Ok let's take this back to either public mailing list or jira. I'd write up thoughts on jira and ask there+ml to look. I'll try to look tonight
On Sep 20, 2017 3:52 PM, "Jordan Zimmerman" <jor...@jordanzimmerman.com> wrote: > I'd like to fix it as my company and probably many others are now using it > in production. The question is how to fix it safely and correctly. Is email > the best way to discuss this? Jira? Something else? > > I must say that there appears to be a trivial fix but I need the ZK > committers to think about this. In SessionTrackerImpl#initializeNextSession() > only some of the server ID bits are used. We could easily just mask the 2 > high bits as well. But, what are the implications of this? Where is this > serverId byte used? What must be double checked? > > -Jordan > > On Sep 20, 2017, at 2:46 PM, Camille Fournier <cami...@apache.org> wrote: > > Would you rather roll back the feature or put in a fix? > > On Sep 20, 2017 3:44 PM, "Jordan Zimmerman" <jor...@jordanzimmerman.com> > wrote: > >> Hey Folks, >> >> This is very serious. Please - let's discuss immediately. I'm not certain >> how to fix this. >> >> -JZ >> >> On Sep 20, 2017, at 2:17 PM, Jordan Zimmerman <jor...@jordanzimmerman.com> >> wrote: >> >> See: https://issues.apache.org/jira/browse/ZOOKEEPER-2901 >> >> It appears that the high order byte of a session ID is reserved for the >> ServerID. I don't know how I could have missed this or how this got by code >> review, but Container Nodes and TTL nodes are using the 2 high bits to >> denote container/TTL. I'll work on a fix ASAP. But, can someone validate >> this? >> >> -Jordan >> >> >> >