[
https://issues.apache.org/jira/browse/HDFS-2856?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Chris Nauroth updated HDFS-2856:
--------------------------------
Attachment: HDFS-2856.7.patch
I'm attaching a v7 trunk patch, and also a v7 branch-2 patch. I noticed that
the trunk patch won't quite work for branch-2, because branch-2 still has the
legacy web UI code, and that includes some logic for getting a {{BlockReader}},
which is impacted by this patch.
The only change since last time in the trunk patch is in
{{DataTransferSaslUtil#getPeerAddress}}. I made this method more resilient to
parsing the format of the address string after I saw a test failure on branch-2.
In the branch-2 patch, the only incremental differences are in {{JspHelper}}
and {{DatanodeJspHelper}}.
> Fix block protocol so that Datanodes don't require root or jsvc
> ---------------------------------------------------------------
>
> Key: HDFS-2856
> URL: https://issues.apache.org/jira/browse/HDFS-2856
> Project: Hadoop HDFS
> Issue Type: Improvement
> Components: datanode, security
> Affects Versions: 3.0.0, 2.4.0
> Reporter: Owen O'Malley
> Assignee: Chris Nauroth
> Attachments: Datanode-Security-Design.pdf,
> Datanode-Security-Design.pdf, Datanode-Security-Design.pdf,
> HDFS-2856-Test-Plan-1.pdf, HDFS-2856-branch-2.7.patch, HDFS-2856.1.patch,
> HDFS-2856.2.patch, HDFS-2856.3.patch, HDFS-2856.4.patch, HDFS-2856.5.patch,
> HDFS-2856.6.patch, HDFS-2856.7.patch, HDFS-2856.prototype.patch
>
>
> Since we send the block tokens unencrypted to the datanode, we currently
> start the datanode as root using jsvc and get a secure (< 1024) port.
> If we have the datanode generate a nonce and send it on the connection and
> the sends an hmac of the nonce back instead of the block token it won't
> reveal any secrets. Thus, we wouldn't require a secure port and would not
> require root or jsvc.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
