hadoop git commit: HDFS-8451. DFSClient probe for encryption testing interprets empty URI property for enabled. Contributed by Steve Loughran.

Thu, 21 May 2015 12:58:32 -0700 

Repository: hadoop
Updated Branches:
  refs/heads/branch-2.7 b68c338b1 -> c55082567


HDFS-8451. DFSClient probe for encryption testing interprets empty URI property 
for enabled. Contributed by Steve Loughran.

(cherry picked from commit 05e04f34f27149537fdb89f46af26bee14531ca4)

Conflicts:
        
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSUtil.java


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/c5508256
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/c5508256
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/c5508256

Branch: refs/heads/branch-2.7
Commit: c55082567311377d3d010e18d886cef82d2ca141
Parents: b68c338
Author: Xiaoyu Yao <x...@apache.org>
Authored: Thu May 21 11:58:00 2015 -0700
Committer: Xiaoyu Yao <x...@apache.org>
Committed: Thu May 21 12:49:49 2015 -0700

----------------------------------------------------------------------
 hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt     |  3 +++
 .../java/org/apache/hadoop/hdfs/DFSClient.java  |  9 ++++++--
 .../java/org/apache/hadoop/hdfs/DFSUtil.java    | 22 ++++++++++++++++----
 .../apache/hadoop/hdfs/KeyProviderCache.java    |  4 ++--
 .../org/apache/hadoop/hdfs/TestDFSUtil.java     | 18 ++++++++++++++++
 .../apache/hadoop/hdfs/TestEncryptionZones.java |  2 +-
 6 files changed, 49 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/c5508256/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
----------------------------------------------------------------------
diff --git a/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt 
b/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
index 654c1b3..224d14b 100644
--- a/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
+++ b/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
@@ -87,6 +87,9 @@ Release 2.7.1 - UNRELEASED
     HDFS-8404. Pending block replication can get stuck using older genstamp
     (Nathan Roberts via kihwal)
 
+    HDFS-8451. DFSClient probe for encryption testing interprets empty URI
+    property for "enabled". (Steve Loughran via xyao)
+
 Release 2.7.0 - 2015-04-20
 
   INCOMPATIBLE CHANGES

http://git-wip-us.apache.org/repos/asf/hadoop/blob/c5508256/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSClient.java
----------------------------------------------------------------------
diff --git 
a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSClient.java
 
b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSClient.java
index 93d705a..87e34cd 100644
--- 
a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSClient.java
+++ 
b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSClient.java
@@ -3530,10 +3530,15 @@ public class DFSClient implements java.io.Closeable, 
RemotePeerFactory,
     }
   }
 
+  /**
+   * Probe for encryption enabled on this filesystem.
+   * See {@link DFSUtil#isHDFSEncryptionEnabled(Configuration)}
+   * @return true if encryption is enabled
+   */
   public boolean isHDFSEncryptionEnabled() {
-    return conf.get(
-        DFSConfigKeys.DFS_ENCRYPTION_KEY_PROVIDER_URI, null) != null;
+    return DFSUtil.isHDFSEncryptionEnabled(this.conf);
   }
+
   /**
    * Returns the SaslDataTransferClient configured for this DFSClient.
    *

http://git-wip-us.apache.org/repos/asf/hadoop/blob/c5508256/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSUtil.java
----------------------------------------------------------------------
diff --git 
a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSUtil.java
 
b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSUtil.java
index 846231a..eceea64 100644
--- 
a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSUtil.java
+++ 
b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSUtil.java
@@ -183,8 +183,8 @@ public class DFSUtil {
           a.isDecommissioned() ? 1 : -1;
       }
     };
-    
-      
+
+
   /**
    * Comparator for sorting DataNodeInfo[] based on decommissioned/stale 
states.
    * Decommissioned/stale nodes are moved to the end of the array on sorting
@@ -1844,9 +1844,9 @@ public class DFSUtil {
   public static KeyProvider createKeyProvider(
       final Configuration conf) throws IOException {
     final String providerUriStr =
-        conf.get(DFSConfigKeys.DFS_ENCRYPTION_KEY_PROVIDER_URI, null);
+        conf.getTrimmed(DFSConfigKeys.DFS_ENCRYPTION_KEY_PROVIDER_URI, "");
     // No provider set in conf
-    if (providerUriStr == null) {
+    if (providerUriStr.isEmpty()) {
       return null;
     }
     final URI providerUri;
@@ -1887,4 +1887,18 @@ public class DFSUtil {
         .createKeyProviderCryptoExtension(keyProvider);
     return cryptoProvider;
   }
+
+  /**
+   * Probe for HDFS Encryption being enabled; this uses the value of
+   * the option {@link DFSConfigKeys.DFS_ENCRYPTION_KEY_PROVIDER_URI},
+   * returning true if that property contains a non-empty, non-whitespace
+   * string.
+   * @param conf configuration to probe
+   * @return true if encryption is considered enabled.
+   */
+  public static boolean isHDFSEncryptionEnabled(Configuration conf) {
+    return !conf.getTrimmed(
+        DFSConfigKeys.DFS_ENCRYPTION_KEY_PROVIDER_URI, "").isEmpty();
+  }
+
 }

