Mingliang Liu created HADOOP-13512:
--------------------------------------
Summary: ReloadingX509TrustManager should keep reloading in case
of exception
Key: HADOOP-13512
URL: https://issues.apache.org/jira/browse/HADOOP-13512
Project: Hadoop Common
Issue Type: Bug
Components: security
Affects Versions: 2.8.0
Reporter: Mingliang Liu
Assignee: Mingliang Liu
{{org.apache.hadoop.security.ssl.TestReloadingX509TrustManager}} checks the key
store file's last modified time to decide whether to reload. This is to avoid
unnecessary reload if the key store file is not changed. To do this, it
maintains an internal state {{lastLoaded}} whenever it tries to reload a file.
It also updates the {{lastLoaded}} variable in case of exception so failing
reload will not be retried until the key store file's last modified time
changes again.
Chances are that the reload happens when the key store file is being written.
The reload fails (probably with EOFException) and won't load until key store
files's last modified time changes. After a short period, the key store file is
closed after update. However, the last modified time may not be updated as if
it's in the same precision period (e.g. 1 second). In this case, the updated
key store file is never reloaded.
A simple fix is to update the {{lastLoaded}} only when the reload succeeds.
{{ReloadingX509TrustManager}} will keep reloading in case of exception.
Thoughts?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-dev-h...@hadoop.apache.org
