSettings() throws Exception { ? new ByteArrayInputStream(new String(password).getBytes(StandardCharsets.UTF_8)) : System.in; assertTrue(Files.exists(configPath.resolve("elasticsearch.keystore"))); - try (SecureSettings secureSettings = Bootstrap.loadSecureSettings(env, in)) { + try (SecureSettings secureSettings = BootstrapUtil.loadSecureSettings(env, in)) { SecureString seedAfterLoad = KeyStoreWrapper.SEED_SETTING.get(Settings.builder().setSecureSettings(secureSettings).build()); assertEquals(seedAfterLoad.toString(), seed.toString()); assertTrue(Files.exists(configPath.resolve("elasticsearch.keystore"))); @@ -87,7 +86,7 @@ public void testPassphraseTooLong() throws Exception { expectThrows( RuntimeException.class, "Password exceeded maximum length of 10", - () -> Bootstrap.readPassphrase(stream, MAX_PASSPHRASE_LENGTH) + () -> BootstrapUtil.readPassphrase(stream, MAX_PASSPHRASE_LENGTH) ); } } @@ -98,14 +97,14 @@ public void testNoPassPhraseProvided() throws Exception { expectThrows( RuntimeException.class, "Keystore passphrase required but none provided.", - () -> Bootstrap.readPassphrase(stream, MAX_PASSPHRASE_LENGTH) + () -> BootstrapUtil.readPassphrase(stream, MAX_PASSPHRASE_LENGTH) ); } } private void assertPassphraseRead(String source, String expected) { try (InputStream stream = new ByteArrayInputStream(source.getBytes(StandardCharsets.UTF_8))) { - SecureString result = Bootstrap.readPassphrase(stream, MAX_PASSPHRASE_LENGTH); + SecureString result = BootstrapUtil.readPassphrase(stream, MAX_PASSPHRASE_LENGTH); assertThat(result, equalTo(expected)); } catch (IOException e) { throw new RuntimeException(e); diff --git a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/ChangeKeyStorePasswordCommandTests.java b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/ChangeKeyStorePasswordCommandTests.java similarity index 98% rename from distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/ChangeKeyStorePasswordCommandTests.java rename to distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/ChangeKeyStorePasswordCommandTests.java index 63938edcd640b..dd59f90ccf5ed 100644 --- a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/ChangeKeyStorePasswordCommandTests.java +++ b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/ChangeKeyStorePasswordCommandTests.java @@ -6,7 +6,7 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import org.elasticsearch.cli.Command; import org.elasticsearch.cli.ExitCodes; diff --git a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/CreateKeyStoreCommandTests.java b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/CreateKeyStoreCommandTests.java similarity index 97% rename from distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/CreateKeyStoreCommandTests.java rename to distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/CreateKeyStoreCommandTests.java index 3b3ba91922a34..410ec6e469614 100644 --- a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/CreateKeyStoreCommandTests.java +++ b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/CreateKeyStoreCommandTests.java @@ -6,11 +6,12 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import org.elasticsearch.cli.Command; import org.elasticsearch.cli.ExitCodes; import org.elasticsearch.cli.UserException; +import org.elasticsearch.common.settings.KeyStoreWrapper; import org.elasticsearch.env.Environment; import java.nio.charset.StandardCharsets; diff --git a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/HasPasswordKeyStoreCommandTests.java b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/HasPasswordKeyStoreCommandTests.java similarity index 98% rename from distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/HasPasswordKeyStoreCommandTests.java rename to distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/HasPasswordKeyStoreCommandTests.java index d37879fbada87..d423aa4436eb0 100644 --- a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/HasPasswordKeyStoreCommandTests.java +++ b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/HasPasswordKeyStoreCommandTests.java @@ -6,7 +6,7 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import org.elasticsearch.cli.Command; import org.elasticsearch.cli.UserException; diff --git a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/KeyStoreCommandTestCase.java b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/KeyStoreCommandTestCase.java similarity index 96% rename from distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/KeyStoreCommandTestCase.java rename to distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/KeyStoreCommandTestCase.java index d7657b92c75b9..0244d7d32c46d 100644 --- a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/KeyStoreCommandTestCase.java +++ b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/KeyStoreCommandTestCase.java @@ -6,13 +6,15 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import com.google.common.jimfs.Configuration; import com.google.common.jimfs.Jimfs; import org.apache.lucene.util.LuceneTestCase; import org.elasticsearch.cli.CommandTestCase; +import org.elasticsearch.common.settings.KeyStoreWrapper; +import org.elasticsearch.common.settings.Settings; import org.elasticsearch.core.PathUtilsForTesting; import org.elasticsearch.core.internal.io.IOUtils; import org.elasticsearch.env.Environment; diff --git