You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by um...@apache.org on 2014/05/22 15:54:57 UTC
svn commit: r1596873 - in
/hadoop/common/branches/fs-encryption/hadoop-common-project: hadoop-common/
hadoop-common/src/main/docs/ hadoop-common/src/main/java/
hadoop-common/src/main/java/org/apache/hadoop/fs/
hadoop-common/src/main/java/org/apache/had...
Author: umamahesh
Date: Thu May 22 13:54:53 2014
New Revision: 1596873
URL: http://svn.apache.org/r1596873
Log:
Merge from trunk to fs-encryption branch
Added:
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/XAttrCodec.java
- copied unchanged from r1596815, hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/XAttrCodec.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/XAttrSetFlag.java
- copied unchanged from r1596815, hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/XAttrSetFlag.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/XAttrCommands.java
- copied unchanged from r1596815, hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/XAttrCommands.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/shell/TestXAttrCommands.java
- copied unchanged from r1596815, hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/shell/TestXAttrCommands.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-nfs/src/test/resources/
- copied from r1596815, hadoop/common/trunk/hadoop-common-project/hadoop-nfs/src/test/resources/
Modified:
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/CHANGES.txt (contents, props changed)
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/docs/ (props changed)
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/ (props changed)
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/AbstractFileSystem.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileContext.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FilterFileSystem.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FilterFs.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/FsCommand.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ChRootedFileSystem.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ViewFileSystem.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/io/compress/bzip2/CBZip2InputStream.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/site/apt/FileSystemShell.apt.vm
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/test/core/ (props changed)
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/TestHarFileSystem.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestUserGroupInformation.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-kms/ (props changed)
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-nfs/src/main/java/org/apache/hadoop/nfs/nfs3/IdUserGroup.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-nfs/src/main/java/org/apache/hadoop/oncrpc/RpcProgram.java
hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-nfs/src/test/java/org/apache/hadoop/oncrpc/TestFrameDecoder.java
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/CHANGES.txt?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/CHANGES.txt (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/CHANGES.txt Thu May 22 13:54:53 2014
@@ -7,6 +7,8 @@ Trunk (Unreleased)
HADOOP-8124. Remove the deprecated FSDataOutputStream constructor,
FSDataOutputStream.sync() and Syncable.sync(). (szetszwo)
+ HADOOP-10474 Move o.a.h.record to hadoop-streaming. (wheat9)
+
NEW FEATURES
HADOOP-10433. Key Management Server based on KeyProvider API. (tucu)
@@ -148,6 +150,8 @@ Trunk (Unreleased)
HADOOP-10563. Remove the dependency of jsp in trunk. (wheat9)
+ HADOOP-10485. Remove dead classes in hadoop-streaming. (wheat9)
+
BUG FIXES
HADOOP-9451. Fault single-layer config if node group topology is enabled.
@@ -336,12 +340,28 @@ Trunk (Unreleased)
HADOOP-8589. ViewFs tests fail when tests and home dirs are nested (sanjay Radia)
+ BREAKDOWN OF HADOOP-10514 SUBTASKS AND RELATED JIRAS
+
+ HADOOP-10520. Extended attributes definition and FileSystem APIs for
+ extended attributes. (Yi Liu via wang)
+
+ HADOOP-10546. Javadoc and other small fixes for extended attributes in
+ hadoop-common. (Charles Lamb via wang)
+
+ HADOOP-10521. FsShell commands for extended attributes. (Yi Liu via wang)
+
+ HADOOP-10548. Improve FsShell xattr error handling and other fixes. (Charles Lamb via umamahesh)
+
+ HADOOP-10567. Shift XAttr value encoding code out for reuse. (Yi Liu via umamahesh)
+
+ HADOOP-10621. Remove CRLF for xattr value base64 encoding for better display.(Yi Liu via umamahesh)
+
+ HADOOP-10575. Small fixes for XAttrCommands and test. (Yi Liu via umamahesh)
+
Release 2.5.0 - UNRELEASED
INCOMPATIBLE CHANGES
- HADOOP-10474 Move o.a.h.record to hadoop-streaming. (wheat9)
-
NEW FEATURES
HADOOP-10498. Add support for proxy server. (daryn)
@@ -359,8 +379,6 @@ Release 2.5.0 - UNRELEASED
HADOOP-10104. Update jackson to 1.9.13 (Akira Ajisaka via stevel)
- HADOOP-10485. Remove dead classes in hadoop-streaming. (wheat9)
-
HADOOP-10503. Move junit up to v 4.11. (cnauroth)
HADOOP-10535. Make the retry numbers in ActiveStandbyElector configurable.
@@ -390,6 +408,11 @@ Release 2.5.0 - UNRELEASED
HADOOP-10572. Example NFS mount command must pass noacl as it isn't
supported by the server yet. (Harsh J via brandonli)
+ HADOOP-10609. .gitignore should ignore .orig and .rej files. (kasha)
+
+ HADOOP-10614. CBZip2InputStream is not threadsafe (Xiangrui Meng via
+ Sandy Ryza)
+
OPTIMIZATIONS
BUG FIXES
@@ -460,9 +483,6 @@ Release 2.5.0 - UNRELEASED
HADOOP-10543. RemoteException's unwrapRemoteException method failed for
PathIOException. (Yongjun Zhang via atm)
- HADOOP-10562. Namenode exits on exception without printing stack trace
- in AbstractDelegationTokenSecretManager. (Arpit Agarwal)
-
HADOOP-10568. Add s3 server-side encryption. (David S. Wang via atm)
HADOOP-10541. InputStream in MiniKdc#initKDCServer for minikdc.ldiff is not
@@ -481,6 +501,9 @@ Release 2.5.0 - UNRELEASED
HADOOP-10401. ShellBasedUnixGroupsMapping#getGroups does not always return
primary group first (Akira AJISAKA via Colin Patrick McCabe)
+ HADOOP-10489. UserGroupInformation#getTokens and UserGroupInformation
+ #addToken can lead to ConcurrentModificationException (Robert Kanter via atm)
+
Release 2.4.1 - UNRELEASED
INCOMPATIBLE CHANGES
@@ -513,6 +536,12 @@ Release 2.4.1 - UNRELEASED
HADOOP-10527. Fix incorrect return code and allow more retries on EINTR.
(kihwal)
+ HADOOP-10612. NFS failed to refresh the user group id mapping table (brandonli)
+
+ HADOOP-10562. Namenode exits on exception without printing stack trace
+ in AbstractDelegationTokenSecretManager. (Suresh Srinivas via Arpit
+ Agarwal)
+
Release 2.4.0 - 2014-04-07
INCOMPATIBLE CHANGES
Propchange: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/CHANGES.txt
------------------------------------------------------------------------------
Merged /hadoop/common/branches/HDFS-2006/hadoop-common-project/hadoop-common/CHANGES.txt:r1588992-1596568
Merged /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt:r1595302-1596815
Propchange: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/docs/
------------------------------------------------------------------------------
Merged /hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/docs:r1595302-1596815
Merged /hadoop/common/branches/HDFS-2006/hadoop-common-project/hadoop-common/src/main/docs:r1588992-1596568
Propchange: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/
------------------------------------------------------------------------------
Merged /hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java:r1595302-1596815
Merged /hadoop/common/branches/HDFS-2006/hadoop-common-project/hadoop-common/src/main/java:r1588992-1596568
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/AbstractFileSystem.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/AbstractFileSystem.java?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/AbstractFileSystem.java (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/AbstractFileSystem.java Thu May 22 13:54:53 2014
@@ -17,7 +17,6 @@
*/
package org.apache.hadoop.fs;
-
import java.io.FileNotFoundException;
import java.io.IOException;
import java.lang.reflect.Constructor;
@@ -1039,6 +1038,163 @@ public abstract class AbstractFileSystem
+ " doesn't support getAclStatus");
}
+ /**
+ * Set an xattr of a file or directory.
