From 08b4aa699a40e6095736f344d3ff59bec37c7e6e Mon Sep 17 00:00:00 2001
From: Zhijie Shen <zjshen@apache.org>
Date: Fri, 6 Jun 2014 20:07:58 +0000
Subject: [PATCH] YARN-2117. Fixed the issue that secret file reader is
 potentially not closed in TimelineAuthenticationFilterInitializer.
 Contributed by Chen He.

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1600994 13f79535-47bb-0310-9956-ffa450edef68
---
 hadoop-yarn-project/CHANGES.txt                            | 3 +++
 .../security/TimelineAuthenticationFilterInitializer.java  | 7 +++++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/hadoop-yarn-project/CHANGES.txt b/hadoop-yarn-project/CHANGES.txt
index 1efb87ea98e..1ec1d926d27 100644
--- a/hadoop-yarn-project/CHANGES.txt
+++ b/hadoop-yarn-project/CHANGES.txt
@@ -198,6 +198,9 @@ Release 2.5.0 - UNRELEASED
     YARN-2118. Fixed the type mismatch in Map#containsKey check of
     TimelineWebServices#injectOwnerInfo. (Ted Yu via zjshen)
 
+    YARN-2117. Fixed the issue that secret file reader is potentially not
+    closed in TimelineAuthenticationFilterInitializer. (Chen He via zjshen)
+
 Release 2.4.1 - UNRELEASED
 
   INCOMPATIBLE CHANGES
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/main/java/org/apache/hadoop/yarn/server/timeline/security/TimelineAuthenticationFilterInitializer.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/main/java/org/apache/hadoop/yarn/server/timeline/security/TimelineAuthenticationFilterInitializer.java
index 53b27fbf4bc..8aeb4388338 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/main/java/org/apache/hadoop/yarn/server/timeline/security/TimelineAuthenticationFilterInitializer.java
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/main/java/org/apache/hadoop/yarn/server/timeline/security/TimelineAuthenticationFilterInitializer.java
@@ -28,6 +28,7 @@ import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.http.FilterContainer;
 import org.apache.hadoop.http.FilterInitializer;
 import org.apache.hadoop.http.HttpServer2;
+import org.apache.hadoop.io.IOUtils;
 import org.apache.hadoop.security.SecurityUtil;
 
 /**
@@ -86,15 +87,15 @@ public class TimelineAuthenticationFilterInitializer extends FilterInitializer {
 
     String signatureSecretFile = filterConfig.get(SIGNATURE_SECRET_FILE);
     if (signatureSecretFile != null) {
+      Reader reader = null;
       try {
         StringBuilder secret = new StringBuilder();
-        Reader reader = new FileReader(signatureSecretFile);
+        reader = new FileReader(signatureSecretFile);
         int c = reader.read();
         while (c > -1) {
           secret.append((char) c);
           c = reader.read();
         }
-        reader.close();
         filterConfig
             .put(TimelineAuthenticationFilter.SIGNATURE_SECRET,
                 secret.toString());
@@ -102,6 +103,8 @@ public class TimelineAuthenticationFilterInitializer extends FilterInitializer {
         throw new RuntimeException(
             "Could not read HTTP signature secret file: "
                 + signatureSecretFile);
+      } finally {
+        IOUtils.closeStream(reader);
       }
     }