[jira] [Assigned] (SPARK-23538) Simplify SSL configuration for https client
[ https://issues.apache.org/jira/browse/SPARK-23538?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Marcelo Vanzin reassigned SPARK-23538: -- Assignee: Marcelo Vanzin > Simplify SSL configuration for https client > --- > > Key: SPARK-23538 > URL: https://issues.apache.org/jira/browse/SPARK-23538 > Project: Spark > Issue Type: Improvement > Components: Spark Core >Affects Versions: 2.4.0 >Reporter: Marcelo Vanzin >Assignee: Marcelo Vanzin >Priority: Minor > Fix For: 2.4.0 > > > There's code in {{SecurityManager}} that is used to configure SSL for the > code that downloads dependencies from https servers: > {code} > // SSL configuration for the file server. This is used by > Utils.setupSecureURLConnection(). > val fileServerSSLOptions = getSSLOptions("fs") > val (sslSocketFactory, hostnameVerifier) = if > (fileServerSSLOptions.enabled) { > ... > {code} > It was added for an old feature that doesn't exist anymore (the "file server" > referenced in the comment), but can still be used to configure the built-in > JRE SSL code with a custom trust store, for example. > We should instead: > - move this code out of SecurityManager, and place it where it's actually > used ({{Utils.setupSecureURLConnection}}. > - remove the dummy trust manager / host verifier since they don't make a lot > of sense for the client code (and only made slightly more sense for the file > server case). -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org For additional commands, e-mail: issues-h...@spark.apache.org
[jira] [Assigned] (SPARK-23538) Simplify SSL configuration for https client
[ https://issues.apache.org/jira/browse/SPARK-23538?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Apache Spark reassigned SPARK-23538: Assignee: (was: Apache Spark) > Simplify SSL configuration for https client > --- > > Key: SPARK-23538 > URL: https://issues.apache.org/jira/browse/SPARK-23538 > Project: Spark > Issue Type: Improvement > Components: Spark Core >Affects Versions: 2.4.0 >Reporter: Marcelo Vanzin >Priority: Minor > > There's code in {{SecurityManager}} that is used to configure SSL for the > code that downloads dependencies from https servers: > {code} > // SSL configuration for the file server. This is used by > Utils.setupSecureURLConnection(). > val fileServerSSLOptions = getSSLOptions("fs") > val (sslSocketFactory, hostnameVerifier) = if > (fileServerSSLOptions.enabled) { > ... > {code} > It was added for an old feature that doesn't exist anymore (the "file server" > referenced in the comment), but can still be used to configure the built-in > JRE SSL code with a custom trust store, for example. > We should instead: > - move this code out of SecurityManager, and place it where it's actually > used ({{Utils.setupSecureURLConnection}}. > - remove the dummy trust manager / host verifier since they don't make a lot > of sense for the client code (and only made slightly more sense for the file > server case). -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org For additional commands, e-mail: issues-h...@spark.apache.org
[jira] [Assigned] (SPARK-23538) Simplify SSL configuration for https client
[ https://issues.apache.org/jira/browse/SPARK-23538?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Apache Spark reassigned SPARK-23538: Assignee: Apache Spark > Simplify SSL configuration for https client > --- > > Key: SPARK-23538 > URL: https://issues.apache.org/jira/browse/SPARK-23538 > Project: Spark > Issue Type: Improvement > Components: Spark Core >Affects Versions: 2.4.0 >Reporter: Marcelo Vanzin >Assignee: Apache Spark >Priority: Minor > > There's code in {{SecurityManager}} that is used to configure SSL for the > code that downloads dependencies from https servers: > {code} > // SSL configuration for the file server. This is used by > Utils.setupSecureURLConnection(). > val fileServerSSLOptions = getSSLOptions("fs") > val (sslSocketFactory, hostnameVerifier) = if > (fileServerSSLOptions.enabled) { > ... > {code} > It was added for an old feature that doesn't exist anymore (the "file server" > referenced in the comment), but can still be used to configure the built-in > JRE SSL code with a custom trust store, for example. > We should instead: > - move this code out of SecurityManager, and place it where it's actually > used ({{Utils.setupSecureURLConnection}}. > - remove the dummy trust manager / host verifier since they don't make a lot > of sense for the client code (and only made slightly more sense for the file > server case). -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org For additional commands, e-mail: issues-h...@spark.apache.org