[
https://issues.apache.org/jira/browse/BOOKKEEPER-938?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15402009#comment-15402009
]
Hudson commented on BOOKKEEPER-938:
-----------------------------------
SUCCESS: Integrated in bookkeeper-master #1460 (See
[https://builds.apache.org/job/bookkeeper-master/1460/])
BOOKKEEPER-938 ledger digestType autodetection on open (sijie: rev
64f596f4563436b3e4cfe0f57714fc3012778b4c)
*
bookkeeper-server/src/test/java/org/apache/bookkeeper/client/BookieWriteLedgersWithDifferentDigestsTest.java
* bookkeeper-server/src/main/java/org/apache/bookkeeper/client/LedgerOpenOp.java
*
bookkeeper-server/src/main/java/org/apache/bookkeeper/conf/ClientConfiguration.java
> LedgerOpenOp should use digestType from metadata
> ------------------------------------------------
>
> Key: BOOKKEEPER-938
> URL: https://issues.apache.org/jira/browse/BOOKKEEPER-938
> Project: Bookkeeper
> Issue Type: Bug
> Components: bookkeeper-client
> Affects Versions: 4.5.0
> Reporter: Andrey Yegorov
> Assignee: Andrey Yegorov
> Priority: Minor
> Fix For: 4.5.0
>
>
> Currently digestType verification in LedgerOpenOp seems to be treated as part
> of security logic. Since it is checked after password and error explicitly
> states that digestType mismatched, all that evil hacker has to do is to
> change digest type to another one. There are only two of them after all.
> here is the scenario significantly affected by current behavior:
> 1. user rolls out clients with digestType set to MAC and creates lots of
> ledgers.
> 2. user notices that MAC is slower than CRC32 and decides to change
> digestType.
> 3. more ledgers created with CRC32.
> 4. user tries to read old and new ledgers
> -> now old ledgers cannot be read because of the digest type mismatch.
> I'll send pull request for review.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
