ctubbsii commented on a change in pull request #1834:
URL: https://github.com/apache/accumulo/pull/1834#discussion_r542709822
##########
File path:
server/base/src/main/java/org/apache/accumulo/server/security/SystemCredentials.java
##########
@@ -83,10 +82,19 @@ public TCredentials toThrift(String instanceID) {
public static final class SystemToken extends PasswordToken {
/**
- * Accumulo servers will only communicate with each other when this is the
same. Bumped for 2.0
- * to prevent 1.9 and 2.0 servers from communicating.
+ * Accumulo servers will only communicate with each other when this is the
same.
+ *
+ * <ul>
+ * <li>Initial version 2 for 1.5 to support rolling upgrades for bugfix
releases (ACCUMULO-751)
+ * <li>Bumped to 3 for 1.6 for additional namespace RPC changes
(ACCUMULO-802)
+ * <li>Bumped to 4 for 2.0 to prevent 1.9 and 2.0 servers from
communicating (#1139)
+ * <li>Bumped to 5 for 2.1 because of system credential hash
incompatibility (#1798 / #1810)
+ * </ul>
*/
- private static final Integer INTERNAL_WIRE_VERSION = 4;
+ static final int INTERNAL_WIRE_VERSION = 5;
+
+ static final String SALT_PREFIX = "$6$"; // SHA-512
Review comment:
> Actually couldn't we use their constant in `Sha2Crypt` ?
That's what I had originally wanted to do. :/
> While it is more obvious, once you read 3/4 of the man page,
I should be more clear: I didn't mean it is obvious that the library is
based on the crypt(3) POSIX standard, or that it was obvious what the constant
was for. Rather, I meant to say that the only comment I could think to add
would have been self-explanatory, as my best attempt looked like "see
Crypt.crypt()". If there's some more helpful comment to add, I'm okay with
adding it... I just couldn't think of anything at the time (or now) that would
actually be useful and not self-explanatory.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
