[GitHub] drill pull request #773: DRILL-4335: Apache Drill should support network enc...

Mon, 17 Apr 2017 00:42:52 -0700 

Github user sohami commented on a diff in the pull request:

    https://github.com/apache/drill/pull/773#discussion_r111646237
  
    --- Diff: 
exec/java-exec/src/main/java/org/apache/drill/exec/rpc/BitConnectionConfig.java 
---
    @@ -46,16 +47,40 @@ protected BitConnectionConfig(BufferAllocator 
allocator, BootStrapContext contex
         super(allocator, context);
     
         final DrillConfig config = context.getConfig();
    +    final AuthenticatorProvider authProvider = getAuthProvider();
    +
         if (config.getBoolean(ExecConstants.BIT_AUTHENTICATION_ENABLED)) {
           this.authMechanismToUse = 
config.getString(ExecConstants.BIT_AUTHENTICATION_MECHANISM);
           try {
    -        getAuthProvider().getAuthenticatorFactory(authMechanismToUse);
    +        authProvider.getAuthenticatorFactory(authMechanismToUse);
           } catch (final SaslException e) {
             throw new DrillbitStartupException(String.format(
                 "'%s' mechanism not found for bit-to-bit authentication. 
Please check authentication configuration.",
                 authMechanismToUse));
           }
    -      logger.info("Configured bit-to-bit connections to require 
authentication using: {}", authMechanismToUse);
    +
    +      // Update encryption related configurations
    +      
encryptionContext.setEncryption(config.getBoolean(ExecConstants.BIT_SASL_ENCRYPTION_ENABLED));
    +
    +      int maxEncodeSize = 
config.getInt(ExecConstants.BIT_SASL_ENCRYPTION_ENCODESIZE);
    +
    +      if(maxEncodeSize > RpcConstants.MAX_WRAP_SIZE) {
    +        logger.warn("Setting bit.sasl.encryption.encodesize to maximum 
allowed value of 16MB");
    +        maxEncodeSize = RpcConstants.MAX_WRAP_SIZE;
    +      }
    +      encryptionContext.setWrappedChunkSize(maxEncodeSize);
    --- End diff --
    
    Sorry about the confusion. I have renamed the variables, hope that helps.
    
    maxEncodeSize -- maxWrappedSize. This configurable parameter defines the 
maximum size of wrapped buffer that wrap call can produce. It's negotiated as 
part of SASL handshake and has maximum limit of 16MB
    rawSendSize -- wrapSizeLimit. This parameter (non-configurable) is the 
maximum plain buffer size which we can pass to wrap function so that wrapped 
buffer size doesn't exceed maxWrappedSize. This is obtained after SASL 
negotiation is completed.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---

Reply via email to