Dan Burkert has submitted this change and it was merged. Change subject: [security] protect against master SASL negotiation short-circuit ......................................................................
[security] protect against master SASL negotiation short-circuit In both clients we weren't checking that the local SASL client considered the negotiation to be complete when the server sent us a SASL_SUCCESS message. This would allow a malicious server to trick the client into thinking it had authenticated the server, when in reality it had not. This ended up being easier in the Java client because the JDK SASL API includes an 'isComplete', and there is not equivalent in cyrus SASL, so the state has to be tracked explicitly. Change-Id: I8f3b3d4f47e887b48c1c704c900e9260c22cec3a Reviewed-on: http://gerrit.cloudera.org:8080/6148 Reviewed-by: Todd Lipcon <[email protected]> Tested-by: Kudu Jenkins --- M java/kudu-client/src/main/java/org/apache/kudu/client/Negotiator.java M src/kudu/rpc/client_negotiation.cc M src/kudu/rpc/client_negotiation.h 3 files changed, 49 insertions(+), 22 deletions(-) Approvals: Todd Lipcon: Looks good to me, approved Kudu Jenkins: Verified -- To view, visit http://gerrit.cloudera.org:8080/6148 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: merged Gerrit-Change-Id: I8f3b3d4f47e887b48c1c704c900e9260c22cec3a Gerrit-PatchSet: 6 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Dan Burkert <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Todd Lipcon <[email protected]>
