svn commit: r1081523 - in /websites/production/hive/content/javadocs/r4.0.0-alpha-2: ./ api/ api/org/ api/org/apache/ api/org/apache/hadoop/ api/org/apache/hadoop/fs/ api/org/apache/hadoop/fs/class-us
Author: dkuzmenko Date: Mon Nov 14 22:29:13 2022 New Revision: 1081523 Log: Hive 4.0.0-alpha-2 release [This commit notification would consist of 6038 parts, which exceeds the limit of 50 ones, so it was shortened to the summary.]
[hive] branch branch-2.3 updated: HIVE-26522: Backport of HIVE-22033 and HIVE-26522 to branch-2.3 (#3586)
This is an automated email from the ASF dual-hosted git repository.
prasanthj pushed a commit to branch branch-2.3
in repository https://gitbox.apache.org/repos/asf/hive.git
The following commit(s) were added to refs/heads/branch-2.3 by this push:
new bba9d66454f HIVE-26522: Backport of HIVE-22033 and HIVE-26522 to
branch-2.3 (#3586)
bba9d66454f is described below
commit bba9d66454fa3a3e9d0b0b58abbccc09aee380cf
Author: Pavan Lanka
AuthorDate: Mon Nov 14 10:51:31 2022 -0800
HIVE-26522: Backport of HIVE-22033 and HIVE-26522 to branch-2.3 (#3586)
* HIVE-26522: Backport HIVE-22033 to branch-2.3
HIVE-22033: HiveServer2: fix delegation token renewal (Ion ALberdi via
Szehon)
* HIVE-26522: Backport HIVE-26522 to branch 2.3
HIVE-26522: Added test for HIVE-22033 regarding delegation token renewal
Co-authored-by: Szehon Ho
---
...TestTokenStoreDelegationTokenSecretManager.java | 109 +
.../TokenStoreDelegationTokenSecretManager.java| 5 +-
2 files changed, 113 insertions(+), 1 deletion(-)
diff --git
a/metastore/src/test/org/apache/hadoop/hive/metastore/TestTokenStoreDelegationTokenSecretManager.java
b/metastore/src/test/org/apache/hadoop/hive/metastore/TestTokenStoreDelegationTokenSecretManager.java
new file mode 100644
index 000..f2d701723e5
--- /dev/null
+++
b/metastore/src/test/org/apache/hadoop/hive/metastore/TestTokenStoreDelegationTokenSecretManager.java
@@ -0,0 +1,109 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.hive.metastore;
+
+import org.apache.hadoop.hive.thrift.DelegationTokenIdentifier;
+import org.apache.hadoop.hive.thrift.DelegationTokenStore;
+import org.apache.hadoop.hive.thrift.HiveDelegationTokenManager;
+import org.apache.hadoop.hive.thrift.MemoryTokenStore;
+import org.apache.hadoop.hive.thrift.TokenStoreDelegationTokenSecretManager;
+import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.hadoop.security.token.SecretManager;
+import org.apache.hadoop.security.token.Token;
+import org.junit.Assert;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.ExpectedException;
+
+import java.io.ByteArrayInputStream;
+import java.io.DataInputStream;
+import java.io.IOException;
+
+/**
+ * Test the renewal of Delegation tokens obtained from the Metastore.
