Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HDFS-6490. Fix the keyid format for generated keys in FSNamesystem.createEncryptionZone (clamb) 

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/fs-encryption@1611722 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Charles Lamb 2014-07-18 17:13:55 +00:00
parent 77f0e2cca5
commit 962ef6939e
2 changed files with 21 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
hadoop-hdfs-project/hadoop-hdfs/CHANGES-fs-encryption.txt
View File

@ -46,6 +46,9 @@ fs-encryption (Unreleased)
HDFS-6405. Test Crypto streams in HDFS. (yliu via wang) HDFS-6405. Test Crypto streams in HDFS. (yliu via wang)
HDFS-6490. Fix the keyid format for generated keys in
FSNamesystem.createEncryptionZone (clamb)
OPTIMIZATIONS OPTIMIZATIONS
BUG FIXES BUG FIXES

25
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java
View File

@ -420,6 +420,8 @@ public class FSNamesystem implements Namesystem, FSClusterStats,
private final CacheManager cacheManager; private final CacheManager cacheManager;
private final DatanodeStatistics datanodeStatistics; private final DatanodeStatistics datanodeStatistics;
private String nameserviceId;
private RollingUpgradeInfo rollingUpgradeInfo = null; private RollingUpgradeInfo rollingUpgradeInfo = null;
/** /**
* A flag that indicates whether the checkpointer should checkpoint a rollback * A flag that indicates whether the checkpointer should checkpoint a rollback
@ -791,7 +793,7 @@ public class FSNamesystem implements Namesystem, FSClusterStats,
// block allocation has to be persisted in HA using a shared edits directory // block allocation has to be persisted in HA using a shared edits directory
// so that the standby has up-to-date namespace information // so that the standby has up-to-date namespace information
String nameserviceId = DFSUtil.getNamenodeNameServiceId(conf); nameserviceId = DFSUtil.getNamenodeNameServiceId(conf);
this.haEnabled = HAUtil.isHAEnabled(conf, nameserviceId); this.haEnabled = HAUtil.isHAEnabled(conf, nameserviceId);
// Sanity check the HA-related config. // Sanity check the HA-related config.
@ -8502,22 +8504,31 @@ public class FSNamesystem implements Namesystem, FSClusterStats,
/** /**
* Create a new key on the KeyProvider for an encryption zone. * Create a new key on the KeyProvider for an encryption zone.
* *
* @param keyId id of the key * @param keyIdArg id of the key
* @param src path of the encryption zone. * @param src path of the encryption zone.
* @return KeyVersion of the created key * @return KeyVersion of the created key
* @throws IOException * @throws IOException
*/ */
private KeyVersion createNewKey(String keyId, String src) private KeyVersion createNewKey(String keyIdArg, String src)
throws IOException { throws IOException {
Preconditions.checkNotNull(keyId); Preconditions.checkNotNull(keyIdArg);
Preconditions.checkNotNull(src); Preconditions.checkNotNull(src);
// TODO pass in hdfs://HOST:PORT (HDFS-6490) final StringBuilder sb = new StringBuilder("hdfs://");
providerOptions.setDescription(src); if (nameserviceId != null) {
sb.append(nameserviceId);
}
sb.append(src);
if (!src.endsWith("/")) {
sb.append('/');
}
sb.append(keyIdArg);
final String keyId = sb.toString();
providerOptions.setDescription(keyId);
providerOptions.setBitLength(codec.getCipherSuite() providerOptions.setBitLength(codec.getCipherSuite()
.getAlgorithmBlockSize()*8); .getAlgorithmBlockSize()*8);
KeyVersion version = null; KeyVersion version = null;
try { try {
version = provider.createKey(keyId, providerOptions); version = provider.createKey(keyIdArg, providerOptions);
} catch (NoSuchAlgorithmException e) { } catch (NoSuchAlgorithmException e) {
throw new IOException(e); throw new IOException(e);
} }