[jira] [Commented] (HDFS-14509) DN throws InvalidToken due to inequality of password when upgrade NN 2.x to 3.x

[Konstantin Shvachko (Jira)]

    [ 
https://issues.apache.org/jira/browse/HDFS-14509?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16940521#comment-16940521
 ] 

Konstantin Shvachko commented on HDFS-14509:
--------------------------------------------

Hey [~John Smith].
 Agreed we should apply to trunk and backport to 3.2, 3.1, and 2.10. With 2.10 
we are trying to make it a bridge release, it should allow upgrading to 3.x.

Let me clarify about the tests. Suppose that your fix is applied to 3.2 and 
2.10, but not to 2.9.
 # One test should make sure that when we upgrade from 2.10 to 3.2 the 
passwords are verified correctly on DNs running 2.10.
 # Another test should verify that when upgrading from 2.9 (which does not have 
the fix) to 2.10 (which does) the passwords are verified correctly on DNs 
running 2.9.

Hope it makes sense.

> DN throws InvalidToken due to inequality of password when upgrade NN 2.x to 
> 3.x
> -------------------------------------------------------------------------------
>
>                 Key: HDFS-14509
>                 URL: https://issues.apache.org/jira/browse/HDFS-14509
>             Project: Hadoop HDFS
>          Issue Type: Bug
>            Reporter: Yuxuan Wang
>            Priority: Blocker
>              Labels: release-blocker
>         Attachments: HDFS-14509-001.patch
>
>
> According to the doc, if we want to upgrade cluster from 2.x to 3.x, we need 
> upgrade NN first. And there will be a intermediate state that NN is 3.x and 
> DN is 2.x. At that moment, if a client reads (or writes) a block, it will get 
> a block token from NN and then deliver the token to DN who can verify the 
> token. But the verification in the code now is :
> {code:title=BlockTokenSecretManager.java|borderStyle=solid}
> public void checkAccess(...)
> {
>     ...
>     id.readFields(new DataInputStream(new 
> ByteArrayInputStream(token.getIdentifier())));
>     ...
>     if (!Arrays.equals(retrievePassword(id), token.getPassword())) {
>       throw new InvalidToken("Block token with " + id.toString()
>           + " doesn't have the correct token password");
>     }
> }
> {code} 
> And {{retrievePassword(id)}} is:
> {code} 
> public byte[] retrievePassword(BlockTokenIdentifier identifier)
> {
>     ...
>     return createPassword(identifier.getBytes(), key.getKey());
> }
> {code} 
> So, if NN's identifier add new fields, DN will lose the fields and compute 
> wrong password.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org