+ */
+public class TestTokenStoreDelegationTokenSecretManager {
+
+ private TokenStoreDelegationTokenSecretManager
createTokenMgr(DelegationTokenStore tokenStore,
+ long renewSecs) {
+return new TokenStoreDelegationTokenSecretManager(
+HiveDelegationTokenManager.DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT,
+HiveDelegationTokenManager.DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT,
+renewSecs * 1000,
+360,
+tokenStore);
+ }
+
+ private DelegationTokenIdentifier getID(String tokenStr) throws IOException {
+DelegationTokenIdentifier id = new DelegationTokenIdentifier();
+Token token = new Token<>();
+token.decodeFromUrlString(tokenStr);
+try (DataInputStream in = new DataInputStream(
+new ByteArrayInputStream(token.getIdentifier( {
+ id.readFields(in);
+}
+return id;
+ }
+
+ @Test public void testRenewal() throws IOException, InterruptedException {
+DelegationTokenStore tokenStore = new MemoryTokenStore();
+// Have a long renewal to ensure that Thread.sleep does not overshoot the
initial validity
+TokenStoreDelegationTokenSecretManager mgr = createTokenMgr(tokenStore,
3600);
+try {
+ mgr.startThreads();
+ String tokenStr =
+
mgr.getDelegationToken(UserGroupInformation.getCurrentUser().getShortUserName());
+ Assert.assertNotNull(mgr.verifyDelegationToken(tokenStr));
+ DelegationTokenIdentifier id = getID(tokenStr);
+ long initialExpiry = tokenStore.getToken(id).getRenewDate();
+ Thread.sleep(100);
+ Assert.assertTrue(System.currentTimeMillis() > id.getIssueDate());
+ // No change in renewal date without renewal
+ Assert.assertEquals(tokenStore.getToken(id).getRenewDate(),
initialExpiry);
+ mgr.renewDelegationToken(tokenStr);
+ // Verify the token is valid
+
[hive] branch branch-3.1 updated: [WIP] HIVE-26522: Backport of HIVE-22033 and HIVE-26522 to branch-3.1 (#3587)
This is an automated email from the ASF dual-hosted git repository.
prasanthj pushed a commit to branch branch-3.1
in repository https://gitbox.apache.org/repos/asf/hive.git
The following commit(s) were added to refs/heads/branch-3.1 by this push:
new 10184f5f647 [WIP] HIVE-26522: Backport of HIVE-22033 and HIVE-26522 to
branch-3.1 (#3587)
10184f5f647 is described below
commit 10184f5f6470df7dec7cf5ccc1fca3328ab93e67
Author: Pavan Lanka
AuthorDate: Mon Nov 14 10:51:20 2022 -0800
[WIP] HIVE-26522: Backport of HIVE-22033 and HIVE-26522 to branch-3.1
(#3587)
* HIVE-26522: Backport HIVE-22033 to branch-3.1
HIVE-22033: HiveServer2: fix delegation token renewal (Ion ALberdi via
Szehon)
* HIVE-26522: Backport HIVE-26522 to branch-3.1
HIVE-26522: Added test for HIVE-22033 regarding delegation token renewal
Co-authored-by: Szehon Ho
---
.../TokenStoreDelegationTokenSecretManager.java| 5 +-
...TestTokenStoreDelegationTokenSecretManager.java | 121 +
2 files changed, 125 insertions(+), 1 deletion(-)
diff --git
a/standalone-metastore/src/main/java/org/apache/hadoop/hive/metastore/security/TokenStoreDelegationTokenSecretManager.java
b/standalone-metastore/src/main/java/org/apache/hadoop/hive/metastore/security/TokenStoreDelegationTokenSecretManager.java
index 7b325449ce1..ee2ace8cbed 100644
---
a/standalone-metastore/src/main/java/org/apache/hadoop/hive/metastore/security/TokenStoreDelegationTokenSecretManager.java
+++
b/standalone-metastore/src/main/java/org/apache/hadoop/hive/metastore/security/TokenStoreDelegationTokenSecretManager.java
@@ -161,7 +161,10 @@ public class TokenStoreDelegationTokenSecretManager
extends DelegationTokenSecre
synchronized (this) {
super.currentTokens.put(id, tokenInfo);
try {
-return super.renewToken(token, renewer);
+long res = super.renewToken(token, renewer);
+this.tokenStore.removeToken(id);
+this.tokenStore.addToken(id, super.currentTokens.get(id));
+return res;
} finally {
super.currentTokens.remove(id);
}
diff --git
a/standalone-metastore/src/test/java/org/apache/hadoop/hive/metastore/security/TestTokenStoreDelegationTokenSecretManager.java
b/standalone-metastore/src/test/java/org/apache/hadoop/hive/metastore/security/TestTokenStoreDelegationTokenSecretManager.java
new file mode 100644
index 000..35e3d36ff8a
--- /dev/null
+++
b/standalone-metastore/src/test/java/org/apache/hadoop/hive/metastore/security/TestTokenStoreDelegationTokenSecretManager.java
@@ -0,0 +1,121 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.hive.metastore.security;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.hive.metastore.annotation.MetastoreUnitTest;
+import org.apache.hadoop.hive.metastore.conf.MetastoreConf;
+import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.hadoop.security.token.SecretManager;
+import org.apache.hadoop.security.token.Token;
+import org.junit.Assert;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.junit.rules.ExpectedException;
+
+import java.io.ByteArrayInputStream;
+import java.io.DataInputStream;
+import java.io.IOException;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * Test the renewal of Delegation tokens obtained from the Metastore.
