HDFS-11702. Remove indefinite caching of key provider uri in DFSClient. Contributed by Rushabh S Shah.
This commit is contained in:
parent
a9a3d219fe
commit
cef2815cf4
|
@ -232,7 +232,6 @@ public class DFSClient implements java.io.Closeable, RemotePeerFactory,
|
|||
private static ThreadPoolExecutor HEDGED_READ_THREAD_POOL;
|
||||
private static volatile ThreadPoolExecutor STRIPED_READ_THREAD_POOL;
|
||||
private final int smallBufferSize;
|
||||
private URI keyProviderUri = null;
|
||||
|
||||
public DfsClientConf getConf() {
|
||||
return dfsClientConf;
|
||||
|
@ -2901,10 +2900,7 @@ public class DFSClient implements java.io.Closeable, RemotePeerFactory,
|
|||
* @throws IOException
|
||||
*/
|
||||
URI getKeyProviderUri() throws IOException {
|
||||
if (keyProviderUri != null) {
|
||||
return keyProviderUri;
|
||||
}
|
||||
|
||||
URI keyProviderUri = null;
|
||||
// Lookup the secret in credentials object for namenodeuri.
|
||||
Credentials credentials = ugi.getCredentials();
|
||||
byte[] keyProviderUriBytes = credentials.getSecretKey(getKeyProviderMapKey());
|
||||
|
@ -2936,14 +2932,6 @@ public class DFSClient implements java.io.Closeable, RemotePeerFactory,
|
|||
return clientContext.getKeyProviderCache().get(conf, getKeyProviderUri());
|
||||
}
|
||||
|
||||
/*
|
||||
* Should be used only for testing.
|
||||
*/
|
||||
@VisibleForTesting
|
||||
public void setKeyProviderUri(URI providerUri) {
|
||||
this.keyProviderUri = providerUri;
|
||||
}
|
||||
|
||||
@VisibleForTesting
|
||||
public void setKeyProvider(KeyProvider provider) {
|
||||
clientContext.getKeyProviderCache().setKeyProvider(conf, provider);
|
||||
|
|
|
@ -1702,7 +1702,6 @@ public class TestEncryptionZones {
|
|||
credentials.addSecretKey(lookUpKey,
|
||||
DFSUtilClient.string2Bytes(dummyKeyProvider));
|
||||
client.ugi.addCredentials(credentials);
|
||||
client.setKeyProviderUri(null);
|
||||
Assert.assertEquals("Client Key provider is different from provider in "
|
||||
+ "credentials map", dummyKeyProvider,
|
||||
client.getKeyProviderUri().toString());
|
||||
|
@ -1724,7 +1723,6 @@ public class TestEncryptionZones {
|
|||
CommonConfigurationKeysPublic.HADOOP_SECURITY_KEY_PROVIDER_PATH,
|
||||
dummyKeyProviderUri1);
|
||||
DFSClient mockClient = Mockito.spy(cluster.getFileSystem().getClient());
|
||||
mockClient.setKeyProviderUri(null);
|
||||
// Namenode returning null as keyProviderUri in FSServerDefaults.
|
||||
FsServerDefaults serverDefaultsWithKeyProviderNull =
|
||||
getTestServerDefaults(null);
|
||||
|
@ -1736,7 +1734,6 @@ public class TestEncryptionZones {
|
|||
Mockito.verify(mockClient, Mockito.times(1)).getServerDefaults();
|
||||
|
||||
String dummyKeyProviderUri2 = "dummy://foo:bar@test_provider2";
|
||||
mockClient.setKeyProviderUri(null);
|
||||
FsServerDefaults serverDefaultsWithDummyKeyProvider =
|
||||
getTestServerDefaults(dummyKeyProviderUri2);
|
||||
// Namenode returning dummyKeyProvider2 in serverDefaults.
|
||||
|
@ -1765,8 +1762,6 @@ public class TestEncryptionZones {
|
|||
// Unset the provider path in conf
|
||||
clusterConf.unset(
|
||||
CommonConfigurationKeysPublic.HADOOP_SECURITY_KEY_PROVIDER_PATH);
|
||||
// Nullify the cached value for key provider uri on client
|
||||
cluster.getFileSystem().getClient().setKeyProviderUri(null);
|
||||
// Even after unsetting the local conf, the client key provider should be
|
||||
// the same as namenode's provider.
|
||||
Assert.assertEquals("Key Provider for client and namenode are different",
|
||||
|
@ -1777,8 +1772,6 @@ public class TestEncryptionZones {
|
|||
clusterConf.set(
|
||||
CommonConfigurationKeysPublic.HADOOP_SECURITY_KEY_PROVIDER_PATH,
|
||||
"dummy://foo:bar@test_provider1");
|
||||
// Nullify the cached value for key provider uri on client
|
||||
cluster.getFileSystem().getClient().setKeyProviderUri(null);
|
||||
// Even after pointing the conf to some dummy provider, the client key
|
||||
// provider should be the same as namenode's provider.
|
||||
Assert.assertEquals("Key Provider for client and namenode are different",
|
||||
|
@ -1813,8 +1806,6 @@ public class TestEncryptionZones {
|
|||
// Creating a fake serverdefaults so that we can simulate namenode not
|
||||
// being upgraded.
|
||||
DFSClient spyClient = Mockito.spy(cluster.getFileSystem().getClient());
|
||||
// Clear the cache value of keyProviderUri on client side.
|
||||
spyClient.setKeyProviderUri(null);
|
||||
Mockito.doReturn(spyServerDefaults).when(spyClient).getServerDefaults();
|
||||
|
||||
// Since FsServerDefaults#keyProviderUri is null, the client
|
||||
|
|
Loading…
Reference in New Issue