HDDS-1245. OM delegation expiration time should use Time.now instead … (#587)

Closes #587.
This commit is contained in:
Xiaoyu Yao 2019-03-11 21:15:40 -07:00 committed by Ajay Yadav
parent 2a54feabb2
commit c7307867f0

View File

@ -158,12 +158,12 @@ private void addToTokenStore(OzoneTokenIdentifier identifier, byte[] password)
*/ */
private void updateIdentifierDetails(OzoneTokenIdentifier identifier) { private void updateIdentifierDetails(OzoneTokenIdentifier identifier) {
int sequenceNum; int sequenceNum;
long now = Time.monotonicNow(); long now = Time.now();
sequenceNum = incrementDelegationTokenSeqNum(); sequenceNum = incrementDelegationTokenSeqNum();
identifier.setIssueDate(now); identifier.setIssueDate(now);
identifier.setMasterKeyId(getCurrentKey().getKeyId()); identifier.setMasterKeyId(getCurrentKey().getKeyId());
identifier.setSequenceNumber(sequenceNum); identifier.setSequenceNumber(sequenceNum);
identifier.setMaxDate(Time.monotonicNow() + getTokenMaxLifetime()); identifier.setMaxDate(now + getTokenMaxLifetime());
identifier.setOmCertSerialId(getOmCertificateSerialId()); identifier.setOmCertSerialId(getOmCertificateSerialId());
} }
@ -198,7 +198,7 @@ public synchronized long renewToken(Token<OzoneTokenIdentifier> token,
formatTokenId(id), currentTokens.size()); formatTokenId(id), currentTokens.size());
} }
long now = Time.monotonicNow(); long now = Time.now();
if (id.getMaxDate() < now) { if (id.getMaxDate() < now) {
throw new OMException(renewer + " tried to renew an expired token " throw new OMException(renewer + " tried to renew an expired token "
+ formatTokenId(id) + " max expiration date: " + formatTokenId(id) + " max expiration date: "
@ -293,7 +293,7 @@ public TokenInfo validateToken(OzoneTokenIdentifier identifier)
throw new InvalidToken("token " + formatTokenId(identifier) throw new InvalidToken("token " + formatTokenId(identifier)
+ " can't be found in cache"); + " can't be found in cache");
} }
long now = Time.monotonicNow(); long now = Time.now();
if (info.getRenewDate() < now) { if (info.getRenewDate() < now) {
throw new InvalidToken("token " + formatTokenId(identifier) + " is " + throw new InvalidToken("token " + formatTokenId(identifier) + " is " +
"expired, current time: " + Time.formatTime(now) + "expired, current time: " + Time.formatTime(now) +
@ -329,7 +329,7 @@ public boolean verifySignature(OzoneTokenIdentifier identifier,
// TODO: handle roll private key/certificate // TODO: handle roll private key/certificate
private synchronized void removeExpiredKeys() { private synchronized void removeExpiredKeys() {
long now = Time.monotonicNow(); long now = Time.now();
for (Iterator<Map.Entry<Integer, OzoneSecretKey>> it = allKeys.entrySet() for (Iterator<Map.Entry<Integer, OzoneSecretKey>> it = allKeys.entrySet()
.iterator(); it.hasNext();) { .iterator(); it.hasNext();) {
Map.Entry<Integer, OzoneSecretKey> e = it.next(); Map.Entry<Integer, OzoneSecretKey> e = it.next();
@ -447,7 +447,7 @@ public void stop() throws IOException {
* Remove expired delegation tokens from cache and persisted store. * Remove expired delegation tokens from cache and persisted store.
*/ */
private void removeExpiredToken() { private void removeExpiredToken() {
long now = Time.monotonicNow(); long now = Time.now();
synchronized (this) { synchronized (this) {
Iterator<Map.Entry<OzoneTokenIdentifier, Iterator<Map.Entry<OzoneTokenIdentifier,
TokenInfo>> i = currentTokens.entrySet().iterator(); TokenInfo>> i = currentTokens.entrySet().iterator();
@ -480,7 +480,7 @@ public void run() {
/ (60 * 1000) + " min(s)"); / (60 * 1000) + " min(s)");
try { try {
while (isRunning()) { while (isRunning()) {
long now = Time.monotonicNow(); long now = Time.now();
if (lastTokenCacheCleanup + getTokenRemoverScanInterval() if (lastTokenCacheCleanup + getTokenRemoverScanInterval()
< now) { < now) {
removeExpiredToken(); removeExpiredToken();