a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/KeyStoreWrapperTests.java b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/KeyStoreWrapperTests.java similarity index 99% rename from distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/KeyStoreWrapperTests.java rename to distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/KeyStoreWrapperTests.java index 250aafa18cee6..1c58e9bbd92c6 100644 --- a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/KeyStoreWrapperTests.java +++ b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/KeyStoreWrapperTests.java @@ -6,7 +6,7 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import org.apache.lucene.backward_codecs.store.EndiannessReverserUtil; import org.apache.lucene.codecs.CodecUtil; @@ -15,6 +15,8 @@ import org.apache.lucene.store.IOContext; import org.apache.lucene.store.IndexOutput; import org.elasticsearch.common.Randomness; +import org.elasticsearch.common.settings.KeyStoreWrapper; +import org.elasticsearch.common.settings.SecureString; import org.elasticsearch.core.internal.io.IOUtils; import org.elasticsearch.env.Environment; import org.elasticsearch.test.ESTestCase; diff --git a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/ListKeyStoreCommandTests.java b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/ListKeyStoreCommandTests.java similarity index 98% rename from distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/ListKeyStoreCommandTests.java rename to distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/ListKeyStoreCommandTests.java index 6894158a314ac..3d43eda7d493e 100644 --- a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/ListKeyStoreCommandTests.java +++ b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/ListKeyStoreCommandTests.java @@ -6,7 +6,7 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import org.elasticsearch.cli.Command; import org.elasticsearch.cli.ExitCodes; diff --git a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/RemoveSettingKeyStoreCommandTests.java b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/RemoveSettingKeyStoreCommandTests.java similarity index 98% rename from distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/RemoveSettingKeyStoreCommandTests.java rename to distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/RemoveSettingKeyStoreCommandTests.java index ce8b9c97b1183..01845c9099842 100644 --- a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/RemoveSettingKeyStoreCommandTests.java +++ b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/RemoveSettingKeyStoreCommandTests.java @@ -6,7 +6,7 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import org.elasticsearch.cli.Command; import org.elasticsearch.cli.ExitCodes; diff --git a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/UpgradeKeyStoreCommandTests.java b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/UpgradeKeyStoreCommandTests.java similarity index 96% rename from distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/UpgradeKeyStoreCommandTests.java rename to distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/UpgradeKeyStoreCommandTests.java index 90dfb4154ae38..5c0138fac8bad 100644 --- a/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/common/settings/UpgradeKeyStoreCommandTests.java +++ b/distribution/tools/keystore-cli/src/test/java/org/elasticsearch/cli/keystore/UpgradeKeyStoreCommandTests.java @@ -6,10 +6,11 @@ * Side Public License, v 1. */ -package org.elasticsearch.common.settings; +package org.elasticsearch.cli.keystore; import org.elasticsearch.cli.Command; import org.elasticsearch.cli.UserException; +import org.elasticsearch.common.settings.KeyStoreWrapper; import org.elasticsearch.env.Environment; import java.io.InputStream; diff --git a/server/src/main/java/org/elasticsearch/bootstrap/Bootstrap.java b/server/src/main/java/org/elasticsearch/bootstrap/Bootstrap.java index b302dfb555958..de226227365b9 100644 --- a/server/src/main/java/org/elasticsearch/bootstrap/Bootstrap.java +++ b/server/src/main/java/org/elasticsearch/bootstrap/Bootstrap.java @@ -18,7 +18,6 @@ import org.apache.lucene.util.StringHelper; import org.elasticsearch.ElasticsearchException; import org.elasticsearch.Version; -import org.elasticsearch.cli.Terminal; import org.elasticsearch.cli.UserException; import org.elasticsearch.common.PidFile; import org.elasticsearch.core.SuppressForbidden; @@ -26,9 +25,7 @@ import org.elasticsearch.common.logging.LogConfigurator; import org.elasticsearch.common.logging.Loggers; import org.elasticsearch.common.network.IfConfig; -import org.elasticsearch.common.settings.KeyStoreWrapper; import org.elasticsearch.common.settings.SecureSettings; -import org.elasticsearch.common.settings.SecureString; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.transport.BoundTransportAddress; import org.elasticsearch.core.internal.io.IOUtils; @@ -43,12 +40,9 @@ import java.io.ByteArrayOutputStream; import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; import java.io.PrintStream; import java.io.UnsupportedEncodingException; import java.net.URISyntaxException; -import java.nio.charset.StandardCharsets; import java.nio.file.Path; import java.security.NoSuchAlgorithmException; import java.util.Collections; @@ -232,42 +226,7 @@ protected void validateNodeBeforeAcceptingRequests( }; } - static SecureSettings