[
https://issues.apache.org/jira/browse/HADOOP-13512?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Xiao Chen updated HADOOP-13512:
-------------------------------
Fix Version/s: 3.0.0-alpha2
2.8.0
> ReloadingX509TrustManager should keep reloading in case of exception
> --------------------------------------------------------------------
>
> Key: HADOOP-13512
> URL: https://issues.apache.org/jira/browse/HADOOP-13512
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Reporter: Mingliang Liu
> Assignee: Mingliang Liu
> Priority: Critical
> Fix For: 2.8.0, 2.7.4, 3.0.0-alpha2
>
> Attachments: HADOOP-13512.000.patch
>
>
> {{org.apache.hadoop.security.ssl.TestReloadingX509TrustManager}} checks the
> key store file's last modified time to decide whether to reload. This is to
> avoid unnecessary reload if the key store file is not changed. To do this, it
> maintains an internal state {{lastLoaded}} whenever it tries to reload a
> file. It also updates the {{lastLoaded}} variable in case of exception so
> failing reload will not be retried until the key store file's last modified
> time changes again.
> Chances are that the reload happens when the key store file is being written.
> The reload fails (probably with EOFException) and won't load until key store
> files's last modified time changes. After a short period, the key store file
> is closed after update. However, the last modified time may not be updated as
> if it's in the same precision period (e.g. 1 second). In this case, the
> updated key store file is never reloaded.
> A simple fix is to update the {{lastLoaded}} only when the reload succeeds.
> {{ReloadingX509TrustManager}} will keep reloading in case of exception.
> Thoughts?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org
