From c7307867f0d28dbb11e2194ff885da8269e4fb42 Mon Sep 17 00:00:00 2001 From: Xiaoyu Yao Date: Mon, 11 Mar 2019 21:15:40 -0700 Subject: [PATCH] =?UTF-8?q?HDDS-1245.=20OM=20delegation=20expiration=20tim?= =?UTF-8?q?e=20should=20use=20Time.now=20instead=20=E2=80=A6=20(#587)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #587. --- .../OzoneDelegationTokenSecretManager.java | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/OzoneDelegationTokenSecretManager.java b/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/OzoneDelegationTokenSecretManager.java index d520aab1d6..efd29d04fa 100644 --- a/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/OzoneDelegationTokenSecretManager.java +++ b/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/OzoneDelegationTokenSecretManager.java @@ -158,12 +158,12 @@ private void addToTokenStore(OzoneTokenIdentifier identifier, byte[] password) */ private void updateIdentifierDetails(OzoneTokenIdentifier identifier) { int sequenceNum; - long now = Time.monotonicNow(); + long now = Time.now(); sequenceNum = incrementDelegationTokenSeqNum(); identifier.setIssueDate(now); identifier.setMasterKeyId(getCurrentKey().getKeyId()); identifier.setSequenceNumber(sequenceNum); - identifier.setMaxDate(Time.monotonicNow() + getTokenMaxLifetime()); + identifier.setMaxDate(now + getTokenMaxLifetime()); identifier.setOmCertSerialId(getOmCertificateSerialId()); } @@ -198,7 +198,7 @@ public synchronized long renewToken(Token token, formatTokenId(id), currentTokens.size()); } - long now = Time.monotonicNow(); + long now = Time.now(); if (id.getMaxDate() < now) { throw new OMException(renewer + " tried to renew an expired token " + formatTokenId(id) + " max expiration date: " @@ -293,7 +293,7 @@ public TokenInfo validateToken(OzoneTokenIdentifier identifier) throw new InvalidToken("token " + formatTokenId(identifier) + " can't be found in cache"); } - long now = Time.monotonicNow(); + long now = Time.now(); if (info.getRenewDate() < now) { throw new InvalidToken("token " + formatTokenId(identifier) + " is " + "expired, current time: " + Time.formatTime(now) + @@ -329,7 +329,7 @@ public boolean verifySignature(OzoneTokenIdentifier identifier, // TODO: handle roll private key/certificate private synchronized void removeExpiredKeys() { - long now = Time.monotonicNow(); + long now = Time.now(); for (Iterator> it = allKeys.entrySet() .iterator(); it.hasNext();) { Map.Entry e = it.next(); @@ -447,7 +447,7 @@ public void stop() throws IOException { * Remove expired delegation tokens from cache and persisted store. */ private void removeExpiredToken() { - long now = Time.monotonicNow(); + long now = Time.now(); synchronized (this) { Iterator> i = currentTokens.entrySet().iterator(); @@ -480,7 +480,7 @@ public void run() { / (60 * 1000) + " min(s)"); try { while (isRunning()) { - long now = Time.monotonicNow(); + long now = Time.now(); if (lastTokenCacheCleanup + getTokenRemoverScanInterval() < now) { removeExpiredToken();