Marcelo Vanzin created SPARK-23538:
--------------------------------------
Summary: Simplify SSL configuration for https client
Key: SPARK-23538
URL: https://issues.apache.org/jira/browse/SPARK-23538
Project: Spark
Issue Type: Improvement
Components: Spark Core
Affects Versions: 2.4.0
Reporter: Marcelo Vanzin
There's code in {{SecurityManager}} that is used to configure SSL for the code
that downloads dependencies from https servers:
{code}
// SSL configuration for the file server. This is used by
Utils.setupSecureURLConnection().
val fileServerSSLOptions = getSSLOptions("fs")
val (sslSocketFactory, hostnameVerifier) = if (fileServerSSLOptions.enabled) {
...
{code}
It was added for an old feature that doesn't exist anymore (the "file server"
referenced in the comment), but can still be used to configure the built-in JRE
SSL code with a custom trust store, for example.
We should instead:
- move this code out of SecurityManager, and place it where it's actually used
({{Utils.setupSecureURLConnection}}.
- remove the dummy trust manager / host verifier since they don't make a lot of
sense for the client code (and only made slightly more sense for the file
server case).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org