+ * The name must be prefixed with user/trusted/security/system and
+ * followed by ".". For example, "user.attr".
+ * <p/>
+ * A regular user can only set an xattr for the "user" namespace.
+ * The super user can set an xattr of either the "user" or "trusted" namespaces.
+ * The xattrs of the "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * The access permissions of an xattr in the "user" namespace are
+ * defined by the file and directory permission bits.
+ * An xattr can only be set when the logged-in user has the correct permissions.
+ * If the xattr exists, it will be replaced.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to modify
+ * @param name xattr name.
+ * @param value xattr value.
+ * @throws IOException
+ */
+ public void setXAttr(Path path, String name, byte[] value)
+ throws IOException {
+ setXAttr(path, name, value, EnumSet.of(XAttrSetFlag.CREATE,
+ XAttrSetFlag.REPLACE));
+ }
+
+ /**
+ * Set an xattr of a file or directory.
+ * The name must be prefixed with user/trusted/security/system and
+ * followed by ".". For example, "user.attr".
+ * <p/>
+ * A regular user can only set an xattr for the "user" namespace.
+ * The super user can set an xattr of either the "user" or "trusted" namespaces.
+ * The xattrs of the "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * The access permissions of an xattr in the "user" namespace are
+ * defined by the file and directory permission bits.
+ * An xattr can only be set when the logged-in user has the correct permissions.
+ * If the xattr exists, it will be replaced.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to modify
+ * @param name xattr name.
+ * @param value xattr value.
+ * @param flag xattr set flag
+ * @throws IOException
+ */
+ public void setXAttr(Path path, String name, byte[] value,
+ EnumSet<XAttrSetFlag> flag) throws IOException {
+ throw new UnsupportedOperationException(getClass().getSimpleName()
+ + " doesn't support setXAttr");
+ }
+
+ /**
+ * Get an xattr for a file or directory.
+ * The name must be prefixed with user/trusted/security/system and
+ * followed by ".". For example, "user.attr".
+ * <p/>
+ * A regular user can only get an xattr for the "user" namespace.
+ * The super user can get an xattr of either the "user" or "trusted" namespaces.
+ * The xattrs of the "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * An xattr will only be returned when the logged-in user has the correct permissions.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to get extended attribute
+ * @param name xattr name.
+ * @return byte[] xattr value.
+ * @throws IOException
+ */
+ public byte[] getXAttr(Path path, String name) throws IOException {
+ throw new UnsupportedOperationException(getClass().getSimpleName()
+ + " doesn't support getXAttr");
+ }
+
+ /**
+ * Get all of the xattrs for a file or directory.
+ * Only those xattrs for which the logged-in user has permissions to view
+ * are returned.
+ * <p/>
+ * A regular user can only get xattrs for the "user" namespace.
+ * The super user can only get xattrs for "user" and "trusted" namespaces.
+ * The xattr of "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to get extended attributes
+ * @return Map<String, byte[]> describing the XAttrs of the file or directory
+ * @throws IOException
+ */
+ public Map<String, byte[]> getXAttrs(Path path) throws IOException {
+ throw new UnsupportedOperationException(getClass().getSimpleName()
+ + " doesn't support getXAttrs");
+ }
+
+ /**
+ * Get all of the xattrs for a file or directory.
+ * Only those xattrs for which the logged-in user has permissions to view
+ * are returned.
+ * <p/>
+ * A regular user can only get xattrs for the "user" namespace.
+ * The super user can only get xattrs for "user" and "trusted" namespaces.
+ * The xattr of "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to get extended attributes
+ * @param names XAttr names.
+ * @return Map<String, byte[]> describing the XAttrs of the file or directory
+ * @throws IOException
+ */
+ public Map<String, byte[]> getXAttrs(Path path, List<String> names)
+ throws IOException {
+ throw new UnsupportedOperationException(getClass().getSimpleName()
+ + " doesn't support getXAttrs");
+ }
+
+ /**
+ * Remove an xattr of a file or directory.
+ * The name must be prefixed with user/trusted/security/system and
+ * followed by ".". For example, "user.attr".
+ * <p/>
+ * A regular user can only remove an xattr for the "user" namespace.
+ * The super user can remove an xattr of either the "user" or "trusted" namespaces.
+ * The xattrs of the "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * The access permissions of an xattr in the "user" namespace are
+ * defined by the file and directory permission bits.
+ * An xattr can only be set when the logged-in user has the correct permissions.
+ * If the xattr exists, it will be replaced.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to remove extended attribute
+ * @param name xattr name
+ * @throws IOException
+ */
+ public void removeXAttr(Path path, String name) throws IOException {
+ throw new UnsupportedOperationException(getClass().getSimpleName()
+ + " doesn't support removeXAttr");
+ }
+
@Override //Object
public int hashCode() {
return myUri.hashCode();
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileContext.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileContext.java?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileContext.java (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileContext.java Thu May 22 13:54:53 2014
@@ -2294,4 +2294,194 @@ public final class FileContext {
}
}.resolve(this, absF);
}
+
+ /**
+ * Set an xattr of a file or directory.
+ * The name must be prefixed with user/trusted/security/system and
+ * followed by ".". For example, "user.attr".
+ * <p/>
+ * A regular user can only set an xattr for the "user" namespace.
+ * The super user can set an xattr of either the "user" or "trusted" namespaces.
+ * The xattrs of the "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * The access permissions of an xattr in the "user" namespace are
+ * defined by the file and directory permission bits.
+ * An xattr can only be set when the logged-in user has the correct permissions.
+ * If the xattr exists, it will be replaced.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to modify
+ * @param name xattr name.
+ * @param value xattr value.
+ * @throws IOException
+ */
+ public void setXAttr(Path path, String name, byte[] value)
+ throws IOException {
+ setXAttr(path, name, value, EnumSet.of(XAttrSetFlag.CREATE,
+ XAttrSetFlag.REPLACE));
+ }
+
+ /**
+ * Set an xattr of a file or directory.
+ * The name must be prefixed with user/trusted/security/system and
+ * followed by ".". For example, "user.attr".
+ * <p/>
+ * A regular user can only set an xattr for the "user" namespace.
+ * The super user can set an xattr of either the "user" or "trusted" namespaces.
+ * The xattrs of the "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * The access permissions of an xattr in the "user" namespace are
+ * defined by the file and directory permission bits.
+ * An xattr can only be set when the logged-in user has the correct permissions.
+ * If the xattr exists, it will be replaced.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to modify
+ * @param name xattr name.
