From d261645177bcae8b5501d6944c7ea0ffdc242f9a Mon Sep 17 00:00:00 2001 From: Rushabh Shah Date: Fri, 4 May 2018 15:36:13 -0500 Subject: [PATCH] HADOOP-14841 Kms client should disconnect if unable to get output stream from connection. Contributed by Rushabh S Shah (cherry picked from commit 4cdbdce752e192b45c2b9756c2d4bd24ceffdabd) --- .../hadoop/crypto/key/kms/KMSClientProvider.java | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java index 536de532a27..3b3a33e0d76 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java @@ -522,12 +522,21 @@ public class KMSClientProvider extends KeyProvider implements CryptoExtension, int expectedResponse, Class klass, int authRetryCount) throws IOException { T ret = null; + OutputStream os = null; try { if (jsonOutput != null) { - writeJson(jsonOutput, conn.getOutputStream()); + os = conn.getOutputStream(); + writeJson(jsonOutput, os); } } catch (IOException ex) { - IOUtils.closeStream(conn.getInputStream()); + // The payload is not serialized if getOutputStream fails. + // Calling getInputStream will issue the put/post request with no payload + // which causes HTTP 500 server error. + if (os == null) { + conn.disconnect(); + } else { + IOUtils.closeStream(conn.getInputStream()); + } throw ex; } if ((conn.getResponseCode() == HttpURLConnection.HTTP_FORBIDDEN