[
https://issues.apache.org/jira/browse/SPARK-23538?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Marcelo Vanzin resolved SPARK-23538.
------------------------------------
Resolution: Fixed
Fix Version/s: 2.4.0
Issue resolved by pull request 20723
[https://github.com/apache/spark/pull/20723]
> Simplify SSL configuration for https client
> -------------------------------------------
>
> Key: SPARK-23538
> URL: https://issues.apache.org/jira/browse/SPARK-23538
> Project: Spark
> Issue Type: Improvement
> Components: Spark Core
> Affects Versions: 2.4.0
> Reporter: Marcelo Vanzin
> Assignee: Marcelo Vanzin
> Priority: Minor
> Fix For: 2.4.0
>
>
> There's code in {{SecurityManager}} that is used to configure SSL for the
> code that downloads dependencies from https servers:
> {code}
> // SSL configuration for the file server. This is used by
> Utils.setupSecureURLConnection().
> val fileServerSSLOptions = getSSLOptions("fs")
> val (sslSocketFactory, hostnameVerifier) = if
> (fileServerSSLOptions.enabled) {
> ...
> {code}
> It was added for an old feature that doesn't exist anymore (the "file server"
> referenced in the comment), but can still be used to configure the built-in
> JRE SSL code with a custom trust store, for example.
> We should instead:
> - move this code out of SecurityManager, and place it where it's actually
> used ({{Utils.setupSecureURLConnection}}.
> - remove the dummy trust manager / host verifier since they don't make a lot
> of sense for the client code (and only made slightly more sense for the file
> server case).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org
