hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (Jira)" <j...@apache.org>
Subject [jira] [Work logged] (HADOOP-17609) Make SM4 support optional for OpenSSL native code
Date Thu, 01 Apr 2021 05:34:00 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-17609?focusedWorklogId=575332&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-575332
]

ASF GitHub Bot logged work on HADOOP-17609:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 01/Apr/21 05:33
            Start Date: 01/Apr/21 05:33
    Worklog Time Spent: 10m 
      Work Description: iwasakims commented on pull request #2847:
URL: https://github.com/apache/hadoop/pull/2847#issuecomment-811653214


   JceSm4CtrCryptoCodec instead of OpensslSm4CtrCryptoCodec is used for 'SM4/CTR/NoPadding'
since SM4 is not enabled in openssl.
   ```
   $ openssl version
   OpenSSL 1.1.1g FIPS  21 Apr 2020
   $ openssl enc -ciphers | grep -i sm4
   
   $ bin/hadoop key create key-sm4 -cipher 'SM4/CTR/NoPadding'
   $ bin/hdfs dfs -mkdir /zone-sm4
   $ bin/hdfs crypto -createZone -path /zone-sm4 -keyName key-sm4
   $ bin/hdfs dfs -put README.txt /zone-sm4/
   2021-04-01 05:26:43,137 DEBUG util.NativeCodeLoader: Trying to load the custom-built native-hadoop
library...
   2021-04-01 05:26:43,138 DEBUG util.NativeCodeLoader: Loaded the native-hadoop library
   2021-04-01 05:26:43,818 DEBUG util.PerformanceAdvisory: Both short-circuit local reads
and UNIX domain socket are disabled.
   2021-04-01 05:26:44,447 DEBUG util.PerformanceAdvisory: Crypto codec org.apache.hadoop.crypto.OpensslSm4CtrCryptoCodec
is not available.
   2021-04-01 05:26:44,447 DEBUG util.PerformanceAdvisory: Using crypto codec org.apache.hadoop.crypto.JceSm4CtrCryptoCodec.
   ...
   
   $ bin/hdfs dfs -cat README.txt /zone-sm4/README.txt
   2021-04-01 05:27:11,450 DEBUG util.NativeCodeLoader: Trying to load the custom-built native-hadoop
library...
   2021-04-01 05:27:11,451 DEBUG util.NativeCodeLoader: Loaded the native-hadoop library
   2021-04-01 05:27:12,170 DEBUG util.PerformanceAdvisory: Both short-circuit local reads
and UNIX domain socket are disabled.
   cat: `README.txt': No such file or directory
   2021-04-01 05:27:12,662 DEBUG kms.KMSClientProvider: KMSClientProvider created for KMS
url: http://localhost:9600/kms/v1/ delegation token service: kms://http@localhost:9600/kms
canonical service: 127.0.0.1:9600.
   2021-04-01 05:27:12,665 DEBUG kms.LoadBalancingKMSClientProvider: Created LoadBalancingKMSClientProvider
for KMS url: kms://http@localhost:9600/kms with 1 providers. delegation token service: kms://http@localhost:9600/kms,
canonical service: 127.0.0.1:9600
   2021-04-01 05:27:12,686 DEBUG util.PerformanceAdvisory: Crypto codec org.apache.hadoop.crypto.OpensslSm4CtrCryptoCodec
is not available.
   2021-04-01 05:27:12,686 DEBUG util.PerformanceAdvisory: Using crypto codec org.apache.hadoop.crypto.JceSm4CtrCryptoCodec.
   ...
   
   For the latest information about Hadoop, please visit our website at:
   
      http://hadoop.apache.org/
   
   and our wiki, at:
   ```


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 575332)
    Time Spent: 1h  (was: 50m)

> Make SM4 support optional for OpenSSL native code
> -------------------------------------------------
>
>                 Key: HADOOP-17609
>                 URL: https://issues.apache.org/jira/browse/HADOOP-17609
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: native
>    Affects Versions: 3.4.0
>            Reporter: Masatake Iwasaki
>            Assignee: Masatake Iwasaki
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 1h
>  Remaining Estimate: 0h
>
> openssl-devel-1.1.1g provided by CentOS 8 does not work after HDFS-15098 because the
SM4 is not enabled on the openssl package. We should not force users to install OpenSSL from
source code even if they do not use SM4 feature.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org


Mime
View raw message