Home Explore Help
Register Sign In
apache
/
hadoop
mirror of https://github.com/apache/hadoop.git
2
0
Fork 1
Files Issues 0 Wiki
Browse Source

HDFS-16644. java.io.IOException Invalid token in javax.security.sasl.qop (#5962)

Zilong Zhu 2 months ago
parent
a849a4e276
commit
9d93d08a38
1 changed files with 5 additions and 2 deletions
Unified View Show Diff Stats
  1. 5 2
      hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocol/datatransfer/sasl/SaslDataTransferServer.java

+ 5 - 2
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocol/datatransfer/sasl/SaslDataTransferServer.java
View File 

@@ -33,6 +33,7 @@ import java.nio.charset.StandardCharsets;
 
 import java.util.ArrayList;
 
 import java.util.ArrayList;
 
 import java.util.List;
 
 import java.util.List;
 
 import java.util.Map;
 
 import java.util.Map;
 
+import java.util.TreeMap;
 
 
 
 import javax.security.auth.callback.Callback;
 
 import javax.security.auth.callback.Callback;
 
 import javax.security.auth.callback.CallbackHandler;
 
 import javax.security.auth.callback.CallbackHandler;
 
@@ -392,14 +393,16 @@ public class SaslDataTransferServer {
 
       SaslMessageWithHandshake message = readSaslMessageWithHandshakeSecret(in);
 
       SaslMessageWithHandshake message = readSaslMessageWithHandshakeSecret(in);
 
       byte[] secret = message.getSecret();
 
       byte[] secret = message.getSecret();
 
       String bpid = message.getBpid();
 
       String bpid = message.getBpid();
 
+      Map<String, String> dynamicSaslProps = new TreeMap<>(saslProps);
 
       if (secret != null || bpid != null) {
 
       if (secret != null || bpid != null) {
 
         // sanity check, if one is null, the other must also not be null
 
         // sanity check, if one is null, the other must also not be null
 
         assert(secret != null && bpid != null);
 
         assert(secret != null && bpid != null);
 
         String qop = new String(secret, StandardCharsets.UTF_8);
 
         String qop = new String(secret, StandardCharsets.UTF_8);
 
         saslProps.put(Sasl.QOP, qop);
 
         saslProps.put(Sasl.QOP, qop);
 
+        dynamicSaslProps.put(Sasl.QOP, qop);
 
       }
 
       }
 
       SaslParticipant sasl = SaslParticipant.createServerSaslParticipant(
 
       SaslParticipant sasl = SaslParticipant.createServerSaslParticipant(
 
-          saslProps, callbackHandler);
 
+          dynamicSaslProps, callbackHandler);
 
 
 
       byte[] remoteResponse = message.getPayload();
 
       byte[] remoteResponse = message.getPayload();
 
       byte[] localResponse = sasl.evaluateChallengeOrResponse(remoteResponse);
 
       byte[] localResponse = sasl.evaluateChallengeOrResponse(remoteResponse);
 
@@ -412,7 +415,7 @@ public class SaslDataTransferServer {
 
       localResponse = sasl.evaluateChallengeOrResponse(remoteResponse);
 
       localResponse = sasl.evaluateChallengeOrResponse(remoteResponse);
 
 
 
       // SASL handshake is complete
 
       // SASL handshake is complete
 
-      checkSaslComplete(sasl, saslProps);
 
+      checkSaslComplete(sasl, dynamicSaslProps);
 
 
 
       CipherOption cipherOption = null;
 
       CipherOption cipherOption = null;
 
       negotiatedQOP = sasl.getNegotiatedQop();
 
       negotiatedQOP = sasl.getNegotiatedQop();