Apache Spark commented on SPARK-23538:

User 'vanzin' has created a pull request for this issue:

> Simplify SSL configuration for https client
> -------------------------------------------
>                 Key: SPARK-23538
>                 URL: https://issues.apache.org/jira/browse/SPARK-23538
>             Project: Spark
>          Issue Type: Improvement
>          Components: Spark Core
>    Affects Versions: 2.4.0
>            Reporter: Marcelo Vanzin
>            Priority: Minor
> There's code in {{SecurityManager}} that is used to configure SSL for the 
> code that downloads dependencies from https servers:
> {code}
>   // SSL configuration for the file server. This is used by 
> Utils.setupSecureURLConnection().
>   val fileServerSSLOptions = getSSLOptions("fs")
>   val (sslSocketFactory, hostnameVerifier) = if 
> (fileServerSSLOptions.enabled) {
>     ...
> {code}
> It was added for an old feature that doesn't exist anymore (the "file server" 
> referenced in the comment), but can still be used to configure the built-in 
> JRE SSL code with a custom trust store, for example.
> We should instead:
> - move this code out of SecurityManager, and place it where it's actually 
> used ({{Utils.setupSecureURLConnection}}.
> - remove the dummy trust manager / host verifier since they don't make a lot 
> of sense for the client code (and only made slightly more sense for the file 
> server case).

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org

Reply via email to