This is an automated email from the ASF dual-hosted git repository.
adoroszlai pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ozone.git
The following commit(s) were added to refs/heads/master by this push:
new 2f708b87af HDDS-9546. Fix possible deadlock during shutdown in
OzoneDelegationTokenSecretManager (#5495)
2f708b87af is described below
commit 2f708b87af2bcee9588c1ca9ecc12c28404ae6c7
Author: Doroszlai, Attila <[email protected]>
AuthorDate: Sat Oct 28 10:24:00 2023 +0200
HDDS-9546. Fix possible deadlock during shutdown in
OzoneDelegationTokenSecretManager (#5495)
---
.../OzoneDelegationTokenSecretManager.java | 28 ++++------------------
1 file changed, 5 insertions(+), 23 deletions(-)
diff --git
a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/security/OzoneDelegationTokenSecretManager.java
b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/security/OzoneDelegationTokenSecretManager.java
index 7586f539e0..a76810e1fe 100644
---
a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/security/OzoneDelegationTokenSecretManager.java
+++
b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/security/OzoneDelegationTokenSecretManager.java
@@ -71,17 +71,16 @@ public class OzoneDelegationTokenSecretManager
private final S3SecretManager s3SecretManager;
private Thread tokenRemoverThread;
private final long tokenRemoverScanInterval;
- private String omCertificateSerialId;
- private String omServiceId;
+ private final String omServiceId;
private final OzoneManager ozoneManager;
/**
* If the delegation token update thread holds this lock, it will not get
* interrupted.
*/
- private Object noInterruptsLock = new Object();
+ private final Object noInterruptsLock = new Object();
- private boolean isRatisEnabled;
+ private final boolean isRatisEnabled;
/**
* Create a secret manager with a builder object.
@@ -187,10 +186,6 @@ public class OzoneDelegationTokenSecretManager
/**
* Returns {@link Token} for given identifier.
*
- * @param owner
- * @param renewer
- * @param realUser
- * @return Token
* @throws IOException to allow future exceptions to be added without
breaking
* compatibility
*/
@@ -221,8 +216,6 @@ public class OzoneDelegationTokenSecretManager
/**
* Add delegation token in to in-memory map of tokens.
- * @param token
- * @param ozoneTokenIdentifier
* @return renewTime - If updated successfully, return renewTime.
*/
public long updateToken(Token<OzoneTokenIdentifier> token,
@@ -236,10 +229,6 @@ public class OzoneDelegationTokenSecretManager
/**
* Stores given identifier in token store.
- *
- * @param identifier
- * @param password
- * @throws IOException
*/
private void addToTokenStore(OzoneTokenIdentifier identifier,
byte[] password, long renewTime)
@@ -393,8 +382,6 @@ public class OzoneDelegationTokenSecretManager
/**
* Remove the expired token from in-memory map.
- * @param ozoneTokenIdentifier
- * @throws IOException
*/
public void removeToken(OzoneTokenIdentifier ozoneTokenIdentifier) {
currentTokens.remove(ozoneTokenIdentifier);
@@ -446,13 +433,10 @@ public class OzoneDelegationTokenSecretManager
/**
* Validates if given hash is valid.
- *
- * @param identifier
- * @param password
*/
public boolean verifySignature(OzoneTokenIdentifier identifier,
byte[] password) {
- X509Certificate signerCert = null;
+ X509Certificate signerCert;
try {
signerCert = getCertClient().getCertificate(
identifier.getOmCertSerialId());
@@ -592,8 +576,6 @@ public class OzoneDelegationTokenSecretManager
/**
* Stops the OzoneDelegationTokenSecretManager.
- *
- * @throws IOException
*/
@Override
public void stop() throws IOException {
@@ -609,7 +591,7 @@ public class OzoneDelegationTokenSecretManager
*/
private void removeExpiredToken() {
long now = Time.now();
- synchronized (this) {
+ synchronized (noInterruptsLock) {
Iterator<Map.Entry<OzoneTokenIdentifier,
TokenInfo>> i = currentTokens.entrySet().iterator();
while (i.hasNext()) {
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