+ */
+@Category(MetastoreUnitTest.class) public class
TestTokenStoreDelegationTokenSecretManager {
+ private final Configuration conf = MetastoreConf.newMetastoreConf();
+
+ private TokenStoreDelegationTokenSecretManager
createTokenMgr(DelegationTokenStore tokenStore,
+ long renewSecs) {
+MetastoreConf.setTimeVar(conf,
MetastoreConf.ConfVars.DELEGATION_TOKEN_RENEW_INTERVAL,
+renewSecs, TimeUnit.SECONDS);
+long secretKeyInterval =
+MetastoreConf.getTimeVar(conf,
MetastoreConf.ConfVars.DELEGATION_KEY_UPDATE_INTERVAL,
+TimeUnit.MILLISECONDS);
+long tokenMaxLifetime =
+MetastoreConf.getTimeVar(conf,
MetastoreConf.ConfVars.DELEGATION_TOKEN_MAX_LIFETIME,
+TimeUnit.MILLISECONDS);
+long
[hive] branch master updated: HIVE-26522: Added test for HIVE-22033 regarding delegation token renewal (#3585)
This is an automated email from the ASF dual-hosted git repository.
prasanthj pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hive.git
The following commit(s) were added to refs/heads/master by this push:
new 1ef7c958b22 HIVE-26522: Added test for HIVE-22033 regarding delegation
token renewal (#3585)
1ef7c958b22 is described below
commit 1ef7c958b22c9f1d696d1b8a523b4efc52572c49
Author: Pavan Lanka
AuthorDate: Mon Nov 14 10:43:36 2022 -0800
HIVE-26522: Added test for HIVE-22033 regarding delegation token renewal
(#3585)
---
...TestTokenStoreDelegationTokenSecretManager.java | 119 +
1 file changed, 119 insertions(+)
diff --git
a/standalone-metastore/metastore-server/src/test/java/org/apache/hadoop/hive/metastore/security/TestTokenStoreDelegationTokenSecretManager.java
b/standalone-metastore/metastore-server/src/test/java/org/apache/hadoop/hive/metastore/security/TestTokenStoreDelegationTokenSecretManager.java
new file mode 100644
index 000..aaabd69e599
--- /dev/null
+++
b/standalone-metastore/metastore-server/src/test/java/org/apache/hadoop/hive/metastore/security/TestTokenStoreDelegationTokenSecretManager.java
@@ -0,0 +1,119 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.hive.metastore.security;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.hive.metastore.annotation.MetastoreUnitTest;
+import org.apache.hadoop.hive.metastore.conf.MetastoreConf;
+import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.hadoop.security.token.SecretManager;
+import org.apache.hadoop.security.token.Token;
+import org.junit.Assert;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.junit.rules.ExpectedException;
+
+import java.io.ByteArrayInputStream;
+import java.io.DataInputStream;
+import java.io.IOException;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * Test the renewal of Delegation tokens obtained from the Metastore.
