From 962ef6939e55f9e9643ef8a04ffc5877b8a762fc Mon Sep 17 00:00:00 2001 From: Charles Lamb Date: Fri, 18 Jul 2014 17:13:55 +0000 Subject: [PATCH] HDFS-6490. Fix the keyid format for generated keys in FSNamesystem.createEncryptionZone (clamb) git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/fs-encryption@1611722 13f79535-47bb-0310-9956-ffa450edef68 --- .../hadoop-hdfs/CHANGES-fs-encryption.txt | 3 +++ .../hdfs/server/namenode/FSNamesystem.java | 25 +++++++++++++------ 2 files changed, 21 insertions(+), 7 deletions(-) diff --git a/hadoop-hdfs-project/hadoop-hdfs/CHANGES-fs-encryption.txt b/hadoop-hdfs-project/hadoop-hdfs/CHANGES-fs-encryption.txt index f40841715e5..4803dcbc809 100644 --- a/hadoop-hdfs-project/hadoop-hdfs/CHANGES-fs-encryption.txt +++ b/hadoop-hdfs-project/hadoop-hdfs/CHANGES-fs-encryption.txt @@ -46,6 +46,9 @@ fs-encryption (Unreleased) HDFS-6405. Test Crypto streams in HDFS. (yliu via wang) + HDFS-6490. Fix the keyid format for generated keys in + FSNamesystem.createEncryptionZone (clamb) + OPTIMIZATIONS BUG FIXES diff --git a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java index fa52d3e5452..387c372404c 100644 --- a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java +++ b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java @@ -420,6 +420,8 @@ public class FSNamesystem implements Namesystem, FSClusterStats, private final CacheManager cacheManager; private final DatanodeStatistics datanodeStatistics; + private String nameserviceId; + private RollingUpgradeInfo rollingUpgradeInfo = null; /** * A flag that indicates whether the checkpointer should checkpoint a rollback @@ -791,7 +793,7 @@ public class FSNamesystem implements Namesystem, FSClusterStats, // block allocation has to be persisted in HA using a shared edits directory // so that the standby has up-to-date namespace information - String nameserviceId = DFSUtil.getNamenodeNameServiceId(conf); + nameserviceId = DFSUtil.getNamenodeNameServiceId(conf); this.haEnabled = HAUtil.isHAEnabled(conf, nameserviceId); // Sanity check the HA-related config. @@ -8502,22 +8504,31 @@ public class FSNamesystem implements Namesystem, FSClusterStats, /** * Create a new key on the KeyProvider for an encryption zone. * - * @param keyId id of the key + * @param keyIdArg id of the key * @param src path of the encryption zone. * @return KeyVersion of the created key * @throws IOException */ - private KeyVersion createNewKey(String keyId, String src) + private KeyVersion createNewKey(String keyIdArg, String src) throws IOException { - Preconditions.checkNotNull(keyId); + Preconditions.checkNotNull(keyIdArg); Preconditions.checkNotNull(src); - // TODO pass in hdfs://HOST:PORT (HDFS-6490) - providerOptions.setDescription(src); + final StringBuilder sb = new StringBuilder("hdfs://"); + if (nameserviceId != null) { + sb.append(nameserviceId); + } + sb.append(src); + if (!src.endsWith("/")) { + sb.append('/'); + } + sb.append(keyIdArg); + final String keyId = sb.toString(); + providerOptions.setDescription(keyId); providerOptions.setBitLength(codec.getCipherSuite() .getAlgorithmBlockSize()*8); KeyVersion version = null; try { - version = provider.createKey(keyId, providerOptions); + version = provider.createKey(keyIdArg, providerOptions); } catch (NoSuchAlgorithmException e) { throw new IOException(e); }