+ * @param value xattr value.
+ * @param flag xattr set flag
+ * @throws IOException
+ */
+ public void setXAttr(Path path, final String name, final byte[] value,
+ final EnumSet<XAttrSetFlag> flag) throws IOException {
+ final Path absF = fixRelativePart(path);
+ new FSLinkResolver<Void>() {
+ @Override
+ public Void next(final AbstractFileSystem fs, final Path p)
+ throws IOException {
+ fs.setXAttr(p, name, value, flag);
+ return null;
+ }
+ }.resolve(this, absF);
+ }
+
+ /**
+ * Get an xattr for a file or directory.
+ * The name must be prefixed with user/trusted/security/system and
+ * followed by ".". For example, "user.attr".
+ * <p/>
+ *
+ * A regular user can only get an xattr for the "user" namespace.
+ * The super user can get an xattr of either the "user" or "trusted" namespaces.
+ * The xattrs of the "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * An xattr will only be returned when the logged-in user has the correct permissions.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to get extended attribute
+ * @param name xattr name.
+ * @return byte[] xattr value.
+ * @throws IOException
+ */
+ public byte[] getXAttr(Path path, final String name) throws IOException {
+ final Path absF = fixRelativePart(path);
+ return new FSLinkResolver<byte[]>() {
+ @Override
+ public byte[] next(final AbstractFileSystem fs, final Path p)
+ throws IOException {
+ return fs.getXAttr(p, name);
+ }
+ }.resolve(this, absF);
+ }
+
+ /**
+ * Get all of the xattrs for a file or directory.
+ * Only those xattrs for which the logged-in user has permissions to view
+ * are returned.
+ * <p/>
+ * A regular user can only get xattrs for the "user" namespace.
+ * The super user can only get xattrs for "user" and "trusted" namespaces.
+ * The xattr of "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to get extended attributes
+ * @return Map<String, byte[]> describing the XAttrs of the file or directory
+ * @throws IOException
+ */
+ public Map<String, byte[]> getXAttrs(Path path) throws IOException {
+ final Path absF = fixRelativePart(path);
+ return new FSLinkResolver<Map<String, byte[]>>() {
+ @Override
+ public Map<String, byte[]> next(final AbstractFileSystem fs, final Path p)
+ throws IOException {
+ return fs.getXAttrs(p);
+ }
+ }.resolve(this, absF);
+ }
+
+ /**
+ * Get all of the xattrs for a file or directory.
+ * Only those xattrs for which the logged-in user has permissions to view
+ * are returned.
+ * <p/>
+ * A regular user can only get xattrs for the "user" namespace.
+ * The super user can only get xattrs for "user" and "trusted" namespaces.
+ * The xattr of "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to get extended attributes
+ * @param names XAttr names.
+ * @return Map<String, byte[]> describing the XAttrs of the file or directory
+ * @throws IOException
+ */
+ public Map<String, byte[]> getXAttrs(Path path, final List<String> names)
+ throws IOException {
+ final Path absF = fixRelativePart(path);
+ return new FSLinkResolver<Map<String, byte[]>>() {
+ @Override
+ public Map<String, byte[]> next(final AbstractFileSystem fs, final Path p)
+ throws IOException {
+ return fs.getXAttrs(p, names);
+ }
+ }.resolve(this, absF);
+ }
+
+ /**
+ * Remove an xattr of a file or directory.
+ * The name must be prefixed with user/trusted/security/system and
+ * followed by ".". For example, "user.attr".
+ * <p/>
+ * A regular user can only remove an xattr for the "user" namespace.
+ * The super user can remove an xattr of either the "user" or "trusted" namespaces.
+ * The xattrs of the "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * The access permissions of an xattr in the "user" namespace are
+ * defined by the file and directory permission bits.
+ * An xattr can only be set when the logged-in user has the correct permissions.
+ * If the xattr exists, it will be replaced.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to remove extended attribute
+ * @param name xattr name
+ * @throws IOException
+ */
+ public void removeXAttr(Path path, final String name) throws IOException {
+ final Path absF = fixRelativePart(path);
+ new FSLinkResolver<Void>() {
+ @Override
+ public Void next(final AbstractFileSystem fs, final Path p)
+ throws IOException {
+ fs.removeXAttr(p, name);
+ return null;
+ }
+ }.resolve(this, absF);
+ }
}
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java Thu May 22 13:54:53 2014
@@ -2350,6 +2350,164 @@ public abstract class FileSystem extends
+ " doesn't support getAclStatus");
}
+ /**
+ * Set an xattr of a file or directory.
+ * The name must be prefixed with user/trusted/security/system and
+ * followed by ".". For example, "user.attr".
+ * <p/>
+ * A regular user can only set an xattr for the "user" namespace.
+ * The super user can set an xattr of either the "user" or "trusted" namespaces.
+ * The xattrs of the "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * The access permissions of an xattr in the "user" namespace are
+ * defined by the file and directory permission bits.
+ * An xattr can only be set when the logged-in user has the correct permissions.
+ * If the xattr exists, it will be replaced.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to modify
+ * @param name xattr name.
+ * @param value xattr value.
+ * @throws IOException
+ */
+ public void setXAttr(Path path, String name, byte[] value)
+ throws IOException {
+ setXAttr(path, name, value, EnumSet.of(XAttrSetFlag.CREATE,
+ XAttrSetFlag.REPLACE));
+ }
+
+ /**
+ * Set an xattr of a file or directory.
+ * The name must be prefixed with user/trusted/security/system and
+ * followed by ".". For example, "user.attr".
+ * <p/>
+ * A regular user can only set an xattr for the "user" namespace.
+ * The super user can set an xattr of either the "user" or "trusted" namespaces.
+ * The xattrs of the "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * The access permissions of an xattr in the "user" namespace are
+ * defined by the file and directory permission bits.
+ * An xattr can only be set when the logged-in user has the correct permissions.
+ * If the xattr exists, it will be replaced.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to modify
+ * @param name xattr name.
+ * @param value xattr value.
+ * @param flag xattr set flag
+ * @throws IOException
+ */
+ public void setXAttr(Path path, String name, byte[] value,
+ EnumSet<XAttrSetFlag> flag) throws IOException {
+ throw new UnsupportedOperationException(getClass().getSimpleName()
+ + " doesn't support setXAttr");
+ }
+
+ /**
+ * Get an xattr for a file or directory.
+ * The name must be prefixed with user/trusted/security/system and
+ * followed by ".". For example, "user.attr".
+ * <p/>
+ *
+ * A regular user can only get an xattr for the "user" namespace.
+ * The super user can get an xattr of either the "user" or "trusted" namespaces.
+ * The xattrs of the "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * An xattr will only be returned when the logged-in user has the correct permissions.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to get extended attribute
+ * @param name xattr name.
+ * @return byte[] xattr value.
+ * @throws IOException
+ */
+ public byte[] getXAttr(Path path, String name) throws IOException {
+ throw new UnsupportedOperationException(getClass().getSimpleName()
+ + " doesn't support getXAttr");
+ }
+
+ /**
+ * Get all of the xattrs for a file or directory.
+ * Only those xattrs for which the logged-in user has permissions to view
+ * are returned.