+ */
+@Category(MetastoreUnitTest.class) public class
TestTokenStoreDelegationTokenSecretManager {
+ private final Configuration conf = MetastoreConf.newMetastoreConf();
+
+ private TokenStoreDelegationTokenSecretManager
createTokenMgr(DelegationTokenStore tokenStore,
+ long renewSecs) {
+MetastoreConf.setTimeVar(conf,
MetastoreConf.ConfVars.DELEGATION_TOKEN_RENEW_INTERVAL,
+renewSecs, TimeUnit.SECONDS);
+long secretKeyInterval =
+MetastoreConf.getTimeVar(conf,
MetastoreConf.ConfVars.DELEGATION_KEY_UPDATE_INTERVAL,
+TimeUnit.MILLISECONDS);
+long tokenMaxLifetime =
+MetastoreConf.getTimeVar(conf,
MetastoreConf.ConfVars.DELEGATION_TOKEN_MAX_LIFETIME,
+TimeUnit.MILLISECONDS);
+long tokenRenewInterval =
+MetastoreConf.getTimeVar(conf,
MetastoreConf.ConfVars.DELEGATION_TOKEN_RENEW_INTERVAL,
+TimeUnit.MILLISECONDS);
+long tokenGcInterval =
+MetastoreConf.getTimeVar(conf,
MetastoreConf.ConfVars.DELEGATION_TOKEN_GC_INTERVAL,
+TimeUnit.MILLISECONDS);
+return new TokenStoreDelegationTokenSecretManager(secretKeyInterval,
tokenMaxLifetime,
+tokenRenewInterval, tokenGcInterval, tokenStore);
+ }
+
+ private DelegationTokenIdentifier getID(String tokenStr) throws IOException {
+DelegationTokenIdentifier id = new DelegationTokenIdentifier();
+Token token = new Token<>();
+token.decodeFromUrlString(tokenStr);
+try (DataInputStream in = new DataInputStream(
+new ByteArrayInputStream(token.getIdentifier( {
+ id.readFields(in);
+}
+return id;
+ }
+
+ @Test public void testRenewal() throws IOException, InterruptedException {
+DelegationTokenStore tokenStore = new MemoryTokenStore();
+// Have a long renewal to ensure that Thread.sleep does not overshoot the
initial validity
+TokenStoreDelegationTokenSecretManager mgr = createTokenMgr(tokenStore,
3600);
+try {
+ mgr.startThreads();
+ String tokenStr =
+
mgr.getDelegationToken(UserGroupInformation.getCurrentUser().getShortUserName(),
+
svn commit: r58011 - /dev/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-bin.tar.gz /release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-bin.tar.gz
Author: dkuzmenko Date: Mon Nov 14 17:51:08 2022 New Revision: 58011 Log: Hive 4.0.0-alpha-2 release Added: release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-bin.tar.gz - copied unchanged from r58010, dev/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-bin.tar.gz Removed: dev/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-bin.tar.gz
svn commit: r58010 - in /dev/hive/hive-4.0.0-alpha-2: ./ apache-hive-4.0.0-alpha-2-bin.tar.gz
Author: dkuzmenko Date: Mon Nov 14 17:19:25 2022 New Revision: 58010 Log: Hive 4.0.0-alpha-2 release Added: dev/hive/hive-4.0.0-alpha-2/ dev/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-bin.tar.gz (with props) Added: dev/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-bin.tar.gz == Binary file - no diff available. Propchange: dev/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-bin.tar.gz -- svn:mime-type = application/octet-stream
svn commit: r58009 - /release/hive/hive-4.0.0-alpha-2/
