Home Explore Help
Register Sign In
apache
/
hadoop
mirror of https://github.com/apache/hadoop.git
2
0
Fork 1
Files Issues 0 Wiki
Browse Source

HDFS-6490. Fix the keyid format for generated keys in FSNamesystem.createEncryptionZone (clamb)

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/fs-encryption@1611722 13f79535-47bb-0310-9956-ffa450edef68
Charles Lamb 11 years ago
parent
77f0e2cca5
commit
962ef6939e
2 changed files with 21 additions and 7 deletions
Split View Show Diff Stats
  1. 3 0
      hadoop-hdfs-project/hadoop-hdfs/CHANGES-fs-encryption.txt
  2. 18 7
      hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java

+ 3 - 0
hadoop-hdfs-project/hadoop-hdfs/CHANGES-fs-encryption.txt
View File 

@@ -46,6 +46,9 @@ fs-encryption (Unreleased)
 
 
     HDFS-6405. Test Crypto streams in HDFS. (yliu via wang)
 
 
+    HDFS-6490. Fix the keyid format for generated keys in
 
+    FSNamesystem.createEncryptionZone (clamb)
 
+
 
   OPTIMIZATIONS
 
 
   BUG FIXES

+ 18 - 7
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java
View File 

@@ -420,6 +420,8 @@ public class FSNamesystem implements Namesystem, FSClusterStats,
 
   private final CacheManager cacheManager;
 
   private final DatanodeStatistics datanodeStatistics;
 
 
+  private String nameserviceId;
 
+
 
   private RollingUpgradeInfo rollingUpgradeInfo = null;
 
   /**
 
    * A flag that indicates whether the checkpointer should checkpoint a rollback
 
@@ -791,7 +793,7 @@ public class FSNamesystem implements Namesystem, FSClusterStats,
 
 
       // block allocation has to be persisted in HA using a shared edits directory
 
       // so that the standby has up-to-date namespace information
 
-      String nameserviceId = DFSUtil.getNamenodeNameServiceId(conf);
 
+      nameserviceId = DFSUtil.getNamenodeNameServiceId(conf);
 
       this.haEnabled = HAUtil.isHAEnabled(conf, nameserviceId);  
       
       // Sanity check the HA-related config.
 
@@ -8502,22 +8504,31 @@ public class FSNamesystem implements Namesystem, FSClusterStats,
 
   /**
 
    * Create a new key on the KeyProvider for an encryption zone.
 
    *
 
-   * @param keyId id of the key
 
+   * @param keyIdArg id of the key
 
    * @param src path of the encryption zone.
 
    * @return KeyVersion of the created key
 
    * @throws IOException
 
    */
 
-  private KeyVersion createNewKey(String keyId, String src)
 
+  private KeyVersion createNewKey(String keyIdArg, String src)
 
     throws IOException {
 
-    Preconditions.checkNotNull(keyId);
 
+    Preconditions.checkNotNull(keyIdArg);
 
     Preconditions.checkNotNull(src);
 
-    // TODO pass in hdfs://HOST:PORT (HDFS-6490)
 
-    providerOptions.setDescription(src);
 
+    final StringBuilder sb = new StringBuilder("hdfs://");
 
+    if (nameserviceId != null) {
 
+      sb.append(nameserviceId);
 
+    }
 
+    sb.append(src);
 
+    if (!src.endsWith("/")) {
 
+      sb.append('/');
 
+    }
 
+    sb.append(keyIdArg);
 
+    final String keyId = sb.toString();
 
+    providerOptions.setDescription(keyId);
 
     providerOptions.setBitLength(codec.getCipherSuite()
 
         .getAlgorithmBlockSize()*8);
 
     KeyVersion version = null;
 
     try {
 
-      version = provider.createKey(keyId, providerOptions);
 
+      version = provider.createKey(keyIdArg, providerOptions);
 
     } catch (NoSuchAlgorithmException e) {
 
       throw new IOException(e);
 
     }