[jira] [Assigned] (SPARK-23538) Simplify SSL configuration for https client

2018-03-05 Thread Marcelo Vanzin (JIRA)

 [ 
https://issues.apache.org/jira/browse/SPARK-23538?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Marcelo Vanzin reassigned SPARK-23538:
--

Assignee: Marcelo Vanzin

> Simplify SSL configuration for https client
> ---
>
> Key: SPARK-23538
> URL: https://issues.apache.org/jira/browse/SPARK-23538
> Project: Spark
>  Issue Type: Improvement
>  Components: Spark Core
>Affects Versions: 2.4.0
>Reporter: Marcelo Vanzin
>Assignee: Marcelo Vanzin
>Priority: Minor
> Fix For: 2.4.0
>
>
> There's code in {{SecurityManager}} that is used to configure SSL for the 
> code that downloads dependencies from https servers:
> {code}
>   // SSL configuration for the file server. This is used by 
> Utils.setupSecureURLConnection().
>   val fileServerSSLOptions = getSSLOptions("fs")
>   val (sslSocketFactory, hostnameVerifier) = if 
> (fileServerSSLOptions.enabled) {
> ...
> {code}
> It was added for an old feature that doesn't exist anymore (the "file server" 
> referenced in the comment), but can still be used to configure the built-in 
> JRE SSL code with a custom trust store, for example.
> We should instead:
> - move this code out of SecurityManager, and place it where it's actually 
> used ({{Utils.setupSecureURLConnection}}.
> - remove the dummy trust manager / host verifier since they don't make a lot 
> of sense for the client code (and only made slightly more sense for the file 
> server case).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

-
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org



[jira] [Assigned] (SPARK-23538) Simplify SSL configuration for https client

2018-03-02 Thread Apache Spark (JIRA)

 [ 
https://issues.apache.org/jira/browse/SPARK-23538?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Apache Spark reassigned SPARK-23538:


Assignee: (was: Apache Spark)

> Simplify SSL configuration for https client
> ---
>
> Key: SPARK-23538
> URL: https://issues.apache.org/jira/browse/SPARK-23538
> Project: Spark
>  Issue Type: Improvement
>  Components: Spark Core
>Affects Versions: 2.4.0
>Reporter: Marcelo Vanzin
>Priority: Minor
>
> There's code in {{SecurityManager}} that is used to configure SSL for the 
> code that downloads dependencies from https servers:
> {code}
>   // SSL configuration for the file server. This is used by 
> Utils.setupSecureURLConnection().
>   val fileServerSSLOptions = getSSLOptions("fs")
>   val (sslSocketFactory, hostnameVerifier) = if 
> (fileServerSSLOptions.enabled) {
> ...
> {code}
> It was added for an old feature that doesn't exist anymore (the "file server" 
> referenced in the comment), but can still be used to configure the built-in 
> JRE SSL code with a custom trust store, for example.
> We should instead:
> - move this code out of SecurityManager, and place it where it's actually 
> used ({{Utils.setupSecureURLConnection}}.
> - remove the dummy trust manager / host verifier since they don't make a lot 
> of sense for the client code (and only made slightly more sense for the file 
> server case).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

-
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org



[jira] [Assigned] (SPARK-23538) Simplify SSL configuration for https client

2018-03-02 Thread Apache Spark (JIRA)

 [ 
https://issues.apache.org/jira/browse/SPARK-23538?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Apache Spark reassigned SPARK-23538:


Assignee: Apache Spark

> Simplify SSL configuration for https client
> ---
>
> Key: SPARK-23538
> URL: https://issues.apache.org/jira/browse/SPARK-23538
> Project: Spark
>  Issue Type: Improvement
>  Components: Spark Core
>Affects Versions: 2.4.0
>Reporter: Marcelo Vanzin
>Assignee: Apache Spark
>Priority: Minor
>
> There's code in {{SecurityManager}} that is used to configure SSL for the 
> code that downloads dependencies from https servers:
> {code}
>   // SSL configuration for the file server. This is used by 
> Utils.setupSecureURLConnection().
>   val fileServerSSLOptions = getSSLOptions("fs")
>   val (sslSocketFactory, hostnameVerifier) = if 
> (fileServerSSLOptions.enabled) {
> ...
> {code}
> It was added for an old feature that doesn't exist anymore (the "file server" 
> referenced in the comment), but can still be used to configure the built-in 
> JRE SSL code with a custom trust store, for example.
> We should instead:
> - move this code out of SecurityManager, and place it where it's actually 
> used ({{Utils.setupSecureURLConnection}}.
> - remove the dummy trust manager / host verifier since they don't make a lot 
> of sense for the client code (and only made slightly more sense for the file 
> server case).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

-
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org