+ * <p/>
+ * A regular user can only get xattrs for the "user" namespace.
+ * The super user can only get xattrs for "user" and "trusted" namespaces.
+ * The xattr of "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to get extended attributes
+ * @return Map<String, byte[]> describing the XAttrs of the file or directory
+ * @throws IOException
+ */
+ public Map<String, byte[]> getXAttrs(Path path) throws IOException {
+ throw new UnsupportedOperationException(getClass().getSimpleName()
+ + " doesn't support getXAttrs");
+ }
+
+ /**
+ * Get all of the xattrs for a file or directory.
+ * Only those xattrs for which the logged-in user has permissions to view
+ * are returned.
+ * <p/>
+ * A regular user can only get xattrs for the "user" namespace.
+ * The super user can only get xattrs for "user" and "trusted" namespaces.
+ * The xattr of "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to get extended attributes
+ * @param names XAttr names.
+ * @return Map<String, byte[]> describing the XAttrs of the file or directory
+ * @throws IOException
+ */
+ public Map<String, byte[]> getXAttrs(Path path, List<String> names)
+ throws IOException {
+ throw new UnsupportedOperationException(getClass().getSimpleName()
+ + " doesn't support getXAttrs");
+ }
+
+ /**
+ * Remove an xattr of a file or directory.
+ * The name must be prefixed with user/trusted/security/system and
+ * followed by ".". For example, "user.attr".
+ * <p/>
+ * A regular user can only remove an xattr for the "user" namespace.
+ * The super user can remove an xattr of either the "user" or "trusted" namespaces.
+ * The xattrs of the "security" and "system" namespaces are only used/exposed
+ * internally by/to the FS impl.
+ * <p/>
+ * The access permissions of an xattr in the "user" namespace are
+ * defined by the file and directory permission bits.
+ * An xattr can only be set when the logged-in user has the correct permissions.
+ * If the xattr exists, it will be replaced.
+ * <p/>
+ * @see <a href="http://en.wikipedia.org/wiki/Extended_file_attributes">
+ * http://en.wikipedia.org/wiki/Extended_file_attributes</a>
+ *
+ * @param path Path to remove extended attribute
+ * @param name xattr name
+ * @throws IOException
+ */
+ public void removeXAttr(Path path, String name) throws IOException {
+ throw new UnsupportedOperationException(getClass().getSimpleName()
+ + " doesn't support removeXAttr");
+ }
+
// making it volatile to be able to do a double checked locking
private volatile static boolean FILE_SYSTEMS_LOADED = false;
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FilterFileSystem.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FilterFileSystem.java?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FilterFileSystem.java (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FilterFileSystem.java Thu May 22 13:54:53 2014
@@ -23,6 +23,7 @@ import java.net.URI;
import java.net.URISyntaxException;
import java.util.EnumSet;
import java.util.List;
+import java.util.Map;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
@@ -538,4 +539,37 @@ public class FilterFileSystem extends Fi
public AclStatus getAclStatus(Path path) throws IOException {
return fs.getAclStatus(path);
}
+
+ @Override
+ public void setXAttr(Path path, String name, byte[] value)
+ throws IOException {
+ fs.setXAttr(path, name, value);
+ }
+
+ @Override
+ public void setXAttr(Path path, String name, byte[] value,
+ EnumSet<XAttrSetFlag> flag) throws IOException {
+ fs.setXAttr(path, name, value, flag);
+ }
+
+ @Override
+ public byte[] getXAttr(Path path, String name) throws IOException {
+ return fs.getXAttr(path, name);
+ }
+
+ @Override
+ public Map<String, byte[]> getXAttrs(Path path) throws IOException {
+ return fs.getXAttrs(path);
+ }
+
+ @Override
+ public Map<String, byte[]> getXAttrs(Path path, List<String> names)
+ throws IOException {
+ return fs.getXAttrs(path, names);
+ }
+
+ @Override
+ public void removeXAttr(Path path, String name) throws IOException {
+ fs.removeXAttr(path, name);
+ }
}
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FilterFs.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FilterFs.java?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FilterFs.java (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FilterFs.java Thu May 22 13:54:53 2014
@@ -22,6 +22,7 @@ import java.net.URI;
import java.net.URISyntaxException;
import java.util.EnumSet;
import java.util.List;
+import java.util.Map;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
@@ -316,4 +317,37 @@ public abstract class FilterFs extends A
public AclStatus getAclStatus(Path path) throws IOException {
return myFs.getAclStatus(path);
}
+
+ @Override
+ public void setXAttr(Path path, String name, byte[] value)
+ throws IOException {
+ myFs.setXAttr(path, name, value);
+ }
+
+ @Override
+ public void setXAttr(Path path, String name, byte[] value,
+ EnumSet<XAttrSetFlag> flag) throws IOException {
+ myFs.setXAttr(path, name, value, flag);
+ }
+
+ @Override
+ public byte[] getXAttr(Path path, String name) throws IOException {
+ return myFs.getXAttr(path, name);
+ }
+
+ @Override
+ public Map<String, byte[]> getXAttrs(Path path) throws IOException {
+ return myFs.getXAttrs(path);
+ }
+
+ @Override
+ public Map<String, byte[]> getXAttrs(Path path, List<String> names)
+ throws IOException {
+ return myFs.getXAttrs(path, names);
+ }
+
+ @Override
+ public void removeXAttr(Path path, String name) throws IOException {
+ myFs.removeXAttr(path, name);
+ }
}
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/FsCommand.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/FsCommand.java?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/FsCommand.java (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/FsCommand.java Thu May 22 13:54:53 2014
@@ -59,6 +59,7 @@ abstract public class FsCommand extends
factory.registerCommands(Test.class);
factory.registerCommands(Touch.class);
factory.registerCommands(SnapshotCommands.class);
+ factory.registerCommands(XAttrCommands.class);
}
protected FsCommand() {}
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ChRootedFileSystem.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ChRootedFileSystem.java?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ChRootedFileSystem.java (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ChRootedFileSystem.java Thu May 22 13:54:53 2014
@@ -21,6 +21,7 @@ import java.io.IOException;
import java.net.URI;
import java.util.EnumSet;
import java.util.List;
+import java.util.Map;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
@@ -37,6 +38,7 @@ import org.apache.hadoop.fs.FilterFileSy
import org.apache.hadoop.fs.FsServerDefaults;
import org.apache.hadoop.fs.FsStatus;
import org.apache.hadoop.fs.Path;
+import org.apache.hadoop.fs.XAttrSetFlag;
import org.apache.hadoop.fs.permission.AclEntry;
import org.apache.hadoop.fs.permission.AclStatus;
import org.apache.hadoop.fs.permission.FsPermission;
@@ -314,6 +316,33 @@ class ChRootedFileSystem extends FilterF
}
@Override
+ public void setXAttr(Path path, String name, byte[] value,
+ EnumSet<XAttrSetFlag> flag) throws IOException {
+ super.setXAttr(fullPath(path), name, value, flag);
+ }
+
+ @Override
+ public byte[] getXAttr(Path path, String name) throws IOException {
