HADOOP-6938. ConnectionId.getRemotePrincipal() should check if security is enabled. Contributed by Kan Zhang.

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@992479 13f79535-47bb-0310-9956-ffa450edef68

CHANGES.txt

@@ -232,6 +232,9 @@ Trunk (unreleased changes)
     HADOOP-6907. Rpc client doesn't use the per-connection conf to figure
     out server's Kerberos principal (Kan Zhang via hairong)
 
+    HADOOP-6938. ConnectionId.getRemotePrincipal() should check if security
+    is enabled. (Kan Zhang via hairong)
+
 Release 0.21.0 - Unreleased
 
   INCOMPATIBLE CHANGES

src/java/org/apache/hadoop/ipc/Client.java

@@ -87,7 +87,7 @@ public class Client {
   private SocketFactory socketFactory;           // how to create sockets
   private int refCount = 1;
   
-  final private static String PING_INTERVAL_NAME = "ipc.ping.interval";
+  final static String PING_INTERVAL_NAME = "ipc.ping.interval";
   final static int DEFAULT_PING_INTERVAL = 60000; // 1 min
   final static int PING_CALL_ID = -1;
   
@@ -1244,18 +1244,19 @@ public class Client {
         Class<?> protocol, UserGroupInformation ticket, int rpcTimeout,
         Configuration conf) throws IOException {
       String remotePrincipal = getRemotePrincipal(conf, addr, protocol);
+      boolean doPing = conf.getBoolean("ipc.client.ping", true);
       return new ConnectionId(addr, protocol, ticket,
           rpcTimeout, remotePrincipal,
           conf.getInt("ipc.client.connection.maxidletime", 10000), // 10s
           conf.getInt("ipc.client.connect.max.retries", 10),
           conf.getBoolean("ipc.client.tcpnodelay", false),
-          conf.getBoolean("ipc.client.ping", true),
-          Client.getPingInterval(conf));
+          doPing, 
+          (doPing ? Client.getPingInterval(conf) : 0));
     }
     
     private static String getRemotePrincipal(Configuration conf,
         InetSocketAddress address, Class<?> protocol) throws IOException {
-      if (protocol == null) {
+      if (!UserGroupInformation.isSecurityEnabled() || protocol == null) {
         return null;
       }
       KerberosInfo krbInfo = protocol.getAnnotation(KerberosInfo.class);

src/test/core/org/apache/hadoop/ipc/TestSaslRPC.java

@@ -254,6 +254,45 @@ public class TestSaslRPC {
     }
   }
   
+  @Test
+  public void testPingInterval() throws Exception {
+    Configuration newConf = new Configuration(conf);
+    newConf.set(SERVER_PRINCIPAL_KEY, SERVER_PRINCIPAL_1);
+    conf.setInt(Client.PING_INTERVAL_NAME, Client.DEFAULT_PING_INTERVAL);
+    // set doPing to true
+    newConf.setBoolean("ipc.client.ping", true);
+    ConnectionId remoteId = ConnectionId.getConnectionId(
+        new InetSocketAddress(0), TestSaslProtocol.class, null, 0, newConf);
+    assertEquals(Client.DEFAULT_PING_INTERVAL, remoteId.getPingInterval());
+    // set doPing to false
+    newConf.setBoolean("ipc.client.ping", false);
+    remoteId = ConnectionId.getConnectionId(
+        new InetSocketAddress(0), TestSaslProtocol.class, null, 0, newConf);
+    assertEquals(0, remoteId.getPingInterval());
+  }
+  
+  @Test
+  public void testGetRemotePrincipal() throws Exception {
+    try {
+      Configuration newConf = new Configuration(conf);
+      newConf.set(SERVER_PRINCIPAL_KEY, SERVER_PRINCIPAL_1);
+      ConnectionId remoteId = ConnectionId.getConnectionId(
+          new InetSocketAddress(0), TestSaslProtocol.class, null, 0, newConf);
+      assertEquals(SERVER_PRINCIPAL_1, remoteId.getServerPrincipal());
+      // this following test needs security to be off
+      newConf.set(HADOOP_SECURITY_AUTHENTICATION, "simple");
+      UserGroupInformation.setConfiguration(newConf);
+      remoteId = ConnectionId.getConnectionId(new InetSocketAddress(0),
+          TestSaslProtocol.class, null, 0, newConf);
+      assertEquals(
+          "serverPrincipal should be null when security is turned off", null,
+          remoteId.getServerPrincipal());
+    } finally {
+      // revert back to security is on
+      UserGroupInformation.setConfiguration(conf);
+    }
+  }
+  
   @Test
   public void testPerConnectionConf() throws Exception {
     TestTokenSecretManager sm = new TestTokenSecretManager();