[jira] [Updated] (HDFS-7073) Allow falling back to a non-SASL connection on DataTransferProtocol in several edge cases.

Thu, 18 Sep 2014 23:42:13 -0700 

     [ 
https://issues.apache.org/jira/browse/HDFS-7073?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Chris Nauroth updated HDFS-7073:
--------------------------------
    Attachment: HDFS-7073.2.patch

I'm attaching patch v2.  This takes a different approach.  We detect if the 
NameNode interaction falls back to simple auth.  If so, then we know we need to 
skip SASL for DataTransferProtocol too.

It's a bigger patch than v1, mostly due to mechanical method signature changes. 
 I needed to plumb through the various RPC client and proxy layers to pull back 
out a flag indicating if fallback to simple auth occurred.

In addition to the new tests and existing tests changed in the patch, I also 
manually tested file write and read from a client running secure configuration 
to a cluster running unsecure configuration.

Jitendra and Yi, how does this look?

> Allow falling back to a non-SASL connection on DataTransferProtocol in 
> several edge cases.
> ------------------------------------------------------------------------------------------
>
>                 Key: HDFS-7073
>                 URL: https://issues.apache.org/jira/browse/HDFS-7073
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: datanode, hdfs-client, security
>            Reporter: Chris Nauroth
>            Assignee: Chris Nauroth
>         Attachments: HDFS-7073.1.patch, HDFS-7073.2.patch
>
>
> HDFS-2856 implemented general SASL support on DataTransferProtocol.  Part of 
> that work also included a fallback mode in case the remote cluster is running 
> under a different configuration without SASL.  I've discovered a few edge 
> case configurations that this did not support:
> * Cluster is unsecured, but has block access tokens enabled.  This is not 
> something I've seen done in practice, but I've heard historically it has been 
> allowed.  The HDFS-2856 code relied on seeing an empty block access token to 
> trigger fallback, and this doesn't work if the unsecured cluster actually is 
> using block access tokens.
> * The DataNode has an unpublicized testing configuration property that could 
> be used to skip the privileged port check.  However, the HDFS-2856 code is 
> still enforcing requirement of SASL when the ports are not privileged, so 
> this would force existing configurations to make changes to activate SASL.
> This patch will restore the old behavior so that these edge case 
> configurations will continue to work the same way.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to