http://git-wip-us.apache.org/repos/asf/hadoop/blob/c5508256/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/KeyProviderCache.java
----------------------------------------------------------------------
diff --git 
a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/KeyProviderCache.java
 
b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/KeyProviderCache.java
index 68ff554..ca4c30c 100644
--- 
a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/KeyProviderCache.java
+++ 
b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/KeyProviderCache.java
@@ -81,9 +81,9 @@ public class KeyProviderCache {
 
   private URI createKeyProviderURI(Configuration conf) {
     final String providerUriStr =
-        conf.get(DFSConfigKeys.DFS_ENCRYPTION_KEY_PROVIDER_URI, null);
+        conf.getTrimmed(DFSConfigKeys.DFS_ENCRYPTION_KEY_PROVIDER_URI, "");
     // No provider set in conf
-    if (providerUriStr == null) {
+    if (providerUriStr.isEmpty()) {
       LOG.error("Could not find uri with key ["
           + DFSConfigKeys.DFS_ENCRYPTION_KEY_PROVIDER_URI
           + "] to create a keyProvider !!");

http://git-wip-us.apache.org/repos/asf/hadoop/blob/c5508256/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestDFSUtil.java
----------------------------------------------------------------------
diff --git 
a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestDFSUtil.java
 
b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestDFSUtil.java
index 046265f..bcb9484 100644
--- 
a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestDFSUtil.java
+++ 
b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestDFSUtil.java
@@ -893,4 +893,22 @@ public class TestDFSUtil {
     } catch (IOException ignored) {
     }
   }
+
+  @Test
+  public void testEncryptionProbe() throws Throwable {
+    Configuration conf = new Configuration(false);
+    conf.unset(DFSConfigKeys.DFS_ENCRYPTION_KEY_PROVIDER_URI);
+    assertFalse("encryption enabled on no provider key",
+        DFSUtil.isHDFSEncryptionEnabled(conf));
+    conf.set(DFSConfigKeys.DFS_ENCRYPTION_KEY_PROVIDER_URI, "");
+    assertFalse("encryption enabled on empty provider key",
+        DFSUtil.isHDFSEncryptionEnabled(conf));
+    conf.set(DFSConfigKeys.DFS_ENCRYPTION_KEY_PROVIDER_URI, "\n\t\n");
+    assertFalse("encryption enabled on whitespace provider key",
+        DFSUtil.isHDFSEncryptionEnabled(conf));
+    conf.set(DFSConfigKeys.DFS_ENCRYPTION_KEY_PROVIDER_URI, 
"http://hadoop.apache.org";);
+    assertTrue("encryption disabled on valid provider key",
+        DFSUtil.isHDFSEncryptionEnabled(conf));
+
+  }
 }

http://git-wip-us.apache.org/repos/asf/hadoop/blob/c5508256/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
----------------------------------------------------------------------
diff --git 
a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
 
b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
index dbb7ea5..b759bd6 100644
--- 
a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
+++ 
b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
@@ -702,7 +702,7 @@ public class TestEncryptionZones {
     // Flushing the KP on the NN, since it caches, and init a test one
     cluster.getNamesystem().getProvider().flush();
     KeyProvider provider = KeyProviderFactory
-        .get(new URI(conf.get(DFSConfigKeys.DFS_ENCRYPTION_KEY_PROVIDER_URI)),
+        .get(new 
URI(conf.getTrimmed(DFSConfigKeys.DFS_ENCRYPTION_KEY_PROVIDER_URI)),
             conf);
     List<String> keys = provider.getKeys();
     assertEquals("Expected NN to have created one key per zone", 1,

Reply via email to