[
https://issues.apache.org/jira/browse/DRILL-4335?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15970790#comment-15970790
]
ASF GitHub Bot commented on DRILL-4335:
---------------------------------------
Github user sohami commented on a diff in the pull request:
https://github.com/apache/drill/pull/773#discussion_r111647365
--- Diff:
exec/java-exec/src/main/java/org/apache/drill/exec/rpc/user/UserClient.java ---
@@ -135,20 +137,33 @@ public void submitQuery(UserResultsListener
resultsListener, RunQuery query) {
* @param credentials credentials
* @throws RpcException if either connection or authentication fails
*/
- public void connect(final DrillbitEndpoint endpoint, final
DrillProperties properties,
- final UserCredentials credentials) throws
RpcException {
- final UserToBitHandshake handshake = UserToBitHandshake.newBuilder()
+ public void connect(final DrillbitEndpoint endpoint, final
DrillProperties properties, final UserCredentials credentials) throws
RpcException {
+ final UserToBitHandshake.Builder hsBuilder =
UserToBitHandshake.newBuilder()
.setRpcVersion(UserRpcConfig.RPC_VERSION)
.setSupportListening(true)
.setSupportComplexTypes(supportComplexTypes)
.setSupportTimeout(true)
.setCredentials(credentials)
.setClientInfos(UserRpcUtils.getRpcEndpointInfos(clientName))
- .setSaslSupport(SaslSupport.SASL_AUTH)
- .setProperties(properties.serializeForServer())
- .build();
+ .setSaslSupport(SaslSupport.SASL_PRIVACY)
+ .setProperties(properties.serializeForServer());
+
+ // Only used for testing purpose
+ if (properties.containsKey(DrillProperties.TEST_OLD_CLIENT)) {
+ hsBuilder.setSaslSupport(SaslSupport.valueOf(
+
Integer.parseInt(properties.getProperty(DrillProperties.TEST_OLD_CLIENT))));
+ }
+
+ connect(hsBuilder.build(), endpoint).checkedGet();
+
+ // Check if client needs encryption and server is not configured for
encryption.
+ final boolean clientNeedEncryption =
properties.containsKey(DrillProperties.ENCRYPTION)
--- End diff --
Changed
> Apache Drill should support network encryption
> ----------------------------------------------
>
> Key: DRILL-4335
> URL: https://issues.apache.org/jira/browse/DRILL-4335
> Project: Apache Drill
> Issue Type: New Feature
> Reporter: Keys Botzum
> Assignee: Sorabh Hamirwasia
> Labels: security
> Attachments: ApacheDrillEncryptionUsingSASLDesign.pdf
>
>
> This is clearly related to Drill-291 but wanted to make explicit that this
> needs to include network level encryption and not just authentication. This
> is particularly important for the client connection to Drill which will often
> be sending passwords in the clear until there is encryption.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
