* [ISSUE#5695] Add a plugin SPI for configuration encryption and decryption for Nacos 2.0 (#6655)
* Defines the interface
* 增加aes实现
* 客户端、服务端加解密实现
* 客户端、服务端加解密实现
* fix code quality (#6727)
* [ISSUE#5695] Add a plugin SPI for configuration encryption and decryption for Nacos 2.0, EncryptedDataKey is persisted (#6740)
* Defines the interface
* 增加aes实现
* 客户端、服务端加解密实现
* 客户端、服务端加解密实现
* 秘钥持久化
* 秘钥持久化
* [ISSUE#5695] Summer2021 Cache encryptedDataKey (#6878)
* Defines the interface
* 增加aes实现
* 客户端、服务端加解密实现
* 客户端、服务端加解密实现
* 秘钥持久化
* 秘钥持久化
* 秘钥缓存到内存中
* 解决冲突
* 修改filter继承AbstractConfigFilter (#6879)
* [ISSUE#5695] Summer2021 EncryptedDataKey is persisted to Derby (#6882)
* [ISSUE#5695] Add a plugin SPI for configuration encryption and decryption for Nacos 2.0 (#6655)
* Defines the interface
* 增加aes实现
* 客户端、服务端加解密实现
* 客户端、服务端加解密实现
* fix code quality (#6727)
* # This is a combination of 6 commits.tree cf7a399f99c4d81b8667c8de06f5ceb8c79fb6f0
parent 8024ecf31bf23a9edab416be8a3bfd1c0e48ce5e
author 李晓双 Li Xiao Shuang <644968328@qq.com> 1630028256 +0800
committer lixiaoshuang <644968328@qq.com> 1631804378 +0800
# This is a combination of 3 commits.
# This is the 1st commit message:
[ISSUE#5695] Add a plugin SPI for configuration encryption and decryption for Nacos 2.0, EncryptedDataKey is persisted (#6740)
* Defines the interface
* 增加aes实现
* 客户端、服务端加解密实现
* 客户端、服务端加解密实现
* 秘钥持久化
* 秘钥持久化
# This is the commit message #2:
[ISSUE#5695] Summer2021 Cache encryptedDataKey (#6878)
* Defines the interface
* 增加aes实现
* 客户端、服务端加解密实现
* 客户端、服务端加解密实现
* 秘钥持久化
* 秘钥持久化
* 秘钥缓存到内存中
* 解决冲突
# This is the commit message #3:
修改filter继承AbstractConfigFilter (#6879)
# This is the commit message #6:
客户端、服务端加解密实现
* parent 8024ecf31bf23a9edab416be8a3bfd1c0e48ce5e
author 李晓双 Li Xiao Shuang <644968328@qq.com> 1630028256 +0800
committer lixiaoshuang <644968328@qq.com> 1631805204 +0800
parent 8024ecf31bf23a9edab416be8a3bfd1c0e48ce5e
author 李晓双 Li Xiao Shuang <644968328@qq.com> 1630028256 +0800
committer lixiaoshuang <644968328@qq.com> 1631804378 +0800
[ISSUE#5695] Add a plugin SPI for configuration encryption and decryption for Nacos 2.0, EncryptedDataKey is persisted (#6740)
* 配置加解密插件
* derby支持秘钥存储
* 克隆功能兼容配置加解密 (#6913)
* [ISSUE#5695] Summer2021 Import/export compatible with configuration encryption and decryption (#6956)
* 克隆功能兼容配置加解密
* 导入导出兼容配置加解密
* 秘钥base64编码、更换AES加密模式 (#6974)
* [ISSUE#5695] Summer2021 add unit test for ConfigCryptoFilter (#6991)
* add unit test for ConfigCryptoFilter
* add unit test for ConfigCryptoFilter
* [ISSUE#5695] Summer2021 add unit test for CryptoExecutor (#6990)
* add unit test for CryptoExecutor
* add Copyright
* [ISSUE#5695] Summer2021 add unit test for CryptoManager (#6989)
* add unit test for CryptoManager
* add unit test for CryptoManager
* [ISSUE#5695] Summer2021 add unit test for AesCrypto (#6988)
* add unit test for AesCrypto
* update AesCryptoTest
* Increased iv randomness
* add default Iv
* fix javadoc
* fix unit test
* defining plugin intergace
* Replace the client encryption and decryption actuator
* Replace the server encryption and decryption actuator
* add unit test
* add unit test
* remove old code
* fix NacosConfigServiceTest
* Encryption and decryption to achieve migration
Co-authored-by: 杨翊 SionYang <263976490@qq.com>
* delete unit test case that already exist in HttpUtilsTest
* move unit test case to QueryTest
* move unit test case to ResponseHandlerTest
* delete empty test class
* replace explicit type argument with <>
* replace anonymous class with lambda
* remove redundant initializer
* format comment & log and fix typo
* add unit test to RpcClient::resolveServerInfo
* extend CollectionUtils::getOrDefault
* simplify RpcClient::resolveServerInfo
* remove unused variable
* [Reduce dependence]>[Lists] Replace "google.common.collect.*" API with jdk API
* use elements.size to init the array length
* Replace IllegalArgumentException with NullPointerException
* Refactor CollectionUtilsTest#list()
* Add exception message
* update annotation
* update unit test method name
* Add unit test for TlsFileWatcher
* replace explicit type argument with <>
* replace anonymous Runnable with lambda
* 'catch' parameter named 'ignored' is used
* adjust log style
* add ArrayUtils and TestClass
* modified StringUtils for remove common-lang3
* add Comment for StringUtils, Completion unit test
* fix variable name error and erro test
* Optimize the code.
* Edit author
* if the client already disconnect, ignore this request to avoid npe.
* unify code with DistroClientDataProcessor.
* print warn info when client already disconnect.
* transfer client check logic to method.
* if client is not ephemeral, is illegal.
* rename IPUitl to InternetAddressUtil
* move isDomain to InternetAddressUtil
* [ISSUE #5765] fix localhost not match ip
* fix typo
* delete the verification IP, follow the single responsibility principle
* The IPv6 judgment logic in this method will obtain IP address according to the host. In the container environment, K8S has not allocated IP to this pod, and then the judgment will report an error. After finding this problem, I gave feedback to remove the IPv4 judgment, but this problem still exists in IPv6. Suggested to remove the verification logic can be in other ways to optimize.
* Revert "The IPv6 judgment logic in this method will obtain IP address according to the host. In the container environment, K8S has not allocated IP to this pod, and then the judgment will report an error. After finding this problem, I gave feedback to remove the IPv4 judgment, but this problem still exists in IPv6. Suggested to remove the verification logic can be in other ways to optimize."
This reverts commit a112e52
* Both IPv4 and IPv6 validation rules adopt regular validation. In order to prevent the container from adding domain name rule validation in the case of domain name resolution deployment, the logic of removing Chinese slogan should be added before the rule validation in IPv6.
* Optimize and add licenses according to Ali's protocol
* The isDomain method is changed to validate only rules
* Format to optimize
* shade client
* shade client
* fix default cluster port
* rollback client ip
* using remote ip from header
* using remote ip from header
* using remote ip from header
* use client ip from connection setup request.
* reset remote connection for rollback
* npe bugfix
* npe bugfix
* stop long connection where server rollback
* stop long connection where server rollback
