[
https://issues.apache.org/jira/browse/HDFS-7382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14203741#comment-14203741
]
Yongjun Zhang commented on HDFS-7382:
-------------------------------------
HI [~cnauroth],
Thanks for reporting the issue and working on the solution. I reviewed the fix,
it looks good to me. I happen to notice a typo in the related code at line 113:
{code}
} else if (datanodeId.getXferPort() < 1024) {
LOG.debug(
"SASL server skipping handshake in unsecured configuration for "
+ "peer = {}, datanodeId = {}", peer, datanodeId);
return new IOStreamPair(underlyingIn, underlyingOut);
} else if (dnConf.getSaslPropsResolver() != null) {
{code}
In the debug message above, the "unsecured" meant "secured". Can we fix it in
this patch?
Another thing is, I wish the 1024 is a constant defined in the security util
somewhere, but it pre-existed. So I think it we were to replace it, it does not
have to be the scope of this jira.
Thanks again.
> DataNode in secure mode may throw NullPointerException if client connects
> before DataNode registers itself with NameNode.
> -------------------------------------------------------------------------------------------------------------------------
>
> Key: HDFS-7382
> URL: https://issues.apache.org/jira/browse/HDFS-7382
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: datanode, security
> Reporter: Chris Nauroth
> Assignee: Chris Nauroth
> Priority: Minor
> Attachments: HDFS-7382.1.patch
>
>
> {{SaslDataTransferServer#receive}} needs to check if the DataNode is
> listening on a privileged port. It does this by checking the address from
> the {{DatanodeID}}. However, there is a window of time when this will be
> {{null}}. If a client is still holding a {{LocatedBlock}} that references
> that DataNode and chooses to connect, then there is a risk of getting a
> {{NullPointerException}}.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
