HADOOP-6642. Fix javac, javadoc, findbugs warnings related to security work. Contributed by Chris Douglas, Po Cheung.

shvachko · shvachko · commit 863dc3b7818f · 2011-02-01T09:38:31.000Z
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1065959 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/CHANGES.txt b/CHANGES.txt
@@ -471,6 +471,9 @@ Release 0.22.0 - Unreleased
     HADOOP-7126. Fix file permission setting for RawLocalFileSystem on Windows.
     (Po Cheung via shv)
 
+    HADOOP-6642. Fix javac, javadoc, findbugs warnings related to security work. 
+    (Chris Douglas, Po Cheung via shv)
+
 Release 0.21.1 - Unreleased
 
   IMPROVEMENTS
diff --git a/src/java/org/apache/hadoop/security/Krb5AndCertsSslSocketConnector.java b/src/java/org/apache/hadoop/security/Krb5AndCertsSslSocketConnector.java
@@ -20,6 +20,8 @@
 import java.net.InetAddress;
 import java.net.ServerSocket;
 import java.security.Principal;
+import java.util.Collections;
+import java.util.List;
 import java.util.Random;
 
 import javax.net.ssl.SSLContext;
@@ -52,10 +54,11 @@
  * running with Kerberos support.
  */
 public class Krb5AndCertsSslSocketConnector extends SslSocketConnector {
-  public static final String[] KRB5_CIPHER_SUITES = 
-    new String [] {"TLS_KRB5_WITH_3DES_EDE_CBC_SHA"};
+  public static final List<String> KRB5_CIPHER_SUITES = 
+    Collections.unmodifiableList(Collections.singletonList(
+          "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"));
   static {
-    System.setProperty("https.cipherSuites", KRB5_CIPHER_SUITES[0]);
+    System.setProperty("https.cipherSuites", KRB5_CIPHER_SUITES.get(0));
   }
   
   private static final Log LOG = LogFactory
@@ -136,11 +139,12 @@ protected ServerSocket newServerSocket(String host, int port, int backlog)
       String [] combined;
       if(useCerts) { // combine the cipher suites
         String[] certs = ss.getEnabledCipherSuites();
-        combined = new String[certs.length + KRB5_CIPHER_SUITES.length];
+        combined = new String[certs.length + KRB5_CIPHER_SUITES.size()];
         System.arraycopy(certs, 0, combined, 0, certs.length);
-        System.arraycopy(KRB5_CIPHER_SUITES, 0, combined, certs.length, KRB5_CIPHER_SUITES.length);
+        System.arraycopy(KRB5_CIPHER_SUITES.toArray(new String[0]), 0, combined,
+              certs.length, KRB5_CIPHER_SUITES.size());
       } else { // Just enable Kerberos auth
-        combined = KRB5_CIPHER_SUITES;
+        combined = KRB5_CIPHER_SUITES.toArray(new String[0]);
       }
       
       ss.setEnabledCipherSuites(combined);
diff --git a/src/java/org/apache/hadoop/security/SaslRpcServer.java b/src/java/org/apache/hadoop/security/SaslRpcServer.java
@@ -238,8 +238,8 @@ public void handle(Callback[] callbacks) throws InvalidToken,
         }
         if (ac.isAuthorized()) {
           if (LOG.isDebugEnabled()) {
-            String username = getIdentifier(authzid, secretManager).getUser()
-            .getUserName().toString();
+            String username =
+              getIdentifier(authzid, secretManager).getUser().getUserName();
             LOG.debug("SASL server DIGEST-MD5 callback: setting "
                 + "canonicalized client ID: " + username);
           }

Original file line number	Diff line number	Diff line change
`@@ -238,8 +238,8 @@ public void handle(Callback[] callbacks) throws InvalidToken,`
`238`	`238`	`}`
`239`	`239`	`if (ac.isAuthorized()) {`
`240`	`240`	`if (LOG.isDebugEnabled()) {`
`241`		`- String username = getIdentifier(authzid, secretManager).getUser()`
`242`		`- .getUserName().toString();`
	`241`	`+ String username =`
	`242`	`+ getIdentifier(authzid, secretManager).getUser().getUserName();`
`243`	`243`	`LOG.debug("SASL server DIGEST-MD5 callback: setting "`
`244`	`244`	`+ "canonicalized client ID: " + username);`
`245`	`245`	`}`