[ https://issues.apache.org/jira/browse/SOLR-7126?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Yonik Seeley reopened SOLR-7126: -------------------------------- Reopening. This test (TestCryptoKeys) has been sometimes failing for me. I just saw a fail on jenkins too. > Secure loading of runtime external jars > --------------------------------------- > > Key: SOLR-7126 > URL: https://issues.apache.org/jira/browse/SOLR-7126 > Project: Solr > Issue Type: Sub-task > Reporter: Noble Paul > Assignee: Noble Paul > Labels: security > Fix For: Trunk, 5.1 > > Attachments: SOLR-7126.patch, SOLR-7126.patch, SOLR-7126.patch > > > We need to ensure that the jars loaded into solr are trusted > We shall use simple PKI to protect the jars/config loaded into the system > The following are the steps involved for doing that. > {noformat} > #Step 1: > # generate a 768-bit RSA private key. or whaterver strength you would need > $ openssl genrsa -out priv_key.pem 768 > # store your private keys safely (with a password if possible) > # output public key portion in DER format (so that Java can read it) > $ openssl rsa -in priv_key.pem -pubout -outform DER -out pub_key.der > #Step 2: > #Load the .DER files to ZK under /keys/exe > Step3: > # start all your servers with -Denable.runtime.lib=true > Step 4: > # sign the sha1 digest of your jar with one of your private keys and get the > base64 string of that signature . > $ openssl dgst -sha1 -sign priv_key.pem myjar.jar | openssl enc -base64 > #Step 5: > # load your jars into blob store . refer SOLR-6787 > #Step 6: > # use the command to add your jar to classpath as follows > {noformat} > {code} > curl http://localhost:8983/solr/collection1/config -H > 'Content-type:application/json' -d '{ > "add-runtimelib" : {"name": "jarname" , "version":2 , > "sig":"mW1Gwtz2QazjfVdrLFHfbGwcr8xzFYgUOLu68LHqWRDvLG0uLcy1McQ+AzVmeZFBf1yLPDEHBWJb5KXr8bdbHN/PYgUB1nsr9pk4EFyD9KfJ8TqeH/ijQ9waa/vjqyiKEI9U550EtSzruLVZ32wJ7smvV0fj2YYhrUaaPzOn9g0=" > }// output of step 4. concatenate the lines > }' > {code} > sig is the extra parameter that is nothing but the base64 encoded value of > the jar's sha1 signature > If no keys are present , the jar is loaded without any checking. > Before loading a jar from blob store , each Solr node would check if there > are keys present in the keys directory. If yes, each jar's signature will be > verified with all the available public keys. If atleast one succeeds , the > jar is loaded into memory. If nothing succeeds , it will be rejected -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org