Author: dkuzmenko Date: Mon Nov 14 16:29:14 2022 New Revision: 58009 Log: Hive 4.0.0-alpha-2 release Added: release/hive/hive-4.0.0-alpha-2/ release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-bin.tar.gz.asc release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-bin.tar.gz.sha256 release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-src.tar.gz (with props) release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-src.tar.gz.asc release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-src.tar.gz.sha256 Added: release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-bin.tar.gz.asc == --- release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-bin.tar.gz.asc (added) +++ release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-bin.tar.gz.asc Mon Nov 14 16:29:14 2022 @@ -0,0 +1,17 @@ +-BEGIN PGP SIGNATURE- + +iQJJBAABCAAzFiEEUGBt4b29XPhipZWpB8VoLa/HMSUFAmNpSJUVHGRrdXptZW5r +b0BhcGFjaGUub3JnAAoJEAfFaC2vxzEl3W8QAIgMHUfMUA6Je6NOQHiwEKLv7dlj +o7WZeBhI+tcVksCQ/9gH8gDdjWHw4FsOiQ/1IHnryjdU16D0dM1/XDyn9XWCDyQV +4P75ouU4aPF5bkpxugfoDvs8vxMI5nC6AQ6lJ7/eNPcO+KsgGrFXtyoHtdvsT9tK +/E3fax+SNG8Fiunvt6w86gzNZ9D8noywvNnbZhtBo38Nr5nRG716ZfuFK3AbrUfj +M31EkooaWh5C7OO7v2cWEgfUn6dOnfyfGkNkloz9oz5Ip2atU9EKnS18Ao8Ir8xQ +TSPPQaeY6Inn98ZkuWCyAofmKHuFSvEMrrw2rEwpl0MM/Inn1yHUbEPAxFSA2J1t +AGCC7GyA0LD3AziipLxWkxbk3sEAqwhfcTVsHlf0yPM5LUM0ClZXGcHTq7nzPeqc +OhhrxPLG/ZTMhZIikNhIImRw2f43dN+3QHfE1nEIBT26Z+eicxNwdMXFbVJQ49jE +BwSyIXmhgmwKy5BtWbG4ibo0RqXbEN05t61PbKZwlps80x7XXbC83vUqDZU0ZoLM +7lp0sXj13dzcToedlxaSXPT7IO5A3MOW/yBpeKQqwq0ofQI6rUJN3eqr7CLKA73j +leS+IqRtyXhkvnzE3wNDDs9rL+A2i1sANLBq5IyGGp9qbLGRRP3Q+VY43Eyf4xzb +jPOQKceQCdy33/Q9 +=74UD +-END PGP SIGNATURE- Added: release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-bin.tar.gz.sha256 == --- release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-bin.tar.gz.sha256 (added) +++ release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-bin.tar.gz.sha256 Mon Nov 14 16:29:14 2022 @@ -0,0 +1 @@ +f94c773e7ae3328d780138d9259c584e94d8f2e34715776cdfaaa78bcf3f25e1 apache-hive-4.0.0-alpha-2-bin.tar.gz Added: release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-src.tar.gz == Binary file - no diff available. Propchange: release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-src.tar.gz -- svn:mime-type = application/octet-stream Added: release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-src.tar.gz.asc == --- release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-src.tar.gz.asc (added) +++ release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-src.tar.gz.asc Mon Nov 14 16:29:14 2022 @@ -0,0 +1,17 @@ +-BEGIN PGP SIGNATURE- + +iQJJBAABCAAzFiEEUGBt4b29XPhipZWpB8VoLa/HMSUFAmNpSKkVHGRrdXptZW5r +b0BhcGFjaGUub3JnAAoJEAfFaC2vxzEl4FAP/juqtvWVVqYe5xJCHhRLZdeiXWf7 +aKVdxMgEe0Qlvxu+KNb3dvmivqZWHdfjR1PB2nZORxHGBIlVTgmRHAejmeTRtDem +DK5Cbt/bEx1FBcP+Gab4jZyA8lEBP++d1LRZd6x2GCS1TZJvcVcW+RQnH8cwHUJU +xTvQiGPB6osw1nAKtD920U5chnyXkKvSxINQ/IIza5C/hgho3tmhpckJ0MwJE52A +VxgAwTgFKzgqwd8Yy5QvKxTfJG0CdyNd7v3agLGVNoYI4/1smrs5bym7UqKayTUV +GKO1XtQAqpaf8/NWUhkbCjJ1/fn020kJsKHXYr8GDMupLPwADn2qkJe2/Pxtrybv +MMlxgWNpvYpJoWDye9m1Uq2Jwcn76ivCJOtouUhSL3LhxO9qF1ZPtBT58GFs2sm6 +sPP1lkrzXGu0jNGo2egxLgi+ym/AW0FtKJdLJ0zfAF9pqTP2jCyPG6KG4om8NkpV +Yd6fgJ01NFFvVeqkMeA7FOMFE3W6ezMtuqAj2z6oFIu38B73CQqNRiJXQdqBAMw8 +aN2EbIjXExwPxIo2k6lM32x6fVr3zKXpofH037nqSw8AAjpqLQSTUVH7aVj3Mjhh +c1AcOumJF7QZZN7A12ViVViOODghKKUwBq/aSGlsZ5kucPlkPWZve+xkvpmEeVXm +BVQdVtOwxmSDBI+u +=LMkG +-END PGP SIGNATURE- Added: release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-src.tar.gz.sha256 == --- release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-src.tar.gz.sha256 (added) +++ release/hive/hive-4.0.0-alpha-2/apache-hive-4.0.0-alpha-2-src.tar.gz.sha256 Mon Nov 14 16:29:14 2022 @@ -0,0 +1 @@ +02dbc19f007cb87e725713c67f69836b3efb8ffeb1562aac1f9c869e4429cc36 apache-hive-4.0.0-alpha-2-src.tar.gz
