[jira] [Commented] (HDFS-8775) SASL support for data transfer protocol in libhdfspp

Wed, 12 Aug 2015 12:03:18 -0700 

    [ 
https://issues.apache.org/jira/browse/HDFS-8775?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14694015#comment-14694015
 ] 

Haohui Mai commented on HDFS-8775:
----------------------------------

Thanks for the reviews.

The code basically blindly follows the RFC thus I see little value of comments 
that document the workflow of the protocol.

bq. What is the TEST_mock_cnonce for? Do we have a mechanism to strip it out of 
release code? Can we #ifdef it out?

Used in the unit test. LevelDB does basically the same. It's better to keep 
them as is to simplify the deployment and testing.

bq. Why is kMaxBufferSize 64k? Does that relate to some other constant (in 
which case, can we import the symbol?) or is it just "64k should be enough for 
anybody"?

Typical requests won't exceed 64k. Larger request should be considered 
malformed and be rejected.

bq. GenerateCNonce(): is RAND_pseudo good enough for security in this case, or 
should we be using (transitively) /dev/random?

In practice a pseudo random number is sufficient for the purpose of nonce.

bq. malform requests.

These requests are not necessarily malformed according to the RFC as long as 
the required fields are presented.

bq. ParseFirstChallenge(): requires a "nonce" field in the message, but doesn't 
use it

It does.

{code}
+  nonce_ = props["nonce"];
...
+     << ",nonce=\"" << QuoteString(nonce_) << "\""
{code}

bq. GetMD5Digest(): we should check the return values of the OpenSSL calls

It doesn't seem to be necessarily if the input is from memory. Here is a code 
snippet from boringssl.

{code}
uint8_t *MD5(const uint8_t *data, size_t len, uint8_t *out) {
  MD5_CTX ctx;
  static uint8_t digest[MD5_DIGEST_LENGTH];

  /* TODO(fork): remove this static buffer. */
  if (out == NULL) {
    out = digest;
  }

  MD5_Init(&ctx);
  MD5_Update(&ctx, data, len);
  MD5_Final(out, &ctx);

  return out;
}
{code}

bq. Negative tests

They would be nice to have but maybe we can add them in separate jiras.

> SASL support for data transfer protocol in libhdfspp
> ----------------------------------------------------
>
>                 Key: HDFS-8775
>                 URL: https://issues.apache.org/jira/browse/HDFS-8775
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: hdfs-client
>            Reporter: Haohui Mai
>            Assignee: Haohui Mai
>         Attachments: HDFS-8775.000.patch
>
>
> This jira proposes to implement basic SASL support for the data transfer 
> protocol which allows libhdfspp to talk to secure clusters.
> Support for encryption is deferred to subsequent jiras.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to