+ return super.getXAttr(fullPath(path), name);
+ }
+
+ @Override
+ public Map<String, byte[]> getXAttrs(Path path) throws IOException {
+ return super.getXAttrs(fullPath(path));
+ }
+
+ @Override
+ public Map<String, byte[]> getXAttrs(Path path, List<String> names)
+ throws IOException {
+ return super.getXAttrs(fullPath(path), names);
+ }
+
+ @Override
+ public void removeXAttr(Path path, String name) throws IOException {
+ super.removeXAttr(fullPath(path), name);
+ }
+
+ @Override
public Path resolvePath(final Path p) throws IOException {
return super.resolvePath(fullPath(p));
}
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ViewFileSystem.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ViewFileSystem.java?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ViewFileSystem.java (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ViewFileSystem.java Thu May 22 13:54:53 2014
@@ -27,6 +27,7 @@ import java.util.Arrays;
import java.util.EnumSet;
import java.util.HashSet;
import java.util.List;
+import java.util.Map;
import java.util.Set;
import java.util.Map.Entry;
@@ -46,6 +47,7 @@ import org.apache.hadoop.fs.FsConstants;
import org.apache.hadoop.fs.FsServerDefaults;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.fs.UnsupportedFileSystemException;
+import org.apache.hadoop.fs.XAttrSetFlag;
import org.apache.hadoop.fs.permission.AclEntry;
import org.apache.hadoop.fs.permission.AclStatus;
import org.apache.hadoop.fs.permission.FsPermission;
@@ -520,6 +522,43 @@ public class ViewFileSystem extends File
}
@Override
+ public void setXAttr(Path path, String name, byte[] value,
+ EnumSet<XAttrSetFlag> flag) throws IOException {
+ InodeTree.ResolveResult<FileSystem> res =
+ fsState.resolve(getUriPath(path), true);
+ res.targetFileSystem.setXAttr(res.remainingPath, name, value, flag);
+ }
+
+ @Override
+ public byte[] getXAttr(Path path, String name) throws IOException {
+ InodeTree.ResolveResult<FileSystem> res =
+ fsState.resolve(getUriPath(path), true);
+ return res.targetFileSystem.getXAttr(res.remainingPath, name);
+ }
+
+ @Override
+ public Map<String, byte[]> getXAttrs(Path path) throws IOException {
+ InodeTree.ResolveResult<FileSystem> res =
+ fsState.resolve(getUriPath(path), true);
+ return res.targetFileSystem.getXAttrs(res.remainingPath);
+ }
+
+ @Override
+ public Map<String, byte[]> getXAttrs(Path path, List<String> names)
+ throws IOException {
+ InodeTree.ResolveResult<FileSystem> res =
+ fsState.resolve(getUriPath(path), true);
+ return res.targetFileSystem.getXAttrs(res.remainingPath, names);
+ }
+
+ @Override
+ public void removeXAttr(Path path, String name) throws IOException {
+ InodeTree.ResolveResult<FileSystem> res = fsState.resolve(getUriPath(path),
+ true);
+ res.targetFileSystem.removeXAttr(res.remainingPath, name);
+ }
+
+ @Override
public void setVerifyChecksum(final boolean verifyChecksum) {
List<InodeTree.MountPoint<FileSystem>> mountPoints =
fsState.getMountPoints();
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/io/compress/bzip2/CBZip2InputStream.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/io/compress/bzip2/CBZip2InputStream.java?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/io/compress/bzip2/CBZip2InputStream.java (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/io/compress/bzip2/CBZip2InputStream.java Thu May 22 13:54:53 2014
@@ -129,7 +129,7 @@ public class CBZip2InputStream extends I
private int computedBlockCRC, computedCombinedCRC;
private boolean skipResult = false;// used by skipToNextMarker
- private static boolean skipDecompression = false;
+ private boolean skipDecompression = false;
// Variables used by setup* methods exclusively
@@ -281,12 +281,18 @@ public class CBZip2InputStream extends I
*/
public CBZip2InputStream(final InputStream in, READ_MODE readMode)
throws IOException {
+ this(in, readMode, false);
+ }
+
+ private CBZip2InputStream(final InputStream in, READ_MODE readMode, boolean skipDecompression)
+ throws IOException {
super();
int blockSize = 0X39;// i.e 9
this.blockSize100k = blockSize - '0';
this.in = new BufferedInputStream(in, 1024 * 9);// >1 MB buffer
this.readMode = readMode;
+ this.skipDecompression = skipDecompression;
if (readMode == READ_MODE.CONTINUOUS) {
currentState = STATE.START_BLOCK_STATE;
lazyInitialization = (in.available() == 0)?true:false;
@@ -316,11 +322,7 @@ public class CBZip2InputStream extends I
*
*/
public static long numberOfBytesTillNextMarker(final InputStream in) throws IOException{
- CBZip2InputStream.skipDecompression = true;
- CBZip2InputStream anObject = null;
-
- anObject = new CBZip2InputStream(in, READ_MODE.BYBLOCK);
-
+ CBZip2InputStream anObject = new CBZip2InputStream(in, READ_MODE.BYBLOCK, true);
return anObject.getProcessedByteCount();
}
@@ -397,7 +399,7 @@ public class CBZip2InputStream extends I
if(skipDecompression){
changeStateToProcessABlock();
- CBZip2InputStream.skipDecompression = false;
+ skipDecompression = false;
}
final int hi = offs + len;
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java Thu May 22 13:54:53 2014
@@ -1392,7 +1392,7 @@ public class UserGroupInformation {
* @param token Token to be added
* @return true on successful add of new token
*/
- public synchronized boolean addToken(Token<? extends TokenIdentifier> token) {
+ public boolean addToken(Token<? extends TokenIdentifier> token) {
return (token != null) ? addToken(token.getService(), token) : false;
}
@@ -1403,10 +1403,11 @@ public class UserGroupInformation {
* @param token Token to be added
* @return true on successful add of new token
*/
- public synchronized boolean addToken(Text alias,
- Token<? extends TokenIdentifier> token) {
- getCredentialsInternal().addToken(alias, token);
- return true;
+ public boolean addToken(Text alias, Token<? extends TokenIdentifier> token) {
+ synchronized (subject) {
+ getCredentialsInternal().addToken(alias, token);
+ return true;
+ }
}
/**
@@ -1414,10 +1415,11 @@ public class UserGroupInformation {
*
* @return an unmodifiable collection of tokens associated with user
*/
- public synchronized
- Collection<Token<? extends TokenIdentifier>> getTokens() {
- return Collections.unmodifiableCollection(
- new ArrayList<Token<?>>(getCredentialsInternal().getAllTokens()));
+ public Collection<Token<? extends TokenIdentifier>> getTokens() {
+ synchronized (subject) {
+ return Collections.unmodifiableCollection(
+ new ArrayList<Token<?>>(getCredentialsInternal().getAllTokens()));
+ }
}
/**
@@ -1425,23 +1427,27 @@ public class UserGroupInformation {
*
* @return Credentials of tokens associated with this user
*/
- public synchronized Credentials getCredentials() {
- Credentials creds = new Credentials(getCredentialsInternal());
- Iterator<Token<?>> iter = creds.getAllTokens().iterator();
- while (iter.hasNext()) {
- if (iter.next() instanceof Token.PrivateToken) {
- iter.remove();
+ public Credentials getCredentials() {
+ synchronized (subject) {
+ Credentials creds = new Credentials(getCredentialsInternal());
+ Iterator<Token<?>> iter = creds.getAllTokens().iterator();
+ while (iter.hasNext()) {
+ if (iter.next() instanceof Token.PrivateToken) {
+ iter.remove();
+ }
}
+ return creds;
}
- return creds;
}
/**
* Add the given Credentials to this user.