[hive] annotated tag release-4.0.0-alpha-2-rc0 deleted (was 84109ed18ad)
This is an automated email from the ASF dual-hosted git repository. dkuzmenko pushed a change to annotated tag release-4.0.0-alpha-2-rc0 in repository https://gitbox.apache.org/repos/asf/hive.git *** WARNING: tag release-4.0.0-alpha-2-rc0 was deleted! *** tag was 84109ed18ad This change permanently discards the following revisions: discard da146200e00 Updating release notes discard 18603d27f58 HIVE-13353: SHOW COMPACTIONS should support filtering options (Kirti Ruge, reviewed by Denys Kuzmenko, Laszlo Vegh) discard 1ce66fbe56b HIVE-26652: HiveSortPullUpConstantsRule produces an invalid plan when pulling up constants for nullable fields (Alessandro Solimando, reviewed by Krisztian Kasa) discard 9e3e506d024 HIVE-26657: [Iceberg] Filter out the metadata.json file when migrating. (#3695) (Laszlo Pinter, reviewed by Adam Szita) discard bf2a4c7d5dd HIVE-26612: INT64 Parquet timestamps cannot be read into BIGINT Hive type (Steve Carlin reviewed by Stamatis Zampetakis) discard 512fdf84713 HIVE-26573: Fix ClassCastException issues for Decimal64 vectorization. (#3630) discard 5ffe0a8a2ca HIVE-26651: MultiDelimitSerDe shouldn't rely on default charset when returning the deserialized string (#3690) (Laszlo Bodor reviewed by Ayush Saxena) discard 01bb7764610 HIVE-26045: Detect timed out connections for providers and auto-reconnect (#3595) discard 156edc2c798 HIVE-26633: Make Thrift MaxMessageSize configurable (John Sherman, reviewed by Aman Sinha, Zhihua Deng)
[hive] annotated tag release-4.0.0-alpha-2-rc1 deleted (was f3f47bd78f7)
This is an automated email from the ASF dual-hosted git repository. dkuzmenko pushed a change to annotated tag release-4.0.0-alpha-2-rc1 in repository https://gitbox.apache.org/repos/asf/hive.git *** WARNING: tag release-4.0.0-alpha-2-rc1 was deleted! *** tag was f3f47bd78f7 This change permanently discards the following revisions: discard 36f5d91acb0 Copyright licences update
[hive] annotated tag rel/release-4.0.0-alpha-2 created (now c1cb81aadc5)
This is an automated email from the ASF dual-hosted git repository. dkuzmenko pushed a change to annotated tag rel/release-4.0.0-alpha-2 in repository https://gitbox.apache.org/repos/asf/hive.git at c1cb81aadc5 (tag) tagging f3f47bd78f70dea9a67d3e61c3f88eebad0495fd (tag) length 194 bytes by Denys Kuzmenko on Mon Nov 14 12:32:21 2022 +0100 - Log - Hive 4.0.0-alpha-2 release -BEGIN PGP SIGNATURE- iQIzBAABCAAdFiEEUGBt4b29XPhipZWpB8VoLa/HMSUFAmNyJ0YACgkQB8VoLa/H MSWfTBAAmrAAgEeP2VxIBUvwy4EEQrWM/3dzfGXDvtSd4R18OBRgXNwnmi/WhY/h KNs7VrwkZJLvrjflPtsqENltbKfkceEjPB6lQm89xeEVnX+RJRuCpkmz0bEkk6yU bRl9+DdGVkYz2CaG7js+n16DqPZLtJ7ES4dZpKRVmXDqVMV263oqQFF+V4Ae4chZ QCWYkBusqKEYTcfNWtCsOjI1KZq7s6EHqP1AXwWmc9VZTee2+qi9AJ8opNRtecqc