I'd like to fix it as my company and probably many others are now using it in production. The question is how to fix it safely and correctly. Is email the best way to discuss this? Jira? Something else?
I must say that there appears to be a trivial fix but I need the ZK committers to think about this. In SessionTrackerImpl#initializeNextSession() only some of the server ID bits are used. We could easily just mask the 2 high bits as well. But, what are the implications of this? Where is this serverId byte used? What must be double checked? -Jordan > On Sep 20, 2017, at 2:46 PM, Camille Fournier <cami...@apache.org> wrote: > > Would you rather roll back the feature or put in a fix? > > On Sep 20, 2017 3:44 PM, "Jordan Zimmerman" <jor...@jordanzimmerman.com > <mailto:jor...@jordanzimmerman.com>> wrote: > Hey Folks, > > This is very serious. Please - let's discuss immediately. I'm not certain how > to fix this. > > -JZ > >> On Sep 20, 2017, at 2:17 PM, Jordan Zimmerman <jor...@jordanzimmerman.com >> <mailto:jor...@jordanzimmerman.com>> wrote: >> >> See: https://issues.apache.org/jira/browse/ZOOKEEPER-2901 >> <https://issues.apache.org/jira/browse/ZOOKEEPER-2901> >> >> It appears that the high order byte of a session ID is reserved for the >> ServerID. I don't know how I could have missed this or how this got by code >> review, but Container Nodes and TTL nodes are using the 2 high bits to >> denote container/TTL. I'll work on a fix ASAP. But, can someone validate >> this? >> >> -Jordan >
