HADOOP-11088. Unittest TestKeyShell, TestCredShell and TestKMS assume UNIX path separator for JECKS key store path. Contributed by Xiaoyu Yao.

(cherry picked from commit 957414d4cb57cb8172070cc53530b7da78b8c9ca)

hadoop-common-project/hadoop-common/CHANGES.txt

@@ -463,6 +463,9 @@ Release 2.6.0 - UNRELEASED
     HADOOP-11083. After refactoring of HTTP proxyuser to common, doAs param is 
     case sensitive. (tucu)
 
+    HADOOP-11088. Unittest TestKeyShell, TestCredShell and TestKMS assume UNIX
+    path separator for JECKS key store path. (Xiaoyu Yao via cnauroth)
+
 Release 2.5.1 - 2014-09-05
 
   INCOMPATIBLE CHANGES

hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/crypto/key/TestKeyShell.java

@@ -24,6 +24,7 @@ import java.io.PrintStream;
 import java.util.UUID;
 
 import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.fs.Path;
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
@@ -51,7 +52,8 @@ public class TestKeyShell {
     if (!tmpDir.mkdirs()) {
       throw new IOException("Unable to create " + tmpDir);
     }
-    jceksProvider = "jceks://file" + tmpDir + "/keystore.jceks";
+    final Path jksPath = new Path(tmpDir.toString(), "keystore.jceks");
+    jceksProvider = "jceks://file" + jksPath.toUri();
     initialStdOut = System.out;
     initialStdErr = System.err;
     System.setOut(new PrintStream(outContent));

hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/alias/TestCredShell.java

@@ -29,6 +29,7 @@ import java.util.Arrays;
 import java.util.List;
 
 import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.fs.Path;
 import org.junit.Before;
 import org.junit.Test;
 
@@ -37,18 +38,23 @@ public class TestCredShell {
   private final ByteArrayOutputStream errContent = new ByteArrayOutputStream();
   private static final File tmpDir =
       new File(System.getProperty("test.build.data", "/tmp"), "creds");
-  
+
+  /* The default JCEKS provider - for testing purposes */
+  private String jceksProvider;
+
   @Before
   public void setup() throws Exception {
     System.setOut(new PrintStream(outContent));
     System.setErr(new PrintStream(errContent));
+    final Path jksPath = new Path(tmpDir.toString(), "keystore.jceks");
+    jceksProvider = "jceks://file" + jksPath.toUri();
   }
   
   @Test
   public void testCredentialSuccessfulLifecycle() throws Exception {
     outContent.reset();
     String[] args1 = {"create", "credential1", "-value", "p@ssw0rd", "-provider",
-        "jceks://file" + tmpDir + "/credstore.jceks"};
+        jceksProvider};
     int rc = 0;
     CredentialShell cs = new CredentialShell();
     cs.setConf(new Configuration());
@@ -59,14 +65,14 @@ public class TestCredShell {
 
     outContent.reset();
     String[] args2 = {"list", "-provider",
-        "jceks://file" + tmpDir + "/credstore.jceks"};
+        jceksProvider};
     rc = cs.run(args2);
     assertEquals(0, rc);
     assertTrue(outContent.toString().contains("credential1"));
 
     outContent.reset();
     String[] args4 = {"delete", "credential1", "-provider",
-        "jceks://file" + tmpDir + "/credstore.jceks"};
+        jceksProvider};
     rc = cs.run(args4);
     assertEquals(0, rc);
     assertTrue(outContent.toString().contains("credential1 has been successfully " +
@@ -74,7 +80,7 @@ public class TestCredShell {
 
     outContent.reset();
     String[] args5 = {"list", "-provider",
-        "jceks://file" + tmpDir + "/credstore.jceks"};
+        jceksProvider};
     rc = cs.run(args5);
     assertEquals(0, rc);
     assertFalse(outContent.toString(), outContent.toString().contains("credential1"));
@@ -132,7 +138,7 @@ public class TestCredShell {
   @Test
   public void testPromptForCredentialWithEmptyPasswd() throws Exception {
     String[] args1 = {"create", "credential1", "-provider",
-        "jceks://file" + tmpDir + "/credstore.jceks"};
+        jceksProvider};
     ArrayList<String> passwords = new ArrayList<String>();
     passwords.add(null);
     passwords.add("p@ssw0rd");
@@ -148,7 +154,7 @@ public class TestCredShell {
   @Test
   public void testPromptForCredential() throws Exception {
     String[] args1 = {"create", "credential1", "-provider",
-        "jceks://file" + tmpDir + "/credstore.jceks"};
+        jceksProvider};
     ArrayList<String> passwords = new ArrayList<String>();
     passwords.add("p@ssw0rd");
     passwords.add("p@ssw0rd");
@@ -162,7 +168,7 @@ public class TestCredShell {
         "created."));
     