Qn4yHe7LfKACL3viWmeGiTJsiQZ2IcXc1PzalkxUgkjsmOsvfhY+OfvvkN/2/+mF HWPc8ll7/CsIxZsvLu3q3ES7GV2YmD09978YxonzzD6IZkSSfdmkQFMbgUZP5UL8 xn6KMlHmu5HxO9dl9RPAwP5Cc+lS5tEezL2SLr6mxspl/m331nGULjjrQ8kz6raX xYkYSavtnztCMdoXKG8La+5Uuc1/N8wJHmBFHs7UfJPvW1hZ+Yv5ql4ATgtVo8wb vx5jYDTQIt6pwskJilx2DbjRQmQUzZ/PzHQvFWy1QlTgf9rPtkrLraFItYgsDy3u be6vYrwbZtEWYlcodK6sn5w3dcagpw5t1ntl0cgTjt66EEUnyv54MN/3JuzFlMLS x4Yc1C045JZ9lqPT/Obr4B+BqZhP7rg96CpeHFEfVUgkh70zeh4= =FXwc -END PGP SIGNATURE- --- No new revisions were added by this update.
[hive] branch master updated: HIVE-26666: Filter out compactions by id to minimise expense of db operations (Kirti Ruge, reviewed by Denys Kuzmenko, Laszlo Vegh)
This is an automated email from the ASF dual-hosted git repository. dkuzmenko pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/hive.git The following commit(s) were added to refs/heads/master by this push: new a832e8a3ad8 HIVE-2: Filter out compactions by id to minimise expense of db operations (Kirti Ruge, reviewed by Denys Kuzmenko, Laszlo Vegh) a832e8a3ad8 is described below commit a832e8a3ad88dd367dab8d2e3fcabba5ec51e4cd Author: rkirtir <111496669+rkir...@users.noreply.github.com> AuthorDate: Mon Nov 14 16:31:02 2022 +0530 HIVE-2: Filter out compactions by id to minimise expense of db operations (Kirti Ruge, reviewed by Denys Kuzmenko, Laszlo Vegh) Closes #3712 --- .../storage/compact/AlterTableCompactOperation.java | 20 +--- .../hive/metastore/api/ShowCompactRequest.java | 5 + 2 files changed, 14 insertions(+), 11 deletions(-) diff --git a/ql/src/java/org/apache/hadoop/hive/ql/ddl/table/storage/compact/AlterTableCompactOperation.java b/ql/src/java/org/apache/hadoop/hive/ql/ddl/table/storage/compact/AlterTableCompactOperation.java index 7663e312755..2aa1128d0b6 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/ddl/table/storage/compact/AlterTableCompactOperation.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/ddl/table/storage/compact/AlterTableCompactOperation.java @@ -31,6 +31,7 @@ import java.util.Map; import org.apache.hadoop.hive.metastore.api.CompactionResponse; import org.apache.hadoop.hive.metastore.api.ShowCompactResponse; +import org.apache.hadoop.hive.metastore.api.ShowCompactRequest; import org.apache.hadoop.hive.metastore.api.ShowCompactResponseElement; import org.apache.hadoop.hive.metastore.txn.TxnStore; import org.apache.hadoop.hive.ql.ErrorMsg; @@ -126,16 +127,11 @@ public class AlterTableCompactOperation extends DDLOperation
[hive] branch master updated: HIVE-26723: JDBC - Configurable canonical name checking for Kerberos. (#3749) (Janos Schmidt reviewed by Laszlo Bodor)
This is an automated email from the ASF dual-hosted git repository.
abstractdog pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hive.git
The following commit(s) were added to refs/heads/master by this push:
new f7d4297ecfe HIVE-26723: JDBC - Configurable canonical name checking
for Kerberos. (#3749) (Janos Schmidt reviewed by Laszlo Bodor)
f7d4297ecfe is described below
commit f7d4297ecfe59b9f14146920877fb2c29e0ceaae
Author: schjan79 <15332482+schja...@users.noreply.github.com>
AuthorDate: Mon Nov 14 11:16:44 2022 +0100
HIVE-26723: JDBC - Configurable canonical name checking for Kerberos.
