[
https://issues.apache.org/jira/browse/CASSANDRA-3462?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jonathan Ellis updated CASSANDRA-3462:
--------------------------------------
Reviewer: brandon.williams
Affects Version/s: (was: 1.0.1)
Fix Version/s: 1.0.3
Assignee: David Allsopp
> Determine IP address of Message sender from the socket, rather than trusting
> the sender
> ---------------------------------------------------------------------------------------
>
> Key: CASSANDRA-3462
> URL: https://issues.apache.org/jira/browse/CASSANDRA-3462
> Project: Cassandra
> Issue Type: Sub-task
> Components: Core
> Environment: All.
> Reporter: David Allsopp
> Assignee: David Allsopp
> Labels: authentication, security
> Fix For: 1.0.3
>
> Attachments: Cassandra-3462-v2.patch, Cassandra-3462.patch
>
>
> A prerequisite for preventing malicious nodes from joining a cluster (parent
> issue https://issues.apache.org/jira/browse/CASSANDRA-2274) is that we can
> determine the IP of the sender (setting aside the fact that this may be
> spoofed by a determined attacker).
> Currently we deserialize the "from" IP address from the incoming message
> header, using Header.deserialize() and
> CompactEndpointSerializationHelper.deserialize() i.e. we trust the sender to
> supply a true IP address.
> We could stop storing the IP address in the message Header at all (saving a
> small amount of space) and set the 'true' sender IP upon receipt of the
> message, in org.apache.cassandra.net.IncomingTcpConnection, using
> socket.getInetAddress().
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
