Repository: hadoop Updated Branches: refs/heads/branch-2.8 a80ac0822 -> 9d8d3a84b
HDFS-11702. Remove indefinite caching of key provider uri in DFSClient. Contributed by Rushabh S Shah. (cherry picked from commit cef2815cf48154fe82f44082dcbdce6373c81284) Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/9d8d3a84 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/9d8d3a84 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/9d8d3a84 Branch: refs/heads/branch-2.8 Commit: 9d8d3a84bd80a9f53643ba53acf933a2bdd18a75 Parents: a80ac08 Author: Kihwal Lee <kih...@apache.org> Authored: Mon May 8 08:31:18 2017 -0500 Committer: Kihwal Lee <kih...@apache.org> Committed: Mon May 8 08:31:18 2017 -0500 ---------------------------------------------------------------------- .../main/java/org/apache/hadoop/hdfs/DFSClient.java | 14 +------------- .../org/apache/hadoop/hdfs/TestEncryptionZones.java | 9 --------- 2 files changed, 1 insertion(+), 22 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/9d8d3a84/hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/DFSClient.java ---------------------------------------------------------------------- diff --git a/hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/DFSClient.java b/hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/DFSClient.java index 01b9a6a..3430047 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/DFSClient.java +++ b/hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/DFSClient.java @@ -242,7 +242,6 @@ public class DFSClient implements java.io.Closeable, RemotePeerFactory, new DFSHedgedReadMetrics(); private static ThreadPoolExecutor HEDGED_READ_THREAD_POOL; private final int smallBufferSize; - private URI keyProviderUri = null; public DfsClientConf getConf() { return dfsClientConf; @@ -3010,10 +3009,7 @@ public class DFSClient implements java.io.Closeable, RemotePeerFactory, * @throws IOException */ URI getKeyProviderUri() throws IOException { - if (keyProviderUri != null) { - return keyProviderUri; - } - + URI keyProviderUri = null; // Lookup the secret in credentials object for namenodeuri. Credentials credentials = ugi.getCredentials(); byte[] keyProviderUriBytes = credentials.getSecretKey(getKeyProviderMapKey()); @@ -3045,14 +3041,6 @@ public class DFSClient implements java.io.Closeable, RemotePeerFactory, return clientContext.getKeyProviderCache().get(conf, getKeyProviderUri()); } - /* - * Should be used only for testing. - */ - @VisibleForTesting - public void setKeyProviderUri(URI providerUri) { - this.keyProviderUri = providerUri; - } - @VisibleForTesting public void setKeyProvider(KeyProvider provider) { clientContext.getKeyProviderCache().setKeyProvider(conf, provider); http://git-wip-us.apache.org/repos/asf/hadoop/blob/9d8d3a84/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java ---------------------------------------------------------------------- diff --git a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java index eb02235..33d52e9 100644 --- a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java +++ b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java @@ -1685,7 +1685,6 @@ public class TestEncryptionZones { credentials.addSecretKey(lookUpKey, DFSUtilClient.string2Bytes(dummyKeyProvider)); client.ugi.addCredentials(credentials); - client.setKeyProviderUri(null); Assert.assertEquals("Client Key provider is different from provider in " + "credentials map", dummyKeyProvider, client.getKeyProviderUri().toString()); @@ -1707,7 +1706,6 @@ public class TestEncryptionZones { CommonConfigurationKeysPublic.HADOOP_SECURITY_KEY_PROVIDER_PATH, dummyKeyProviderUri1); DFSClient mockClient = Mockito.spy(cluster.getFileSystem().getClient()); - mockClient.setKeyProviderUri(null); // Namenode returning null as keyProviderUri in FSServerDefaults. FsServerDefaults serverDefaultsWithKeyProviderNull = getTestServerDefaults(null); @@ -1719,7 +1717,6 @@ public class TestEncryptionZones { Mockito.verify(mockClient, Mockito.times(1)).getServerDefaults(); String dummyKeyProviderUri2 = "dummy://foo:bar@test_provider2"; - mockClient.setKeyProviderUri(null); FsServerDefaults serverDefaultsWithDummyKeyProvider = getTestServerDefaults(dummyKeyProviderUri2); // Namenode returning dummyKeyProvider2 in serverDefaults. @@ -1748,8 +1745,6 @@ public class TestEncryptionZones { // Unset the provider path in conf clusterConf.unset( CommonConfigurationKeysPublic.HADOOP_SECURITY_KEY_PROVIDER_PATH); - // Nullify the cached value for key provider uri on client - cluster.getFileSystem().getClient().setKeyProviderUri(null); // Even after unsetting the local conf, the client key provider should be // the same as namenode's provider. Assert.assertEquals("Key Provider for client and namenode are different", @@ -1760,8 +1755,6 @@ public class TestEncryptionZones { clusterConf.set( CommonConfigurationKeysPublic.HADOOP_SECURITY_KEY_PROVIDER_PATH, "dummy://foo:bar@test_provider1"); - // Nullify the cached value for key provider uri on client - cluster.getFileSystem().getClient().setKeyProviderUri(null); // Even after pointing the conf to some dummy provider, the client key // provider should be the same as namenode's provider. Assert.assertEquals("Key Provider for client and namenode are different", @@ -1796,8 +1789,6 @@ public class TestEncryptionZones { // Creating a fake serverdefaults so that we can simulate namenode not // being upgraded. DFSClient spyClient = Mockito.spy(cluster.getFileSystem().getClient()); - // Clear the cache value of keyProviderUri on client side. - spyClient.setKeyProviderUri(null); Mockito.doReturn(spyServerDefaults).when(spyClient).getServerDefaults(); // Since FsServerDefaults#keyProviderUri is null, the client --------------------------------------------------------------------- To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-commits-h...@hadoop.apache.org