[jira] [Commented] (ZOOKEEPER-1437) Client uses session before SASL authentication complete

[Mahadev konar (JIRA)]

    [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-1437?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13404300#comment-13404300
 ] 

Mahadev konar commented on ZOOKEEPER-1437:
------------------------------------------

Looked at the patch. Couple of comments on it:

- You added 
{code} public boolean readOnly; {code}
 In ClientCnxn.java Packet class which doesnt seem to be used anywhere, am I 
correct?

- I think we are a little weak on our synchronizations in the patch. I will 
take a look again but looks like its using a lot of member variables which 
could get changed by various threads. 

- I think there is a race condition in ClientCnxnSocketNIO:findSendablePacket() 
wherein how do you make sure that the sasl packets (without header) are present 
in the queue before we start running the thread. What I mean to say is that is 
it possible that we will land up with 

{code}
  } else {
                    // Tunnelled authentication is not in progress: just
                    // send the first packet in the queue.
                    return outgoingQueue.getFirst();
                }
{code}
Even though we are not done authenticating via sasl?

                
> Client uses session before SASL authentication complete
> -------------------------------------------------------
>
>                 Key: ZOOKEEPER-1437
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1437
>             Project: ZooKeeper
>          Issue Type: Bug
>          Components: java client
>    Affects Versions: 3.4.3
>            Reporter: Thomas Weise
>            Assignee: Eugene Koontz
>             Fix For: 3.4.4, 3.5.0
>
>         Attachments: ZOOKEEPER-1437.patch, ZOOKEEPER-1437.patch, 
> ZOOKEEPER-1437.patch, ZOOKEEPER-1437.patch, ZOOKEEPER-1437.patch, 
> ZOOKEEPER-1437.patch, ZOOKEEPER-1437.patch, ZOOKEEPER-1437.patch, 
> ZOOKEEPER-1437.patch, ZOOKEEPER-1437.patch, ZOOKEEPER-1437.patch, 
> ZOOKEEPER-1437.patch, ZOOKEEPER-1437.patch, ZOOKEEPER-1437.patch, 
> ZOOKEEPER-1437.patch, getXidCallHierarchy.png
>
>
> Found issue in the context of hbase region server startup, but can be 
> reproduced w/ zkCli alone.
> getData may occur prior to SaslAuthenticated and fail with NoAuth. This is 
> not expected behavior when the client is configured to use SASL.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira