hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daryn Sharp (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-9816) RPC Sasl QOP is broken
Date Thu, 01 Aug 2013 23:59:50 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-9816?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Daryn Sharp updated HADOOP-9816:

    Attachment: HADOOP-9816.patch

It's a logic ordering issue.  The server is setting useWrap as soon as the sasl server is
complete, but before it sent the last response so the last response got encrypted.  The RPC
client needs that response for its sasl client to complete and begin decrypting.

All the SASL RPC are now run with each of the QOP settings and verified.

(I had to worm some tracking of the actual negotiated QOP into the connectionId to provide
adequate test coverage.  I tried to implement cleaner setting of the QOP but bizarre test
issues made me give up)
> RPC Sasl QOP is broken
> ----------------------
>                 Key: HADOOP-9816
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9816
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: ipc, security
>    Affects Versions: 3.0.0, 2.1.0-beta, 2.3.0
>            Reporter: Daryn Sharp
>            Assignee: Daryn Sharp
>            Priority: Blocker
>         Attachments: HADOOP-9816.patch
> HADOOP-9421 broke the handling of SASL wrapping for RPC QOP integrity and privacy options.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message