[
https://issues.apache.org/jira/browse/DRILL-5882?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16209827#comment-16209827
]
ASF GitHub Bot commented on DRILL-5882:
---------------------------------------
Github user parthchandra commented on a diff in the pull request:
https://github.com/apache/drill/pull/997#discussion_r145510774
--- Diff: contrib/native/client/src/clientlib/drillClientImpl.cpp ---
@@ -595,6 +611,12 @@ connectionStatus_t
DrillClientImpl::validateHandshake(DrillUserProperties* prope
switch(this->m_handshakeStatus) {
case exec::user::SUCCESS:
+ // Check if client needs auth/encryption and server is not
requiring it
+ if(clientNeedsAuthentication(properties) ||
clientNeedsEncryption(properties)) {
--- End diff --
Also, do you need two different messages : auth required and encr required ?
> C++ Client: [Threat Modeling] Drillbit may be spoofed by an attacker and this
> may lead to data being written to the attacker's target instead of Drillbit
> ---------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: DRILL-5882
> URL: https://issues.apache.org/jira/browse/DRILL-5882
> Project: Apache Drill
> Issue Type: Sub-task
> Components: Client - C++
> Reporter: Sorabh Hamirwasia
> Assignee: Karthikeyan Manivannan
> Fix For: 1.12.0
>
>
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
