Junping Du created HADOOP-11962: ----------------------------------- Summary: Sasl message with MD5 challenge text shouldn't be LOG as debug level. Key: HADOOP-11962 URL: https://issues.apache.org/jira/browse/HADOOP-11962 Project: Hadoop Common Issue Type: Bug Components: ipc, security Affects Versions: 2.6.0 Reporter: Junping Du Assignee: Junping Du Priority: Critical
Some log examples: {noformat} 2014-09-24 05:42:12,975 DEBUG security.SaslRpcServer (SaslRpcServer.java:create(174)) - Created SASL server with mechanism = DIGEST-MD5 2014-09-24 05:42:12,977 DEBUG ipc.Server (Server.java:doSaslReply(1424)) - Sending sasl message state: NEGOTIATE auths { method: "TOKEN" mechanism: "DIGEST-MD5" protocol: "" serverId: "default" challenge: "realm=\"default\",nonce=\"yIvZDpbzGGq3yIrMynVKnEv9Z0qw6lxpr9nZxm0r\",qop=\"auth\",charset=utf-8,algorithm=md5-sess" } ... ... 2014-09-24 06:21:59,146 DEBUG ipc.Server (Server.java:doSaslReply(1424)) - Sending sasl message state: CHALLENGE token: "`l\006\t*\206H\206\367\022\001\002\002\002\000o]0[\240\003\002\001\005\241\003\002\001\017\242O0M\240\003\002\001\020\242F\004D#\030\336|kb\232\033V\340\342F\334\230\347\230\362)u!=\215\271\006\244:\244\221vn\215*\323\353\360\350\3006\366\3340\245\371Ri\273\374\307\017\207Z\233\326\217\224!yo$\373\233\315:JsY!^?" {noformat} We should get rid of this kind of log in production environment even under debug log level. -- This message was sent by Atlassian JIRA (v6.3.4#6332)