(#3749) (Janos Schmidt reviewed by Laszlo Bodor)
Hive JDBC client validates the host name by its canonical name by default.
This behaviour leads to SSLHandshakeExcpetion when trying to connect by alias
name via Kerberos. To solve this issue a new connection property is introduced
for Kerberos usecase to be able disabling canonical host name check:
'enableCanonicalHostnameCheck' having default value `true`.
When the property is not given in connection string (or its value is true)
then the original behaviour is applied i.e. checking canonical host name.
---
jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java | 14 --
jdbc/src/java/org/apache/hive/jdbc/Utils.java | 1 +
2 files changed, 13 insertions(+), 2 deletions(-)
diff --git a/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java
b/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java
index c91416a02b7..fc7542754eb 100644
--- a/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java
+++ b/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java
@@ -65,6 +65,7 @@ import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
+import java.util.Optional;
import java.util.Properties;
import java.util.concurrent.Executor;
import java.util.concurrent.locks.ReentrantLock;
@@ -306,7 +307,11 @@ public class HiveConnection implements java.sql.Connection
{
sessConfMap = connParams.getSessionVars();
setupLoginTimeout();
if (isKerberosAuthMode()) {
- host = Utils.getCanonicalHostName(connParams.getHost());
+ if (isEnableCanonicalHostnameCheck()) {
+host = Utils.getCanonicalHostName(connParams.getHost());
+ } else {
+host = connParams.getHost();
+ }
} else if (isBrowserAuthMode() && !isHttpTransportMode()) {
throw new SQLException("Browser auth mode is only applicable in http
mode");
} else {
@@ -400,7 +405,7 @@ public class HiveConnection implements java.sql.Connection {
}
// Update with new values
jdbcUriString = connParams.getJdbcUriString();
-if (isKerberosAuthMode()) {
+if (isKerberosAuthMode() && isEnableCanonicalHostnameCheck()) {
host = Utils.getCanonicalHostName(connParams.getHost());
} else {
host = connParams.getHost();
@@ -1324,6 +1329,11 @@ public class HiveConnection implements
java.sql.Connection {
&& sessConfMap.containsKey(JdbcConnectionParams.AUTH_PRINCIPAL);
}
+ private boolean isEnableCanonicalHostnameCheck() {
+return Boolean.parseBoolean(
+
sessConfMap.getOrDefault(JdbcConnectionParams.AUTH_KERBEROS_ENABLE_CANONICAL_HOSTNAME_CHECK,
"true"));
+ }
+
private boolean isBrowserAuthMode() {
return JdbcConnectionParams.AUTH_SSO_BROWSER_MODE
.equals(sessConfMap.get(JdbcConnectionParams.AUTH_TYPE));
diff --git a/jdbc/src/java/org/apache/hive/jdbc/Utils.java
b/jdbc/src/java/org/apache/hive/jdbc/Utils.java
index a855d4e2a5d..765f9bde725 100644
--- a/jdbc/src/java/org/apache/hive/jdbc/Utils.java
+++ b/jdbc/src/java/org/apache/hive/jdbc/Utils.java
@@ -99,6 +99,7 @@ public class Utils {
public static final String AUTH_PASSWD = "password";
public static final String AUTH_KERBEROS_AUTH_TYPE = "kerberosAuthType";
public static final String AUTH_KERBEROS_AUTH_TYPE_FROM_SUBJECT =
"fromSubject";
+public static final String AUTH_KERBEROS_ENABLE_CANONICAL_HOSTNAME_CHECK =
"kerberosEnableCanonicalHostnameCheck";
public static final String AUTH_TYPE_JWT = "jwt";
public static final String AUTH_TYPE_JWT_KEY = "jwt";
public static final String AUTH_JWT_ENV = "JWT";
