Srikanth Srungarapu created HBASE-14045:
-------------------------------------------

             Summary: Bumping thrift version to 0.9.2.
                 Key: HBASE-14045
                 URL: https://issues.apache.org/jira/browse/HBASE-14045
             Project: HBase
          Issue Type: Improvement
            Reporter: Srikanth Srungarapu
            Assignee: Srikanth Srungarapu
             Fix For: 2.0.0, 1.3.0


>From mailing list conversation:
{quote}

Currently, HBase is using Thrift 0.9.0 version, with the latest  version being 
0.9.2. Currently, the HBase Thrift gateway is vulnerable to crashes due to 
THRIFT-2660 when used with default transport and the workaround for this 
problem is switching to framed transport. Unfortunately, the recently added 
impersonation support \[1\] doesn't work with framed transport leaving thrift 
gateway using this feature susceptible to crashes.  Updating thrift version to 
0.9.2 will help us in mitigating this problem. Given that security is one of 
key requirements for the production clusters, it would be good to ensure our 
users that security features in thrift gateway can be used without any major 
concerns. Aside this, there are also some nice fixes pertaining to  leaky 
resources in 0.9.2 like \[2\] and \[3\].

As far compatibility guarantees are concerned, thrift assures 100% wire 
compatibility. However, it is my understanding that there were some minor 
additions (new API) in 0.9.2 \[4\] which won't work in 0.9.0, but that won't 
affect us since we are not using those features. And I tried running test suite 
and did manual testing with thrift version set to 0.9.2 and things are running 
smoothly. If there are no objections to this change, I would be more than happy 
to file a jira and follow this up.

\[1\] https://issues.apache.org/jira/browse/HBASE-11349
\[2\] https://issues.apache.org/jira/browse/THRIFT-2274
\[3\] https://issues.apache.org/jira/browse/THRIFT-2359
\[4\] 
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310800&version=12324954
{quote}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to