IMPALA-4509: Initialise Sasl-specific mutex Call sasl_set_mutex() to configure Sasl library with an Impala-supplied mutex implementation. Borrowed from Kudu.
Tested with LDAP-enabled Impalad. Change-Id: Ice6f1a6e8e41f767688317eb87e01e3a5194b7b6 Reviewed-on: http://gerrit.cloudera.org:8080/5142 Reviewed-by: Dan Hecht <[email protected]> Reviewed-by: Matthew Jacobs <[email protected]> Tested-by: Internal Jenkins Project: http://git-wip-us.apache.org/repos/asf/incubator-impala/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-impala/commit/bb36433b Tree: http://git-wip-us.apache.org/repos/asf/incubator-impala/tree/bb36433b Diff: http://git-wip-us.apache.org/repos/asf/incubator-impala/diff/bb36433b Branch: refs/heads/master Commit: bb36433b1e0e6426806f8ca40239561eb960abb2 Parents: 8e60e71 Author: Henry Robinson <[email protected]> Authored: Wed Nov 16 11:47:47 2016 -0800 Committer: Internal Jenkins <[email protected]> Committed: Sat Nov 19 04:30:07 2016 +0000 ---------------------------------------------------------------------- be/src/rpc/authentication.cc | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-impala/blob/bb36433b/be/src/rpc/authentication.cc ---------------------------------------------------------------------- diff --git a/be/src/rpc/authentication.cc b/be/src/rpc/authentication.cc index 81b745c..09ea5e4 100644 --- a/be/src/rpc/authentication.cc +++ b/be/src/rpc/authentication.cc @@ -521,6 +521,32 @@ void SaslAuthProvider::RunKinit(Promise<Status>* first_kinit) { } } +namespace { + +// SASL requires mutexes for thread safety, but doesn't implement +// them itself. So, we have to hook them up to our mutex implementation. +static void* SaslMutexAlloc() { + return static_cast<void*>(new mutex()); +} +static void SaslMutexFree(void* m) { + delete static_cast<mutex*>(m); +} +static int SaslMutexLock(void* m) { + static_cast<mutex*>(m)->lock(); + return 0; // indicates success. +} +static int SaslMutexUnlock(void* m) { + static_cast<mutex*>(m)->unlock(); + return 0; // indicates success. +} + +void SaslSetMutex() { + sasl_set_mutex(&SaslMutexAlloc, &SaslMutexLock, &SaslMutexUnlock, &SaslMutexFree); +} + +} + + Status InitAuth(const string& appname) { // We only set up Sasl things if we are indeed going to be using Sasl. // Checking of these flags for sanity is done later, but this check is good @@ -601,6 +627,7 @@ Status InitAuth(const string& appname) { LDAP_EXT_CALLBACKS[3].id = SASL_CB_LIST_END; } + SaslSetMutex(); try { // We assume all impala processes are both server and client. sasl::TSaslServer::SaslInit(GENERAL_CALLBACKS, appname); @@ -993,7 +1020,6 @@ Status AuthManager::Init() { kerberos_internal_principal = FLAGS_be_principal; } } - // This is written from the perspective of the daemons - thus "internal" // means "I am used for communication with other daemons, both as a client // and as a server". "External" means that "I am used when being a server