* @param credentials of tokens and secrets
*/
- public synchronized void addCredentials(Credentials credentials) {
- getCredentialsInternal().addAll(credentials);
+ public void addCredentials(Credentials credentials) {
+ synchronized (subject) {
+ getCredentialsInternal().addAll(credentials);
+ }
}
private synchronized Credentials getCredentialsInternal() {
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/site/apt/FileSystemShell.apt.vm
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/site/apt/FileSystemShell.apt.vm?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/site/apt/FileSystemShell.apt.vm (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/site/apt/FileSystemShell.apt.vm Thu May 22 13:54:53 2014
@@ -254,6 +254,35 @@ getfacl
Returns 0 on success and non-zero on error.
+getfattr
+
+ Usage: <<<hdfs dfs -getfattr [-R] {-n name | -d} [-e en] <path> >>>
+
+ Displays the extended attribute names and values (if any) for a file or
+ directory.
+
+ Options:
+
+ * -R: Recursively list the attributes for all files and directories.
+
+ * -n name: Dump the named extended attribute value.
+
+ * -d: Dump all extended attribute values associated with pathname.
+
+ * -e <encoding>: Encode values after retrieving them. Valid encodings are "text", "hex", and "base64". Values encoded as text strings are enclosed in double quotes ("), and values encoded as hexadecimal and base64 are prefixed with 0x and 0s, respectively.
+
+ * <path>: The file or directory.
+
+ Examples:
+
+ * <<<hdfs dfs -getfattr -d /file>>>
+
+ * <<<hdfs dfs -getfattr -R -n user.myAttr /dir>>>
+
+ Exit Code:
+
+ Returns 0 on success and non-zero on error.
+
getmerge
Usage: <<<hdfs dfs -getmerge <src> <localdst> [addnl]>>>
@@ -450,6 +479,36 @@ setfacl
Returns 0 on success and non-zero on error.
+setfattr
+
+ Usage: <<<hdfs dfs -setfattr {-n name [-v value] | -x name} <path> >>>
+
+ Sets an extended attribute name and value for a file or directory.
+
+ Options:
+
+ * -b: Remove all but the base ACL entries. The entries for user, group and others are retained for compatibility with permission bits.
+
+ * -n name: The extended attribute name.
+
+ * -v value: The extended attribute value. There are three different encoding methods for the value. If the argument is enclosed in double quotes, then the value is the string inside the quotes. If the argument is prefixed with 0x or 0X, then it is taken as a hexadecimal number. If the argument begins with 0s or 0S, then it is taken as a base64 encoding.
+
+ * -x name: Remove the extended attribute.
+
+ * <path>: The file or directory.
+
+ Examples:
+
+ * <<<hdfs dfs -setfattr -n user.myAttr -v myValue /file>>>
+
+ * <<<hdfs dfs -setfattr -n user.noValue /file>>>
+
+ * <<<hdfs dfs -setfattr -x user.myAttr /file>>>
+
+ Exit Code:
+
+ Returns 0 on success and non-zero on error.
+
setrep
Usage: <<<hdfs dfs -setrep [-R] [-w] <numReplicas> <path> >>>
Propchange: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/test/core/
------------------------------------------------------------------------------
Merged /hadoop/common/branches/HDFS-2006/hadoop-common-project/hadoop-common/src/test/core:r1588992-1596568
Merged /hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/core:r1595302-1596815
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/TestHarFileSystem.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/TestHarFileSystem.java?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/TestHarFileSystem.java (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/TestHarFileSystem.java Thu May 22 13:54:53 2014
@@ -36,6 +36,7 @@ import java.lang.reflect.Modifier;
import java.util.EnumSet;
import java.util.Iterator;
import java.util.List;
+import java.util.Map;
import static org.apache.hadoop.fs.Options.ChecksumOpt;
import static org.apache.hadoop.fs.Options.CreateOpts;
@@ -181,6 +182,21 @@ public class TestHarFileSystem {
public void setAcl(Path path, List<AclEntry> aclSpec) throws IOException;
+ public void setXAttr(Path path, String name, byte[] value)
+ throws IOException;
+
+ public void setXAttr(Path path, String name, byte[] value,
+ EnumSet<XAttrSetFlag> flag) throws IOException;
+
+ public byte[] getXAttr(Path path, String name) throws IOException;
+
+ public Map<String, byte[]> getXAttrs(Path path) throws IOException;
+
+ public Map<String, byte[]> getXAttrs(Path path, List<String> names)
+ throws IOException;
+
+ public void removeXAttr(Path path, String name) throws IOException;
+
public AclStatus getAclStatus(Path path) throws IOException;
}
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestUserGroupInformation.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestUserGroupInformation.java?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestUserGroupInformation.java (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestUserGroupInformation.java Thu May 22 13:54:53 2014
@@ -37,6 +37,7 @@ import java.io.InputStreamReader;
import java.lang.reflect.Method;
import java.security.PrivilegedExceptionAction;
import java.util.Collection;
+import java.util.ConcurrentModificationException;
import java.util.LinkedHashSet;
import java.util.Set;
@@ -845,4 +846,69 @@ public class TestUserGroupInformation {
Collection<Token<? extends TokenIdentifier>> tokens = ugi.getCredentials().getAllTokens();
assertEquals(1, tokens.size());
}
+
+ /**
+ * This test checks a race condition between getting and adding tokens for
+ * the current user. Calling UserGroupInformation.getCurrentUser() returns
+ * a new object each time, so simply making these methods synchronized was not
+ * enough to prevent race conditions and causing a
+ * ConcurrentModificationException. These methods are synchronized on the
+ * Subject, which is the same object between UserGroupInformation instances.
+ * This test tries to cause a CME, by exposing the race condition. Previously
+ * this test would fail every time; now it does not.