     String[] args2 = {"delete", "credential1", "-provider",
-        "jceks://file" + tmpDir + "/credstore.jceks"};
+        jceksProvider};
     rc = shell.run(args2);
     assertEquals(0, rc);
     assertTrue(outContent.toString().contains("credential1 has been successfully " +

hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSConfiguration.java

@@ -19,6 +19,7 @@ package org.apache.hadoop.crypto.key.kms.server;
 
 import org.apache.hadoop.classification.InterfaceAudience;
 import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.fs.Path;
 
 import java.io.File;
 import java.net.MalformedURLException;
@@ -72,15 +73,13 @@ public class KMSConfiguration {
     String confDir = System.getProperty(KMS_CONFIG_DIR);
     if (confDir != null) {
       try {
-        if (!confDir.startsWith("/")) {
+        Path confPath = new Path(confDir);
+        if (!confPath.isUriPathAbsolute()) {
           throw new RuntimeException("System property '" + KMS_CONFIG_DIR +
               "' must be an absolute path: " + confDir);
         }
-        if (!confDir.endsWith("/")) {
-          confDir += "/";
-        }
         for (String resource : resources) {
-          conf.addResource(new URL("file://" + confDir + resource));
+          conf.addResource(new URL("file://" + new Path(confDir, resource).toUri()));
         }
       } catch (MalformedURLException ex) {
         throw new RuntimeException(ex);
@@ -105,13 +104,11 @@ public class KMSConfiguration {
     boolean newer = false;
     String confDir = System.getProperty(KMS_CONFIG_DIR);
     if (confDir != null) {
-      if (!confDir.startsWith("/")) {
+      Path confPath = new Path(confDir);
+      if (!confPath.isUriPathAbsolute()) {
         throw new RuntimeException("System property '" + KMS_CONFIG_DIR +
             "' must be an absolute path: " + confDir);
       }
-      if (!confDir.endsWith("/")) {
-        confDir += "/";
-      }
       File f = new File(confDir, KMS_ACLS_XML);
       // at least 100ms newer than time, we do this to ensure the file
       // has been properly closed/flushed

hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/MiniKMS.java

@@ -19,6 +19,7 @@ package org.apache.hadoop.crypto.key.kms.server;
 
 import com.google.common.base.Preconditions;
 import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.fs.Path;
 import org.mortbay.jetty.Connector;
 import org.mortbay.jetty.Server;
 import org.mortbay.jetty.security.SslSocketConnector;
@@ -158,7 +159,7 @@ public class MiniKMS {
     if (!kmsFile.exists()) {
       Configuration kms = new Configuration(false);
       kms.set("hadoop.security.key.provider.path",
-          "jceks://file@" + kmsConfDir + "/kms.keystore");
+          "jceks://file@" + new Path(kmsConfDir, "kms.keystore").toUri());
       kms.set("hadoop.kms.authentication.type", "simple");
       Writer writer = new FileWriter(kmsFile);
       kms.writeXml(writer);

hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java

@@ -26,6 +26,7 @@ import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension;
 import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension.EncryptedKeyVersion;
 import org.apache.hadoop.crypto.key.KeyProviderDelegationTokenExtension;
 import org.apache.hadoop.crypto.key.kms.KMSClientProvider;
+import org.apache.hadoop.fs.Path;
 import org.apache.hadoop.io.Text;
 import org.apache.hadoop.minikdc.MiniKdc;
 import org.apache.hadoop.security.Credentials;
@@ -117,7 +118,7 @@ public class TestKMS {
   protected Configuration createBaseKMSConf(File keyStoreDir) throws Exception {
     Configuration conf = new Configuration(false);
     conf.set("hadoop.security.key.provider.path",
-        "jceks://file@/" + keyStoreDir.getAbsolutePath() + "/kms.keystore");
+        "jceks://file@" + new Path(keyStoreDir.getAbsolutePath(), "kms.keystore").toUri());
     conf.set("hadoop.kms.authentication.type", "simple");
     return conf;
   }