Hi Zk community, I’ve been looking at the following ticket for a while and made me thinking: ZOOKEEPER-2175 Checksum validation for malformed packets needs to handle. https://issues.apache.org/jira/browse/ZOOKEEPER-2175
It has been found in 3.4.6 originally and not resolved since then saying that wire encryption probably resolves it for free. I have doubts against the issue could actually happen at all, but the evidence in the jira is quite convincing. 1) But what if somebody don’t want the overhead of using encryption? 2) How often this issue could ever happen given that TCP packets have their own checksum which also protects the payload, but not bulletproof? 3) Found a suggestion in a comment to send session id in the payload of Ping packets, but malformed packets could happen in any other communication, not just session ids. 4) Does GRPC have a built-in mechanism to protect the communication? Maybe this would be the best way forward. What do you think? Andor
