11 years ago · 12cf17555f
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -336,6 +336,9 @@ Trunk (Unreleased)
 
				 
			
 
				     HADOOP-10645. TestKMS fails because race condition writing acl files. (tucu)
			
 
				 
			
 
				+    HADOOP-10611. KMS, keyVersion name should not be assumed to be 
			
 
				+    keyName@versionNumber. (tucu)
			
 
				+
			
 
				   OPTIMIZATIONS
			
 
				 
			
 
				     HADOOP-7761. Improve the performance of raw comparisons. (todd)
			
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java
@@ -517,8 +517,4 @@ public class KMSClientProvider extends KeyProvider {
 
				     // the server should not keep in memory state on behalf of clients either.
			
 
				   }
			
 
				 
			
 
				-  @VisibleForTesting
			
 
				-  public static String buildVersionName(String name, int version) {
			
 
				-    return KeyProvider.buildVersionName(name, version);
			
 
				-  }
			
 
				 }
			
--- a/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSCacheKeyProvider.java
+++ b/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSCacheKeyProvider.java
@@ -135,14 +135,11 @@ public class KMSCacheKeyProvider extends KeyProvider {
 
				 
			
 
				   @Override
			
 
				   public void deleteKey(String name) throws IOException {
			
 
				-    Metadata metadata = provider.getMetadata(name);
			
 
				-    List<String> versions = new ArrayList<String>(metadata.getVersions());
			
 
				-    for (int i = 0; i < metadata.getVersions(); i++) {
			
 
				-      versions.add(KeyProvider.buildVersionName(name, i));
			
 
				-    }
			
 
				     provider.deleteKey(name);
			
 
				     currentKeyCache.invalidate(name);
			
 
				-    keyVersionCache.invalidateAll(versions);
			
 
				+    // invalidating all key versions as we don't know which ones belonged to the
			
 
				+    // deleted key
			
 
				+    keyVersionCache.invalidateAll();
			
 
				   }
			
 
				 
			
 
				   @Override
			
--- a/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java
+++ b/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java
@@ -577,7 +577,9 @@ public class TestKMS {
 
				               Assert.fail(ex.toString());
			
 
				             }
			
 
				             try {
			
 
				-              kp.getKeyVersion(KMSClientProvider.buildVersionName("k", 0));
			
 
				+              // we are using JavaKeyStoreProvider for testing, so we know how
			
 
				+              // the keyversion is created.
			
 
				+              kp.getKeyVersion("k@0");
			
 
				               Assert.fail();
			
 
				             } catch (AuthorizationException ex) {
			
 
				               //NOP