[
https://issues.apache.org/jira/browse/BOOKKEEPER-938?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15401032#comment-15401032
]
ASF GitHub Bot commented on BOOKKEEPER-938:
-------------------------------------------
Github user sijie commented on the issue:
https://github.com/apache/bookkeeper/pull/52
@dlg99 I am having trouble to merge your pull requests. because your github
profile doesn't have 'username' and 'email'. so the merge script will fail. Can
you please update your github profile, so that the merge script can use that to
fill the commit message.
> LedgerOpenOp should use digestType from metadata
> ------------------------------------------------
>
> Key: BOOKKEEPER-938
> URL: https://issues.apache.org/jira/browse/BOOKKEEPER-938
> Project: Bookkeeper
> Issue Type: Bug
> Components: bookkeeper-client
> Affects Versions: 4.5.0
> Reporter: Andrey Yegorov
> Priority: Minor
>
> Currently digestType verification in LedgerOpenOp seems to be treated as part
> of security logic. Since it is checked after password and error explicitly
> states that digestType mismatched, all that evil hacker has to do is to
> change digest type to another one. There are only two of them after all.
> here is the scenario significantly affected by current behavior:
> 1. user rolls out clients with digestType set to MAC and creates lots of
> ledgers.
> 2. user notices that MAC is slower than CRC32 and decides to change
> digestType.
> 3. more ledgers created with CRC32.
> 4. user tries to read old and new ledgers
> -> now old ledgers cannot be read because of the digest type mismatch.
> I'll send pull request for review.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
