[jira] [Assigned] (SPARK-23538) Simplify SSL configuration for https client
[
https://issues.apache.org/jira/browse/SPARK-23538?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Marcelo Vanzin reassigned SPARK-23538:
--
Assignee: Marcelo Vanzin
> Simplify SSL configuration for https client
> ---
>
> Key: SPARK-23538
> URL: https://issues.apache.org/jira/browse/SPARK-23538
> Project: Spark
> Issue Type: Improvement
> Components: Spark Core
>Affects Versions: 2.4.0
>Reporter: Marcelo Vanzin
>Assignee: Marcelo Vanzin
>Priority: Minor
> Fix For: 2.4.0
>
>
> There's code in {{SecurityManager}} that is used to configure SSL for the
> code that downloads dependencies from https servers:
> {code}
> // SSL configuration for the file server. This is used by
> Utils.setupSecureURLConnection().
> val fileServerSSLOptions = getSSLOptions("fs")
> val (sslSocketFactory, hostnameVerifier) = if
> (fileServerSSLOptions.enabled) {
> ...
> {code}
> It was added for an old feature that doesn't exist anymore (the "file server"
> referenced in the comment), but can still be used to configure the built-in
> JRE SSL code with a custom trust store, for example.
> We should instead:
> - move this code out of SecurityManager, and place it where it's actually
> used ({{Utils.setupSecureURLConnection}}.
> - remove the dummy trust manager / host verifier since they don't make a lot
> of sense for the client code (and only made slightly more sense for the file
> server case).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org
[jira] [Assigned] (SPARK-23538) Simplify SSL configuration for https client
[
https://issues.apache.org/jira/browse/SPARK-23538?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Apache Spark reassigned SPARK-23538:
Assignee: (was: Apache Spark)
> Simplify SSL configuration for https client
> ---
>
> Key: SPARK-23538
> URL: https://issues.apache.org/jira/browse/SPARK-23538
> Project: Spark
> Issue Type: Improvement
> Components: Spark Core
>Affects Versions: 2.4.0
>Reporter: Marcelo Vanzin
>Priority: Minor
>
> There's code in {{SecurityManager}} that is used to configure SSL for the
> code that downloads dependencies from https servers:
> {code}
> // SSL configuration for the file server. This is used by
> Utils.setupSecureURLConnection().
> val fileServerSSLOptions = getSSLOptions("fs")
> val (sslSocketFactory, hostnameVerifier) = if
> (fileServerSSLOptions.enabled) {
> ...
> {code}
> It was added for an old feature that doesn't exist anymore (the "file server"
> referenced in the comment), but can still be used to configure the built-in
> JRE SSL code with a custom trust store, for example.
> We should instead:
> - move this code out of SecurityManager, and place it where it's actually
> used ({{Utils.setupSecureURLConnection}}.
> - remove the dummy trust manager / host verifier since they don't make a lot
> of sense for the client code (and only made slightly more sense for the file
> server case).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org
[jira] [Assigned] (SPARK-23538) Simplify SSL configuration for https client
[
https://issues.apache.org/jira/browse/SPARK-23538?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Apache Spark reassigned SPARK-23538:
Assignee: Apache Spark
> Simplify SSL configuration for https client
> ---
>
> Key: SPARK-23538
> URL: https://issues.apache.org/jira/browse/SPARK-23538
> Project: Spark
> Issue Type: Improvement
> Components: Spark Core
>Affects Versions: 2.4.0
>Reporter: Marcelo Vanzin
>Assignee: Apache Spark
>Priority: Minor
>
> There's code in {{SecurityManager}} that is used to configure SSL for the
> code that downloads dependencies from https servers:
> {code}
> // SSL configuration for the file server. This is used by
> Utils.setupSecureURLConnection().
> val fileServerSSLOptions = getSSLOptions("fs")
> val (sslSocketFactory, hostnameVerifier) = if
> (fileServerSSLOptions.enabled) {
> ...
> {code}
> It was added for an old feature that doesn't exist anymore (the "file server"
> referenced in the comment), but can still be used to configure the built-in
> JRE SSL code with a custom trust store, for example.
> We should instead:
> - move this code out of SecurityManager, and place it where it's actually
> used ({{Utils.setupSecureURLConnection}}.
> - remove the dummy trust manager / host verifier since they don't make a lot
> of sense for the client code (and only made slightly more sense for the file
> server case).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org
