keith-turner commented on a change in pull request #315: ACCUMULO-4731 Improve
exception handling if a key encryption key cannot be loaded
URL: https://github.com/apache/accumulo/pull/315#discussion_r147475074
##########
File path:
core/src/main/java/org/apache/accumulo/core/security/crypto/CachingHDFSSecretKeyEncryptionStrategy.java
##########
@@ -127,26 +128,44 @@ public synchronized void
ensureSecretKeyCacheInitialized(CryptoModuleParameters
pathToKeyName =
Property.CRYPTO_DEFAULT_KEY_STRATEGY_KEY_LOCATION.getDefaultValue();
}
- // TODO ACCUMULO-2530 Ensure volumes a properly supported
+ // TODO ACCUMULO-2530 Ensure volumes are properly supported
Path pathToKey = new Path(pathToKeyName);
FileSystem fs = FileSystem.get(CachedConfiguration.getInstance());
DataInputStream in = null;
+ boolean invalidFile = false;
+ int keyEncryptionKeyLength = 0;
+
try {
if (!fs.exists(pathToKey)) {
initializeKeyEncryptionKey(fs, pathToKey, context);
}
in = fs.open(pathToKey);
- int keyEncryptionKeyLength = in.readInt();
+ keyEncryptionKeyLength = in.readInt();
Review comment:
Could also check for negaive lengths below, but its seem unnecessary. Are
there any negative numbers that would pass the check below? I don't think so
but not 100% sure since getLen() may return a long and maybe there is some
weird case I am missing with long vs int.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
