You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hive.apache.org by mi...@apache.org on 2017/08/15 20:59:49 UTC

hive git commit: HIVE-17169: Avoid extra call to KeyProvider::getMetadata() (Mithun Radhakrishnan, reviewed by Owen O'Malley)

Repository: hive
Updated Branches:
  refs/heads/master d5bdb9bc6 -> 683543011


HIVE-17169: Avoid extra call to KeyProvider::getMetadata() (Mithun Radhakrishnan, reviewed by Owen O'Malley)


Project: http://git-wip-us.apache.org/repos/asf/hive/repo
Commit: http://git-wip-us.apache.org/repos/asf/hive/commit/68354301
Tree: http://git-wip-us.apache.org/repos/asf/hive/tree/68354301
Diff: http://git-wip-us.apache.org/repos/asf/hive/diff/68354301

Branch: refs/heads/master
Commit: 6835430112a5d866878b10ff6fe052a94e1e1bc8
Parents: d5bdb9b
Author: Mithun RK <mi...@apache.org>
Authored: Tue Aug 15 13:52:11 2017 -0700
Committer: Mithun RK <mi...@apache.org>
Committed: Tue Aug 15 13:52:11 2017 -0700

----------------------------------------------------------------------
 .../apache/hadoop/hive/shims/Hadoop23Shims.java | 39 ++++++++++++--------
 1 file changed, 24 insertions(+), 15 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hive/blob/68354301/shims/0.23/src/main/java/org/apache/hadoop/hive/shims/Hadoop23Shims.java
----------------------------------------------------------------------
diff --git a/shims/0.23/src/main/java/org/apache/hadoop/hive/shims/Hadoop23Shims.java b/shims/0.23/src/main/java/org/apache/hadoop/hive/shims/Hadoop23Shims.java
index a2e0abd..ae6f542 100644
--- a/shims/0.23/src/main/java/org/apache/hadoop/hive/shims/Hadoop23Shims.java
+++ b/shims/0.23/src/main/java/org/apache/hadoop/hive/shims/Hadoop23Shims.java
@@ -40,6 +40,7 @@ import javax.security.auth.Subject;
 
 import org.apache.commons.lang.StringUtils;
 import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.crypto.CipherSuite;
 import org.apache.hadoop.crypto.key.KeyProvider;
 import org.apache.hadoop.crypto.key.KeyProvider.Options;
 import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension;
@@ -1241,6 +1242,14 @@ public class Hadoop23Shims extends HadoopShimsSecure {
           ((HdfsEncryptionShim)encryptionShim2).hdfsAdmin.getEncryptionZoneForPath(path2));
     }
 
+    /**
+     * Compares two encryption key strengths.
+     *
+     * @param path1 First  path to compare
+     * @param path2 Second path to compare
+     * @return 1 if path1 is stronger; 0 if paths are equals; -1 if path1 is weaker.
+     * @throws IOException If an error occurred attempting to get key metadata
+     */
     @Override
     public int comparePathKeyStrength(Path path1, Path path2) throws IOException {
       EncryptionZone zone1, zone2;
@@ -1256,7 +1265,7 @@ public class Hadoop23Shims extends HadoopShimsSecure {
         return 1;
       }
 
-      return compareKeyStrength(zone1.getKeyName(), zone2.getKeyName());
+      return compareKeyStrength(zone1, zone2);
     }
 
     @Override
@@ -1308,28 +1317,28 @@ public class Hadoop23Shims extends HadoopShimsSecure {
     /**
      * Compares two encryption key strengths.
      *
-     * @param keyname1 Keyname to compare
-     * @param keyname2 Keyname to compare
-     * @return 1 if path1 is stronger; 0 if paths are equals; -1 if path1 is weaker.
+     * @param zone1 First  EncryptionZone to compare
+     * @param zone2 Second EncryptionZone to compare
+     * @return 1 if zone1 is stronger; 0 if zones are equal; -1 if zone1 is weaker.
      * @throws IOException If an error occurred attempting to get key metadata
      */
-    private int compareKeyStrength(String keyname1, String keyname2) throws IOException {
-      KeyProvider.Metadata meta1, meta2;
+    private int compareKeyStrength(EncryptionZone zone1, EncryptionZone zone2) throws IOException {
 
-      if (keyProvider == null) {
-        throw new IOException("HDFS security key provider is not configured on your server.");
-      }
+      // zone1, zone2 should already have been checked for nulls.
+      assert zone1 != null && zone2 != null : "Neither EncryptionZone under comparison can be null.";
 
-      meta1 = keyProvider.getMetadata(keyname1);
-      meta2 = keyProvider.getMetadata(keyname2);
+      CipherSuite suite1 = zone1.getSuite();
+      CipherSuite suite2 = zone2.getSuite();
 
-      if (meta1.getBitLength() < meta2.getBitLength()) {
-        return -1;
-      } else if (meta1.getBitLength() == meta2.getBitLength()) {
+      if (suite1 == null && suite2 == null) {
         return 0;
-      } else {
+      } else if (suite1 == null) {
+        return -1;
+      } else if (suite2 == null) {
         return 1;
       }
+
+      return Integer.compare(suite1.getAlgorithmBlockSize(), suite2.getAlgorithmBlockSize());
     }
   }