Author: jing9
Date: Fri Aug 23 00:55:53 2013
New Revision: 1516671
URL: http://svn.apache.org/r1516671
Log:
HDFS-5124. DelegationTokenSecretManager#retrievePassword can cause deadlock in
NameNode. Contributed by Daryn Sharp.
Modified:
hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/security/token/delegation/DelegationTokenSecretManager.java
Modified: hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
URL:
http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt?rev=1516671&r1=1516670&r2=1516671&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt (original)
+++ hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt Fri Aug 23
00:55:53 2013
@@ -383,6 +383,9 @@ Release 2.1.1-beta - UNRELEASED
HDFS-4594. WebHDFS open sets Content-Length header to what is specified by
length parameter rather than how much data is actually returned. (cnauroth)
+ HDFS-5124. DelegationTokenSecretManager#retrievePassword can cause
deadlock
+ in NameNode. (Daryn Sharp via jing9)
+
Release 2.1.0-beta - 2013-08-22
INCOMPATIBLE CHANGES
Modified:
hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/security/token/delegation/DelegationTokenSecretManager.java
URL:
http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/security/token/delegation/DelegationTokenSecretManager.java?rev=1516671&r1=1516670&r2=1516671&view=diff
==============================================================================
---
hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/security/token/delegation/DelegationTokenSecretManager.java
(original)
+++
hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/security/token/delegation/DelegationTokenSecretManager.java
Fri Aug 23 00:55:53 2013
@@ -82,7 +82,7 @@ public class DelegationTokenSecretManage
}
@Override
- public synchronized byte[] retrievePassword(
+ public byte[] retrievePassword(
DelegationTokenIdentifier identifier) throws InvalidToken {
try {
// this check introduces inconsistency in the authentication to a
@@ -91,7 +91,7 @@ public class DelegationTokenSecretManage
// different in that a standby may be behind and thus not yet know
// of all tokens issued by the active NN. the following check does
// not allow ANY token auth, however it should allow known tokens in
- checkAvailableForRead();
+ namesystem.checkOperation(OperationCategory.READ);
} catch (StandbyException se) {
// FIXME: this is a hack to get around changing method signatures by
// tunneling a non-InvalidToken exception as the cause which the
@@ -103,17 +103,6 @@ public class DelegationTokenSecretManage
return super.retrievePassword(identifier);
}
- @Override //SecretManager
- public void checkAvailableForRead() throws StandbyException {
- namesystem.checkOperation(OperationCategory.READ);
- namesystem.readLock();
- try {
- namesystem.checkOperation(OperationCategory.READ);
- } finally {
- namesystem.readUnlock();
- }
- }
-
/**
* Returns expiry time of a token given its identifier.
*