loadSecureSettings(Environment initialEnv) throws BootstrapException { - return loadSecureSettings(initialEnv, System.in); - } - - static SecureSettings loadSecureSettings(Environment initialEnv, InputStream stdin) throws BootstrapException { - try { - return KeyStoreWrapper.bootstrap(initialEnv.configFile(), () -> readPassphrase(stdin, KeyStoreWrapper.MAX_PASSPHRASE_LENGTH)); - } catch (Exception e) { - throw new BootstrapException(e); - } - } - // visible for tests - /** - * Read from an InputStream up to the first carriage return or newline, - * returning no more than maxLength characters. - */ - static SecureString readPassphrase(InputStream stream, int maxLength) throws IOException { - SecureString passphrase; - - try(InputStreamReader reader = new InputStreamReader(stream, StandardCharsets.UTF_8)) { - passphrase = new SecureString(Terminal.readLineToCharArray(reader, maxLength)); - } catch (RuntimeException e) { - if (e.getMessage().startsWith("Input exceeded maximum length")) { - throw new IllegalStateException("Password exceeded maximum length of " + maxLength, e); - } - throw e; - } - - if (passphrase.length() == 0) { - passphrase.close(); - throw new IllegalStateException("Keystore passphrase required but none provided."); - } - - return passphrase; - } private static Environment createEnvironment( final Path pidFile, @@ -320,7 +279,7 @@ static void init( INSTANCE = new Bootstrap(); - final SecureSettings keystore = loadSecureSettings(initialEnv); + final SecureSettings keystore = BootstrapUtil.loadSecureSettings(initialEnv); final Environment environment = createEnvironment(pidFile, keystore, initialEnv.settings(), initialEnv.configFile()); // the LogConfigurator will replace System.out and System.err with redirects to our logfile, so we need to capture diff --git a/server/src/main/java/org/elasticsearch/bootstrap/BootstrapUtil.java b/server/src/main/java/org/elasticsearch/bootstrap/BootstrapUtil.java new file mode 100644 index 0000000000000..0d1c0f6d0592e --- /dev/null +++ b/server/src/main/java/org/elasticsearch/bootstrap/BootstrapUtil.java @@ -0,0 +1,65 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +package org.elasticsearch.bootstrap; + +import org.elasticsearch.cli.Terminal; +import org.elasticsearch.common.settings.KeyStoreWrapper; +import org.elasticsearch.common.settings.SecureSettings; +import org.elasticsearch.common.settings.SecureString; +import org.elasticsearch.env.Environment; + +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.nio.charset.StandardCharsets; + +/** + * Utilities for use during bootstrap. This is public so that tests may use these methods. + */ +public class BootstrapUtil { + + // no construction + private BootstrapUtil() {} + + /** + * Read from an InputStream up to the first carriage return or newline, + * returning no more than maxLength characters. + */ + public static SecureString readPassphrase(InputStream stream, int maxLength) throws IOException { + SecureString passphrase; + + try(InputStreamReader reader = new InputStreamReader(stream, StandardCharsets.UTF_8)) { + passphrase = new SecureString(Terminal.readLineToCharArray(reader, maxLength)); + } catch (RuntimeException e) { + if (e.getMessage().startsWith("Input exceeded maximum length")) { + throw new IllegalStateException("Password exceeded maximum length of " + maxLength, e); + } + throw e; + } + + if (passphrase.length() == 0) { + passphrase.close(); + throw new IllegalStateException("Keystore passphrase required but none provided."); + } + + return passphrase; + } + + public static SecureSettings loadSecureSettings(Environment initialEnv) throws BootstrapException { + return loadSecureSettings(initialEnv, System.in); + } + + public static SecureSettings loadSecureSettings(Environment initialEnv, InputStream stdin) throws BootstrapException { + try { + return KeyStoreWrapper.bootstrap(initialEnv.configFile(), () -> readPassphrase(stdin, KeyStoreWrapper.MAX_PASSPHRASE_LENGTH)); + } catch (Exception e) { + throw new BootstrapException(e); + } + } +} diff --git a/server/src/main/java/org/elasticsearch/common/settings/KeyStoreWrapper.java b/server/src/main/java/org/elasticsearch/common/settings/KeyStoreWrapper.java index 49e3a458e386e..e7f49d042df61 100644 --- a/server/src/main/java/org/elasticsearch/common/settings/KeyStoreWrapper.java +++ b/server/src/main/java/org/elasticsearch/common/settings/KeyStoreWrapper.java @@ -108,7 +108,7 @@ private static class Entry { public static final String KEYSTORE_FILENAME = "elasticsearch.keystore"; /** The version of the metadata written before the keystore data. */ - static final int FORMAT_VERSION = 4; + public static final int FORMAT_VERSION = 4; /** The oldest metadata format version that can be read. */ private static final int MIN_FORMAT_VERSION = 1; @@ -668,7 +668,7 @@ public synchronized void setString(String setting, char[] value) { /** * Set a file setting. */ - synchronized void setFile(String setting, byte[] bytes) { + public synchronized void setFile(String setting, byte[] bytes) { ensureOpen(); validateSettingName(setting); @@ -681,7 +681,7 @@ synchronized void setFile(String setting, byte[] bytes) { /** * Remove the given setting from the keystore. */ - void remove(String setting) { + public void remove(String setting) { ensureOpen(); Entry oldEntry = entries.get().remove(setting); if (oldEntry != null) {