[
https://issues.apache.org/jira/browse/KUDU-1900?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16758883#comment-16758883
]
Alexey Serbin edited comment on KUDU-1900 at 2/2/19 5:35 AM:
-------------------------------------------------------------
[~grishick], I think the piece of code you are interested in is
https://github.com/apache/kudu/blob/990bb4d134c8fd9bd4621cd2fb9827d47f623db7/src/kudu/rpc/server_negotiation.cc#L512
However, I think the essence is in how {{Socket::IsLoopbackConnection()}} is
implemented. The suggestion is to update its implementation to be more robust
and straightforward in case if both the remote and local addresses of the
socket are loopback ones, i.e. in 127.0.0.0/8 subnet. Maybe, this wiki article
might be relevant: https://en.wikipedia.org/wiki/Localhost
was (Author: aserbin):
[~grishick], I think the piece of code you are interested in is
https://github.com/apache/kudu/blob/990bb4d134c8fd9bd4621cd2fb9827d47f623db7/src/kudu/rpc/server_negotiation.cc#L512
> Localhost connections to single-host clusters on Ubuntu don't skip TLS
> ----------------------------------------------------------------------
>
> Key: KUDU-1900
> URL: https://issues.apache.org/jira/browse/KUDU-1900
> Project: Kudu
> Issue Type: Bug
> Components: perf, security
> Reporter: Todd Lipcon
> Priority: Major
> Labels: newbie
>
> On Ubuntu, it seems like we sometimes end up with connections from 127.0.1.1
> to 127.0.0.1 when running a local cluster and connecting to to it from the
> same machine. This is because Ubuntu puts an entry with the host's external
> hostname in /etc/hosts as 127.0.1.1, and the tablet server ends up
> registering with that name. The code that detects loopback connections sees
> the "127.0.0.1 -> 127.0.1.1" and decides it's not loopback.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
