[jira] [Commented] (HDFS-7073) Allow falling back to a non-SASL connection on DataTransferProtocol in several edge cases.

Wed, 17 Sep 2014 12:07:28 -0700 

    [ 
https://issues.apache.org/jira/browse/HDFS-7073?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14137762#comment-14137762
 ] 

Jitendra Nath Pandey commented on HDFS-7073:
--------------------------------------------

bq. ... Maybe this whole code path would benefit from a larger clean-up 
refactoring, but that would be too much to fold into this patch now.
I agree, that much of refactoring will be beyond this patch's scope. I am ok to 
leave it as it is.

bq. ... catch-all else block
The catch all else block should just throw an exception on the server side. If 
security is on, ports are not secured, and dfs.data.transfer.protection, 
ignore.secure.ports.for.testing are also off then we shouldn't allow a 
connection.
  I agree to leave it as it is on the client side.

> Allow falling back to a non-SASL connection on DataTransferProtocol in 
> several edge cases.
> ------------------------------------------------------------------------------------------
>
>                 Key: HDFS-7073
>                 URL: https://issues.apache.org/jira/browse/HDFS-7073
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: datanode, hdfs-client, security
>            Reporter: Chris Nauroth
>            Assignee: Chris Nauroth
>         Attachments: HDFS-7073.1.patch
>
>
> HDFS-2856 implemented general SASL support on DataTransferProtocol.  Part of 
> that work also included a fallback mode in case the remote cluster is running 
> under a different configuration without SASL.  I've discovered a few edge 
> case configurations that this did not support:
> * Cluster is unsecured, but has block access tokens enabled.  This is not 
> something I've seen done in practice, but I've heard historically it has been 
> allowed.  The HDFS-2856 code relied on seeing an empty block access token to 
> trigger fallback, and this doesn't work if the unsecured cluster actually is 
> using block access tokens.
> * The DataNode has an unpublicized testing configuration property that could 
> be used to skip the privileged port check.  However, the HDFS-2856 code is 
> still enforcing requirement of SASL when the ports are not privileged, so 
> this would force existing configurations to make changes to activate SASL.
> This patch will restore the old behavior so that these edge case 
> configurations will continue to work the same way.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to