+ */
+ @Test
+ public void testTokenRaceCondition() throws Exception {
+ UserGroupInformation userGroupInfo =
+ UserGroupInformation.createUserForTesting(USER_NAME, GROUP_NAMES);
+ userGroupInfo.doAs(new PrivilegedExceptionAction<Void>(){
+ @Override
+ public Void run() throws Exception {
+ // make sure it is not the same as the login user because we use the
+ // same UGI object for every instantiation of the login user and you
+ // won't run into the race condition otherwise
+ assertNotEquals(UserGroupInformation.getLoginUser(),
+ UserGroupInformation.getCurrentUser());
+
+ GetTokenThread thread = new GetTokenThread();
+ try {
+ thread.start();
+ for (int i = 0; i < 100; i++) {
+ @SuppressWarnings("unchecked")
+ Token<? extends TokenIdentifier> t = mock(Token.class);
+ when(t.getService()).thenReturn(new Text("t" + i));
+ UserGroupInformation.getCurrentUser().addToken(t);
+ assertNull("ConcurrentModificationException encountered",
+ thread.cme);
+ }
+ } catch (ConcurrentModificationException cme) {
+ cme.printStackTrace();
+ fail("ConcurrentModificationException encountered");
+ } finally {
+ thread.runThread = false;
+ thread.join(5 * 1000);
+ }
+ return null;
+ }});
+ }
+
+ static class GetTokenThread extends Thread {
+ boolean runThread = true;
+ volatile ConcurrentModificationException cme = null;
+
+ @Override
+ public void run() {
+ while(runThread) {
+ try {
+ UserGroupInformation.getCurrentUser().getCredentials();
+ } catch (ConcurrentModificationException cme) {
+ this.cme = cme;
+ cme.printStackTrace();
+ runThread = false;
+ } catch (IOException ex) {
+ ex.printStackTrace();
+ }
+ }
+ }
+ }
}
Propchange: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-kms/
------------------------------------------------------------------------------
--- svn:ignore (original)
+++ svn:ignore Thu May 22 13:54:53 2014
@@ -1,2 +1,5 @@
target
downloads
+.classpath
+.project
+.settings
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-nfs/src/main/java/org/apache/hadoop/nfs/nfs3/IdUserGroup.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-nfs/src/main/java/org/apache/hadoop/nfs/nfs3/IdUserGroup.java?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-nfs/src/main/java/org/apache/hadoop/nfs/nfs3/IdUserGroup.java (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-nfs/src/main/java/org/apache/hadoop/nfs/nfs3/IdUserGroup.java Thu May 22 13:54:53 2014
@@ -24,6 +24,7 @@ import java.io.InputStreamReader;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.util.Time;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.BiMap;
@@ -79,7 +80,7 @@ public class IdUserGroup {
}
synchronized private boolean isExpired() {
- return lastUpdateTime - System.currentTimeMillis() > timeout;
+ return Time.monotonicNow() - lastUpdateTime > timeout;
}
// If can't update the maps, will keep using the old ones
@@ -210,7 +211,7 @@ public class IdUserGroup {
uidNameMap = uMap;
gidNameMap = gMap;
- lastUpdateTime = System.currentTimeMillis();
+ lastUpdateTime = Time.monotonicNow();
}
synchronized public int getUid(String user) throws IOException {
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-nfs/src/main/java/org/apache/hadoop/oncrpc/RpcProgram.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-nfs/src/main/java/org/apache/hadoop/oncrpc/RpcProgram.java?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-nfs/src/main/java/org/apache/hadoop/oncrpc/RpcProgram.java (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-nfs/src/main/java/org/apache/hadoop/oncrpc/RpcProgram.java Thu May 22 13:54:53 2014
@@ -19,11 +19,14 @@ package org.apache.hadoop.oncrpc;
import java.io.IOException;
import java.net.DatagramSocket;
+import java.net.InetSocketAddress;
+import java.net.SocketAddress;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.oncrpc.RpcAcceptedReply.AcceptState;
import org.apache.hadoop.oncrpc.security.Verifier;
+import org.apache.hadoop.oncrpc.security.VerifierNone;
import org.apache.hadoop.portmap.PortmapMapping;
import org.apache.hadoop.portmap.PortmapRequest;
import org.jboss.netty.buffer.ChannelBuffer;
@@ -37,7 +40,7 @@ import org.jboss.netty.channel.SimpleCha
* and implement {@link #handleInternal} to handle the requests received.
*/
public abstract class RpcProgram extends SimpleChannelUpstreamHandler {
- private static final Log LOG = LogFactory.getLog(RpcProgram.class);
+ static final Log LOG = LogFactory.getLog(RpcProgram.class);
public static final int RPCB_PORT = 111;
private final String program;
private final String host;
@@ -45,6 +48,7 @@ public abstract class RpcProgram extends
private final int progNumber;
private final int lowProgVersion;
private final int highProgVersion;
+ private final boolean allowInsecurePorts;
/**
* If not null, this will be used as the socket to use to connect to the
@@ -61,10 +65,14 @@ public abstract class RpcProgram extends
* @param progNumber program number as defined in RFC 1050
* @param lowProgVersion lowest version of the specification supported
* @param highProgVersion highest version of the specification supported
+ * @param DatagramSocket registrationSocket if not null, use this socket to
+ * register with portmap daemon
+ * @param allowInsecurePorts true to allow client connections from
+ * unprivileged ports, false otherwise
*/
protected RpcProgram(String program, String host, int port, int progNumber,
int lowProgVersion, int highProgVersion,
- DatagramSocket registrationSocket) {
+ DatagramSocket registrationSocket, boolean allowInsecurePorts) {
this.program = program;
this.host = host;
this.port = port;
@@ -72,6 +80,9 @@ public abstract class RpcProgram extends
this.lowProgVersion = lowProgVersion;
this.highProgVersion = highProgVersion;
this.registrationSocket = registrationSocket;
+ this.allowInsecurePorts = allowInsecurePorts;
+ LOG.info("Will " + (allowInsecurePorts ? "" : "not ") + "accept client "
+ + "connections from unprivileged ports");
}
/**
@@ -133,43 +144,82 @@ public abstract class RpcProgram extends
throws Exception {
RpcInfo info = (RpcInfo) e.getMessage();
RpcCall call = (RpcCall) info.header();
+
+ SocketAddress remoteAddress = info.remoteAddress();
+ if (!allowInsecurePorts) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Will not allow connections from unprivileged ports. " +
+ "Checking for valid client port...");
+ }
+ if (remoteAddress instanceof InetSocketAddress) {
+ InetSocketAddress inetRemoteAddress = (InetSocketAddress) remoteAddress;
+ if (inetRemoteAddress.getPort() > 1023) {
+ LOG.warn("Connection attempted from '" + inetRemoteAddress + "' "
+ + "which is an unprivileged port. Rejecting connection.");
+ sendRejectedReply(call, remoteAddress, ctx);
+ return;
+ } else {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Accepting connection from '" + remoteAddress + "'");
