hadoop-common-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From aajis...@apache.org
Subject hadoop git commit: HADOOP-14001. Improve delegation token validity checking.
Date Thu, 19 Jan 2017 08:58:56 GMT
Repository: hadoop
Updated Branches:
  refs/heads/branch-2 1cc5f460e -> c6c29d008


HADOOP-14001. Improve delegation token validity checking.

(cherry picked from commit 176346721006a03f41d028560e9e29b5931d5be2)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/c6c29d00
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/c6c29d00
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/c6c29d00

Branch: refs/heads/branch-2
Commit: c6c29d0080964e55ff84246af1e4149d1ef3162a
Parents: 1cc5f46
Author: Akira Ajisaka <aajisaka@apache.org>
Authored: Thu Jan 19 17:56:39 2017 +0900
Committer: Akira Ajisaka <aajisaka@apache.org>
Committed: Thu Jan 19 17:58:44 2017 +0900

----------------------------------------------------------------------
 .../token/delegation/AbstractDelegationTokenSecretManager.java | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/c6c29d00/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
index 21d3dd6..4b14059 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
@@ -21,7 +21,7 @@ package org.apache.hadoop.security.token.delegation;
 import java.io.ByteArrayInputStream;
 import java.io.DataInputStream;
 import java.io.IOException;
-import java.util.Arrays;
+import java.security.MessageDigest;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Iterator;
@@ -467,7 +467,7 @@ extends AbstractDelegationTokenIdentifier>
   public synchronized void verifyToken(TokenIdent identifier, byte[] password)
       throws InvalidToken {
     byte[] storedPassword = retrievePassword(identifier);
-    if (!Arrays.equals(password, storedPassword)) {
+    if (!MessageDigest.isEqual(password, storedPassword)) {
       throw new InvalidToken("token " + formatTokenId(identifier)
           + " is invalid, password doesn't match");
     }
@@ -516,7 +516,7 @@ extends AbstractDelegationTokenIdentifier>
           + id.getSequenceNumber());
     }
     byte[] password = createPassword(token.getIdentifier(), key.getKey());
-    if (!Arrays.equals(password, token.getPassword())) {
+    if (!MessageDigest.isEqual(password, token.getPassword())) {
       throw new AccessControlException(renewer
           + " is trying to renew a token "
           + formatTokenId(id) + " with wrong password");


---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org


Mime
View raw message