HDFS-5124. DelegationTokenSecretManager#retrievePassword can cause deadlock in NameNode. Contributed by Daryn Sharp.
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1516671 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
740f4cb97a
commit
7cfbfe52f1
@ -383,6 +383,9 @@ Release 2.1.1-beta - UNRELEASED
|
|||||||
HDFS-4594. WebHDFS open sets Content-Length header to what is specified by
|
HDFS-4594. WebHDFS open sets Content-Length header to what is specified by
|
||||||
length parameter rather than how much data is actually returned. (cnauroth)
|
length parameter rather than how much data is actually returned. (cnauroth)
|
||||||
|
|
||||||
|
HDFS-5124. DelegationTokenSecretManager#retrievePassword can cause deadlock
|
||||||
|
in NameNode. (Daryn Sharp via jing9)
|
||||||
|
|
||||||
Release 2.1.0-beta - 2013-08-22
|
Release 2.1.0-beta - 2013-08-22
|
||||||
|
|
||||||
INCOMPATIBLE CHANGES
|
INCOMPATIBLE CHANGES
|
||||||
|
@ -82,7 +82,7 @@ public DelegationTokenIdentifier createIdentifier() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public synchronized byte[] retrievePassword(
|
public byte[] retrievePassword(
|
||||||
DelegationTokenIdentifier identifier) throws InvalidToken {
|
DelegationTokenIdentifier identifier) throws InvalidToken {
|
||||||
try {
|
try {
|
||||||
// this check introduces inconsistency in the authentication to a
|
// this check introduces inconsistency in the authentication to a
|
||||||
@ -91,7 +91,7 @@ public synchronized byte[] retrievePassword(
|
|||||||
// different in that a standby may be behind and thus not yet know
|
// different in that a standby may be behind and thus not yet know
|
||||||
// of all tokens issued by the active NN. the following check does
|
// of all tokens issued by the active NN. the following check does
|
||||||
// not allow ANY token auth, however it should allow known tokens in
|
// not allow ANY token auth, however it should allow known tokens in
|
||||||
checkAvailableForRead();
|
namesystem.checkOperation(OperationCategory.READ);
|
||||||
} catch (StandbyException se) {
|
} catch (StandbyException se) {
|
||||||
// FIXME: this is a hack to get around changing method signatures by
|
// FIXME: this is a hack to get around changing method signatures by
|
||||||
// tunneling a non-InvalidToken exception as the cause which the
|
// tunneling a non-InvalidToken exception as the cause which the
|
||||||
@ -103,17 +103,6 @@ public synchronized byte[] retrievePassword(
|
|||||||
return super.retrievePassword(identifier);
|
return super.retrievePassword(identifier);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override //SecretManager
|
|
||||||
public void checkAvailableForRead() throws StandbyException {
|
|
||||||
namesystem.checkOperation(OperationCategory.READ);
|
|
||||||
namesystem.readLock();
|
|
||||||
try {
|
|
||||||
namesystem.checkOperation(OperationCategory.READ);
|
|
||||||
} finally {
|
|
||||||
namesystem.readUnlock();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns expiry time of a token given its identifier.
|
* Returns expiry time of a token given its identifier.
|
||||||
*
|
*
|
||||||
|
Loading…
Reference in New Issue
Block a user