[GitHub] spark pull request #15172: [SPARK-13331] AES support for over-the-wire encry...

Fri, 23 Sep 2016 12:08:51 -0700 

Github user vanzin commented on a diff in the pull request:

    https://github.com/apache/spark/pull/15172#discussion_r80307342
  
    --- Diff: 
common/network-common/src/main/java/org/apache/spark/network/sasl/SaslClientBootstrap.java
 ---
    @@ -67,27 +64,21 @@ public SaslClientBootstrap(
        */
       @Override
       public void doBootstrap(TransportClient client, Channel channel) {
    -    SparkSaslClient saslClient = new SparkSaslClient(appId, 
secretKeyHolder, encrypt);
    -    try {
    -      byte[] payload = saslClient.firstToken();
    -
    -      while (!saslClient.isComplete()) {
    -        SaslMessage msg = new SaslMessage(appId, payload);
    -        ByteBuf buf = Unpooled.buffer(msg.encodedLength() + (int) 
msg.body().size());
    -        msg.encode(buf);
    -        buf.writeBytes(msg.body().nioByteBuffer());
    -
    -        ByteBuffer response = client.sendRpcSync(buf.nioBuffer(), 
conf.saslRTTimeoutMs());
    -        payload = saslClient.response(JavaUtils.bufferToArray(response));
    -      }
    +    boolean aesEnable = conf.saslEncryptionAesEnabled();
    --- End diff --
    
    My initial idea is that this should be more dynamic... e.g. instead of an 
explicit configuration, if the user enables SASL encryption, the code would 
automatically negotiate the strongest possible cipher to use.
    
    For example, the `SaslMessage` could have a new field saying whether the 
receiving side supports AES encryption, or which ciphers it supports. When 
talking to an old shuffle service, that field would be empty (on the wire), 
meaning it only supports built-in SASL ciphers. Newer servers would list 
AES-specific info there (e.g. enabled cipher transformations), and could use 
the new key negotiation code.
    
    That's a little more work though. I like that it requires less input from 
the user. But maybe having an explicit option for the moment is fine...


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to