+ }
+ }
+ } else {
+ LOG.warn("Could not determine remote port of socket address '" +
+ remoteAddress + "'. Rejecting connection.");
+ sendRejectedReply(call, remoteAddress, ctx);
+ return;
+ }
+ }
+
if (LOG.isTraceEnabled()) {
LOG.trace(program + " procedure #" + call.getProcedure());
}
if (this.progNumber != call.getProgram()) {
LOG.warn("Invalid RPC call program " + call.getProgram());
- RpcAcceptedReply reply = RpcAcceptedReply.getInstance(call.getXid(),
- AcceptState.PROG_UNAVAIL, Verifier.VERIFIER_NONE);
-
- XDR out = new XDR();
- reply.write(out);
- ChannelBuffer b = ChannelBuffers.wrappedBuffer(out.asReadOnlyWrap()
- .buffer());
- RpcResponse rsp = new RpcResponse(b, info.remoteAddress());
- RpcUtil.sendRpcResponse(ctx, rsp);
+ sendAcceptedReply(call, remoteAddress, AcceptState.PROG_UNAVAIL, ctx);
return;
}
int ver = call.getVersion();
if (ver < lowProgVersion || ver > highProgVersion) {
LOG.warn("Invalid RPC call version " + ver);
- RpcAcceptedReply reply = RpcAcceptedReply.getInstance(call.getXid(),
- AcceptState.PROG_MISMATCH, Verifier.VERIFIER_NONE);
-
- XDR out = new XDR();
- reply.write(out);
- out.writeInt(lowProgVersion);
- out.writeInt(highProgVersion);
- ChannelBuffer b = ChannelBuffers.wrappedBuffer(out.asReadOnlyWrap()
- .buffer());
- RpcResponse rsp = new RpcResponse(b, info.remoteAddress());
- RpcUtil.sendRpcResponse(ctx, rsp);
+ sendAcceptedReply(call, remoteAddress, AcceptState.PROG_MISMATCH, ctx);
return;
}
handleInternal(ctx, info);
}
+
+ private void sendAcceptedReply(RpcCall call, SocketAddress remoteAddress,
+ AcceptState acceptState, ChannelHandlerContext ctx) {
+ RpcAcceptedReply reply = RpcAcceptedReply.getInstance(call.getXid(),
+ acceptState, Verifier.VERIFIER_NONE);
+
+ XDR out = new XDR();
+ reply.write(out);
+ if (acceptState == AcceptState.PROG_MISMATCH) {
+ out.writeInt(lowProgVersion);
+ out.writeInt(highProgVersion);
+ }
+ ChannelBuffer b = ChannelBuffers.wrappedBuffer(out.asReadOnlyWrap()
+ .buffer());
+ RpcResponse rsp = new RpcResponse(b, remoteAddress);
+ RpcUtil.sendRpcResponse(ctx, rsp);
+ }
+
+ private static void sendRejectedReply(RpcCall call,
+ SocketAddress remoteAddress, ChannelHandlerContext ctx) {
+ XDR out = new XDR();
+ RpcDeniedReply reply = new RpcDeniedReply(call.getXid(),
+ RpcReply.ReplyState.MSG_DENIED,
+ RpcDeniedReply.RejectState.AUTH_ERROR, new VerifierNone());
+ reply.write(out);
+ ChannelBuffer buf = ChannelBuffers.wrappedBuffer(out.asReadOnlyWrap()
+ .buffer());
+ RpcResponse rsp = new RpcResponse(buf, remoteAddress);
+ RpcUtil.sendRpcResponse(ctx, rsp);
+ }
protected abstract void handleInternal(ChannelHandlerContext ctx, RpcInfo info);
Modified: hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-nfs/src/test/java/org/apache/hadoop/oncrpc/TestFrameDecoder.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-nfs/src/test/java/org/apache/hadoop/oncrpc/TestFrameDecoder.java?rev=1596873&r1=1596872&r2=1596873&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-nfs/src/test/java/org/apache/hadoop/oncrpc/TestFrameDecoder.java (original)
+++ hadoop/common/branches/fs-encryption/hadoop-common-project/hadoop-nfs/src/test/java/org/apache/hadoop/oncrpc/TestFrameDecoder.java Thu May 22 13:54:53 2014
@@ -28,6 +28,8 @@ import java.util.Random;
import org.apache.hadoop.oncrpc.RpcUtil.RpcFrameDecoder;
import org.apache.hadoop.oncrpc.security.CredentialsNone;
import org.apache.hadoop.oncrpc.security.VerifierNone;
+import org.apache.log4j.Level;
+import org.apache.commons.logging.impl.Log4JLogger;
import org.jboss.netty.buffer.ByteBufferBackedChannelBuffer;
import org.jboss.netty.buffer.ChannelBuffer;
import org.jboss.netty.buffer.ChannelBuffers;
@@ -38,10 +40,16 @@ import org.junit.Test;
import org.mockito.Mockito;
public class TestFrameDecoder {
+
+ static {
+ ((Log4JLogger) RpcProgram.LOG).getLogger().setLevel(Level.ALL);
+ }
private static int resultSize;
static void testRequest(XDR request, int serverPort) {
+ // Reset resultSize so as to avoid interference from other tests in this class.
+ resultSize = 0;
SimpleTcpClient tcpClient = new SimpleTcpClient("localhost", serverPort, request,
true);
tcpClient.run();
@@ -50,9 +58,10 @@ public class TestFrameDecoder {
static class TestRpcProgram extends RpcProgram {
protected TestRpcProgram(String program, String host, int port,
- int progNumber, int lowProgVersion, int highProgVersion) {
+ int progNumber, int lowProgVersion, int highProgVersion,
+ boolean allowInsecurePorts) {
super(program, host, port, progNumber, lowProgVersion, highProgVersion,
- null);
+ null, allowInsecurePorts);
}
@Override
@@ -149,7 +158,41 @@ public class TestFrameDecoder {
@Test
public void testFrames() {
+ int serverPort = startRpcServer(true);
+ XDR xdrOut = createGetportMount();
+ int headerSize = xdrOut.size();
+ int bufsize = 2 * 1024 * 1024;
+ byte[] buffer = new byte[bufsize];
+ xdrOut.writeFixedOpaque(buffer);
+ int requestSize = xdrOut.size() - headerSize;
+
+ // Send the request to the server
+ testRequest(xdrOut, serverPort);
+
+ // Verify the server got the request with right size
+ assertEquals(requestSize, resultSize);
+ }
+
+ @Test
+ public void testUnprivilegedPort() {
+ // Don't allow connections from unprivileged ports. Given that this test is
+ // presumably not being run by root, this will be the case.
+ int serverPort = startRpcServer(false);
+
+ XDR xdrOut = createGetportMount();
+ int bufsize = 2 * 1024 * 1024;
+ byte[] buffer = new byte[bufsize];
+ xdrOut.writeFixedOpaque(buffer);
+
+ // Send the request to the server
+ testRequest(xdrOut, serverPort);
+
+ // Verify the server rejected the request.
+ assertEquals(0, resultSize);
+ }
+
+ private static int startRpcServer(boolean allowInsecurePorts) {
Random rand = new Random();
int serverPort = 30000 + rand.nextInt(10000);
int retries = 10; // A few retries in case initial choice is in use.
@@ -157,7 +200,7 @@ public class TestFrameDecoder {
while (true) {
try {
RpcProgram program = new TestFrameDecoder.TestRpcProgram("TestRpcProgram",
- "localhost", serverPort, 100000, 1, 2);
+ "localhost", serverPort, 100000, 1, 2, allowInsecurePorts);
SimpleTcpServer tcpServer = new SimpleTcpServer(serverPort, program, 1);
tcpServer.run();
break; // Successfully bound a port, break out.
@@ -169,19 +212,7 @@ public class TestFrameDecoder {
}
}
}
-
- XDR xdrOut = createGetportMount();
- int headerSize = xdrOut.size();
- int bufsize = 2 * 1024 * 1024;
- byte[] buffer = new byte[bufsize];
- xdrOut.writeFixedOpaque(buffer);
- int requestSize = xdrOut.size() - headerSize;
-
- // Send the request to the server
- testRequest(xdrOut, serverPort);
-
- // Verify the server got the request with right size
- assertEquals(requestSize, resultSize);
+ return serverPort;
}
static void createPortmapXDRheader(XDR xdr_out, int procedure) {