hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mithun Radhakrishnan (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-17169) Avoid extra call to KeyProvider::getMetadata()
Date Thu, 27 Jul 2017 23:07:00 GMT

    [ https://issues.apache.org/jira/browse/HIVE-17169?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16104059#comment-16104059
] 

Mithun Radhakrishnan commented on HIVE-17169:
---------------------------------------------

An additional reason to avoid {{KeyProvider::getMetadata()}} is that the HDFS might be set
up to disallow this call for all but HDFS super-users. The {{EncryptionZone}} instance already
provides what we need.

> Avoid extra call to KeyProvider::getMetadata()
> ----------------------------------------------
>
>                 Key: HIVE-17169
>                 URL: https://issues.apache.org/jira/browse/HIVE-17169
>             Project: Hive
>          Issue Type: Bug
>          Components: Shims
>    Affects Versions: 3.0.0
>            Reporter: Mithun Radhakrishnan
>            Assignee: Mithun Radhakrishnan
>         Attachments: HIVE-17169.1.patch
>
>
> Here's the code from {{Hadoop23Shims}}:
> {code:title=Hadoop23Shims.java|borderStyle=solid}
>     @Override
>     public int comparePathKeyStrength(Path path1, Path path2) throws IOException {
>       EncryptionZone zone1, zone2;
>       zone1 = hdfsAdmin.getEncryptionZoneForPath(path1);
>       zone2 = hdfsAdmin.getEncryptionZoneForPath(path2);
>       if (zone1 == null && zone2 == null) {
>         return 0;
>       } else if (zone1 == null) {
>         return -1;
>       } else if (zone2 == null) {
>         return 1;
>       }
>       return compareKeyStrength(zone1.getKeyName(), zone2.getKeyName());
>     }
>     private int compareKeyStrength(String keyname1, String keyname2) throws IOException
{
>       KeyProvider.Metadata meta1, meta2;
>       if (keyProvider == null) {
>         throw new IOException("HDFS security key provider is not configured on your server.");
>       }
>       meta1 = keyProvider.getMetadata(keyname1);
>       meta2 = keyProvider.getMetadata(keyname2);
>       if (meta1.getBitLength() < meta2.getBitLength()) {
>         return -1;
>       } else if (meta1.getBitLength() == meta2.getBitLength()) {
>         return 0;
>       } else {
>         return 1;
>       }
>     }
>   }
> {code}
> It turns out that {{EncryptionZone}} already has the cipher's bit-length stored in a
member variable. One shouldn't need an additional name-node call ({{KeyProvider::getMetadata()}})
only to fetch it again.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message