HDDS-2228. Fix NPE in OzoneDelegationTokenManager#addPersistedDelegat… (#1571)

This commit is contained in:
Xiaoyu Yao 2019-10-02 23:09:06 -07:00 committed by GitHub
parent 4c24f2434d
commit c5665b23ca
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 37 additions and 6 deletions

View File

@ -84,13 +84,16 @@ public class OzoneDelegationTokenSecretManager
* milliseconds
* @param dtRemoverScanInterval how often the tokens are scanned for expired
* tokens in milliseconds
* @param certClient certificate client to SCM CA
*/
public OzoneDelegationTokenSecretManager(OzoneConfiguration conf,
long tokenMaxLifetime, long tokenRenewInterval,
long dtRemoverScanInterval, Text service,
S3SecretManager s3SecretManager) throws IOException {
S3SecretManager s3SecretManager, CertificateClient certClient)
throws IOException {
super(new SecurityConfig(conf), tokenMaxLifetime, tokenRenewInterval,
service, LOG);
setCertClient(certClient);
currentTokens = new ConcurrentHashMap();
this.tokenRemoverScanInterval = dtRemoverScanInterval;
this.s3SecretManager = (S3SecretManagerImpl) s3SecretManager;

View File

@ -70,6 +70,7 @@ public abstract class OzoneSecretManager<T extends TokenIdentifier>
* @param tokenRenewInterval how often the tokens must be renewed in
* milliseconds
* @param service name of service
* @param logger logger for the secret manager
*/
public OzoneSecretManager(SecurityConfig secureConf, long tokenMaxLifetime,
long tokenRenewInterval, Text service, Logger logger) {
@ -188,7 +189,7 @@ public abstract class OzoneSecretManager<T extends TokenIdentifier>
public synchronized void start(CertificateClient client)
throws IOException {
Preconditions.checkState(!isRunning());
this.certClient = client;
setCertClient(client);
updateCurrentKey(new KeyPair(certClient.getPublicKey(),
certClient.getPrivateKey()));
setIsRunning(true);
@ -247,5 +248,9 @@ public abstract class OzoneSecretManager<T extends TokenIdentifier>
public CertificateClient getCertClient() {
return certClient;
}
public void setCertClient(CertificateClient client) {
this.certClient = client;
}
}

View File

@ -627,7 +627,7 @@ public final class OzoneManager extends ServiceRuntimeInfoImpl
return new OzoneDelegationTokenSecretManager(conf, tokenMaxLifetime,
tokenRenewInterval, tokenRemoverScanInterval, omRpcAddressTxt,
s3SecretManager);
s3SecretManager, certClient);
}
private OzoneBlockTokenSecretManager createBlockTokenSecretManager(

View File

@ -169,8 +169,15 @@ public class TestOzoneDelegationTokenSecretManager {
validateHash(token.getPassword(), token.getIdentifier());
}
@Test
public void testRenewTokenSuccess() throws Exception {
private void restartSecretManager() throws IOException {
secretManager.stop();
secretManager = null;
secretManager = createSecretManager(conf, tokenMaxLifetime,
expiryTime, tokenRemoverScanInterval);
}
private void testRenewTokenSuccessHelper(boolean restartSecretManager)
throws Exception {
secretManager = createSecretManager(conf, tokenMaxLifetime,
expiryTime, tokenRemoverScanInterval);
secretManager.start(certificateClient);
@ -178,10 +185,25 @@ public class TestOzoneDelegationTokenSecretManager {
TEST_USER,
TEST_USER);
Thread.sleep(10 * 5);
if (restartSecretManager) {
restartSecretManager();
}
long renewalTime = secretManager.renewToken(token, TEST_USER.toString());
Assert.assertTrue(renewalTime > 0);
}
@Test
public void testReloadAndRenewToken() throws Exception {
testRenewTokenSuccessHelper(true);
}
@Test
public void testRenewTokenSuccess() throws Exception {
testRenewTokenSuccessHelper(false);
}
/**
* Tests failure for mismatch in renewer.
*/
@ -375,6 +397,7 @@ public class TestOzoneDelegationTokenSecretManager {
createSecretManager(OzoneConfiguration config, long tokenMaxLife,
long expiry, long tokenRemoverScanTime) throws IOException {
return new OzoneDelegationTokenSecretManager(config, tokenMaxLife,
expiry, tokenRemoverScanTime, serviceRpcAdd, s3SecretManager);
expiry, tokenRemoverScanTime, serviceRpcAdd, s3SecretManager,
certificateClient);
}
}