You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hive.apache.org by se...@apache.org on 2016/08/12 21:28:17 UTC

hive git commit: HIVE-14432 : LLAP signing unit test may be timing-dependent (Sergey Shelukhin, reviewed by Prasanth Jayachandran)

Repository: hive
Updated Branches:
  refs/heads/master f291de23b -> bff1b9e9e


HIVE-14432 : LLAP signing unit test may be timing-dependent (Sergey Shelukhin, reviewed by Prasanth Jayachandran)


Project: http://git-wip-us.apache.org/repos/asf/hive/repo
Commit: http://git-wip-us.apache.org/repos/asf/hive/commit/bff1b9e9
Tree: http://git-wip-us.apache.org/repos/asf/hive/tree/bff1b9e9
Diff: http://git-wip-us.apache.org/repos/asf/hive/diff/bff1b9e9

Branch: refs/heads/master
Commit: bff1b9e9e47944c679c3b9b62796bee408ddb652
Parents: f291de2
Author: Sergey Shelukhin <se...@apache.org>
Authored: Fri Aug 12 14:05:43 2016 -0700
Committer: Sergey Shelukhin <se...@apache.org>
Committed: Fri Aug 12 14:28:05 2016 -0700

----------------------------------------------------------------------
 .../hive/llap/security/TestLlapSignerImpl.java  | 39 +++++++++++++-------
 1 file changed, 26 insertions(+), 13 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hive/blob/bff1b9e9/llap-server/src/test/org/apache/hadoop/hive/llap/security/TestLlapSignerImpl.java
----------------------------------------------------------------------
diff --git a/llap-server/src/test/org/apache/hadoop/hive/llap/security/TestLlapSignerImpl.java b/llap-server/src/test/org/apache/hadoop/hive/llap/security/TestLlapSignerImpl.java
index fbce98a..77f658b 100644
--- a/llap-server/src/test/org/apache/hadoop/hive/llap/security/TestLlapSignerImpl.java
+++ b/llap-server/src/test/org/apache/hadoop/hive/llap/security/TestLlapSignerImpl.java
@@ -45,8 +45,8 @@ public class TestLlapSignerImpl {
     byte theByte = 1;
     TestSignable in = new TestSignable(theByte);
     TestSignable in2 = new TestSignable(++theByte);
-    SignedMessage sm2 = signer.serializeAndSign(in2);
     SignedMessage sm = signer.serializeAndSign(in);
+    SignedMessage sm2 = signer.serializeAndSign(in2);
     TestSignable out = TestSignable.deserialize(sm.message);
     TestSignable out2 = TestSignable.deserialize(sm2.message);
     assertEquals(in, out);
@@ -72,12 +72,7 @@ public class TestLlapSignerImpl {
     }
     sm.signature[index] = (byte)(sm.signature[index] - 1);
 
-    // Adding keys is PITA - there's no way to plug into timed rolling; just create a new fsm.
-    DelegationKey dk = fsm.getCurrentKey();
-    fsm.stopThreads();
-    fsm = new FakeSecretManager();
-    fsm.addKey(dk);
-    fsm.startThreads();
+    fsm = rollKey(fsm, out.masterKeyId);
     signer = new LlapSignerImpl(fsm);
     // Sign in2 with a different key.
     sm2 = signer.serializeAndSign(in2);
@@ -95,12 +90,7 @@ public class TestLlapSignerImpl {
     }
 
     // The same for rolling the key; re-create the fsm with only the key #2.
-    dk = fsm.getCurrentKey();
-    fsm.stopThreads();
-
-    fsm = new FakeSecretManager();
-    fsm.addKey(dk);
-    fsm.startThreads();
+    fsm = rollKey(fsm, out2.masterKeyId);
     signer = new LlapSignerImpl(fsm);
     signer.checkSignature(sm2.message, sm2.signature, out2.masterKeyId);
     // The key is missing - shouldn't be able to verify.
@@ -113,6 +103,24 @@ public class TestLlapSignerImpl {
     fsm.stopThreads();
   }
 
+  private FakeSecretManager rollKey(FakeSecretManager fsm, int idToPreserve) throws IOException {
+    // Adding keys is PITA - there's no way to plug into timed rolling; just create a new fsm.
+    DelegationKey dk = fsm.getDelegationKey(idToPreserve), curDk = fsm.getCurrentKey();
+    if (curDk.getKeyId() != idToPreserve) {
+      LOG.warn("The current key is not the one we expect; key rolled in background? Signed with "
+          + idToPreserve + " but got " + curDk.getKeyId());
+    }
+    // Regardless of the above, we should have the key we've signed with.
+    assertNotNull(dk);
+    assertEquals(idToPreserve, dk.getKeyId());
+    fsm.stopThreads();
+    fsm = new FakeSecretManager();
+    fsm.addKey(dk);
+    assertNotNull("Couldn't add key", fsm.getDelegationKey(dk.getKeyId()));
+    fsm.startThreads();
+    return fsm;
+  }
+
   private static class TestSignable implements Signable {
     public int masterKeyId;
     public byte index;
@@ -178,6 +186,11 @@ public class TestLlapSignerImpl {
     }
 
     @Override
+    public DelegationKey getDelegationKey(int keyId) {
+      return super.getDelegationKey(keyId);
+    }
+
+    @Override
     public byte[] signWithKey(byte[] message, DelegationKey key) {
       return createPassword(message, key.getKey());
     }