HDFS-11702. Remove indefinite caching of key provider uri in DFSClient. Contributed by Rushabh S Shah.

2017-05-08 08:27:37 -05:00 · 2017-05-08 08:27:37 -05:00 · cef2815cf4
parent a9a3d219fe
commit cef2815cf4
2 changed files with 1 additions and 22 deletions
--- a/hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/DFSClient.java
+++ b/hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/DFSClient.java
@ -232,7 +232,6 @@ public class DFSClient implements java.io.Closeable, RemotePeerFactory,
  private static ThreadPoolExecutor HEDGED_READ_THREAD_POOL;
  private static volatile ThreadPoolExecutor STRIPED_READ_THREAD_POOL;
  private final int smallBufferSize;
-  private URI keyProviderUri = null;

  public DfsClientConf getConf() {
    return dfsClientConf;
@ -2901,10 +2900,7 @@ public class DFSClient implements java.io.Closeable, RemotePeerFactory,
   * @throws IOException
   */
  URI getKeyProviderUri() throws IOException {
-    if (keyProviderUri != null) {
-      return keyProviderUri;
-    }
-
+    URI keyProviderUri = null;
    // Lookup the secret in credentials object for namenodeuri.
    Credentials credentials = ugi.getCredentials();
    byte[] keyProviderUriBytes = credentials.getSecretKey(getKeyProviderMapKey());
@ -2936,14 +2932,6 @@ public class DFSClient implements java.io.Closeable, RemotePeerFactory,
    return clientContext.getKeyProviderCache().get(conf, getKeyProviderUri());
  }

-  /*
-   * Should be used only for testing.
-   */
-  @VisibleForTesting
-  public void setKeyProviderUri(URI providerUri) {
-    this.keyProviderUri = providerUri;
-  }
-
  @VisibleForTesting
  public void setKeyProvider(KeyProvider provider) {
    clientContext.getKeyProviderCache().setKeyProvider(conf, provider);
--- a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
@ -1702,7 +1702,6 @@ public class TestEncryptionZones {
    credentials.addSecretKey(lookUpKey,
        DFSUtilClient.string2Bytes(dummyKeyProvider));
    client.ugi.addCredentials(credentials);
-    client.setKeyProviderUri(null);
    Assert.assertEquals("Client Key provider is different from provider in "
        + "credentials map", dummyKeyProvider,
        client.getKeyProviderUri().toString());
@ -1724,7 +1723,6 @@ public class TestEncryptionZones {
        CommonConfigurationKeysPublic.HADOOP_SECURITY_KEY_PROVIDER_PATH,
        dummyKeyProviderUri1);
    DFSClient mockClient = Mockito.spy(cluster.getFileSystem().getClient());
-    mockClient.setKeyProviderUri(null);
    // Namenode returning null as keyProviderUri in FSServerDefaults.
    FsServerDefaults serverDefaultsWithKeyProviderNull =
        getTestServerDefaults(null);
@ -1736,7 +1734,6 @@ public class TestEncryptionZones {
    Mockito.verify(mockClient, Mockito.times(1)).getServerDefaults();

    String dummyKeyProviderUri2 = "dummy://foo:bar@test_provider2";
-    mockClient.setKeyProviderUri(null);
    FsServerDefaults serverDefaultsWithDummyKeyProvider =
        getTestServerDefaults(dummyKeyProviderUri2);
    // Namenode returning dummyKeyProvider2 in serverDefaults.
@ -1765,8 +1762,6 @@ public class TestEncryptionZones {
    // Unset the provider path in conf
    clusterConf.unset(
        CommonConfigurationKeysPublic.HADOOP_SECURITY_KEY_PROVIDER_PATH);
-    // Nullify the cached value for key provider uri on client
-    cluster.getFileSystem().getClient().setKeyProviderUri(null);
    // Even after unsetting the local conf, the client key provider should be
    // the same as namenode's provider.
    Assert.assertEquals("Key Provider for client and namenode are different",
@ -1777,8 +1772,6 @@ public class TestEncryptionZones {
    clusterConf.set(
        CommonConfigurationKeysPublic.HADOOP_SECURITY_KEY_PROVIDER_PATH,
        "dummy://foo:bar@test_provider1");
-    // Nullify the cached value for key provider uri on client
-    cluster.getFileSystem().getClient().setKeyProviderUri(null);
    // Even after pointing the conf to some dummy provider, the client key
    // provider should be the same as namenode's provider.
    Assert.assertEquals("Key Provider for client and namenode are different",
@ -1813,8 +1806,6 @@ public class TestEncryptionZones {
    // Creating a fake serverdefaults so that we can simulate namenode not
    // being upgraded.
    DFSClient spyClient = Mockito.spy(cluster.getFileSystem().getClient());
-    // Clear the cache value of keyProviderUri on client side.
-    spyClient.setKeyProviderUri(null);
    Mockito.doReturn(spyServerDefaults).when(spyClient).getServerDefaults();

    // Since FsServerDefaults#keyProviderUri is null, the client