[
https://issues.apache.org/jira/browse/HDFS-7313?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Chris Nauroth updated HDFS-7313:
--------------------------------
Attachment: HDFS-7313.1.patch
Full disclosure: Support for configuration was discussed once before in
HDFS-6606, and the decision at that time was to not make it configurable. See
several comments starting here:
https://issues.apache.org/jira/browse/HDFS-6606?focusedCommentId=14145832&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14145832
However, since then, I've heard feedback that it would be preferable to
maintain the existing behavior of 3DES or RC4 in existing clusters by default,
and activate AES only if configured explicitly. This is seen as a safety net
for managing rollout of the new feature in 2.6.0. There is no argument against
AES as the superior choice, so we can revisit switching it to the default in a
future release after some stabilization time.
[~hitliuyi] and [~atm], you participated in the HDFS-6606 discussion. What do
you think of this patch?
Here is a summary of the changes.
* {{SecureMode.apt.vm}}: While I was working on this, I decided to update the
docs to cover our new encryption capabilities.
* {{GenericTestUtils}}: Added new test helper method.
* {{DFSConfigKeys}}/{{hdfs-default.xml}}}: Defined new configuration property
for specifying cipher suites used during DataTransferProtocol encryption.
* {{DataTransferSaslUtil}}: On the server side, only negotiate AES if it's
configured.
* {{SaslDataTransferClient}}: On the client side, only negotiate AES if it's
configured.
* {{DataXceiver}}: This fixes a regression that I had introduced in my
HDFS-2856 patch. The fix restores some special case handling from Aaron's
earlier HDFS-3637 patch. We didn't catch the regression earlier because of a
bug in the tests. (See below.)
* {{TestEncryptedTransfer}}: I changed test assertions on existing tests to
assert that AES is not used, and I added a new test with AES configured. I
discovered that some of the assertions in this suite have not been running due
to an erroneous check on {{resolverClazz}}. If it's ever non-null, then it's
going to be {{TestTrustedChannelResolver}}, effectively meaning that the
assertions were never running. I fixed this and confirmed that the assertions
are running now.
> Support optional configuration of AES cipher suite on DataTransferProtocol.
> ---------------------------------------------------------------------------
>
> Key: HDFS-7313
> URL: https://issues.apache.org/jira/browse/HDFS-7313
> Project: Hadoop HDFS
> Issue Type: Improvement
> Components: datanode, hdfs-client, security
> Reporter: Chris Nauroth
> Assignee: Chris Nauroth
> Attachments: HDFS-7313.1.patch
>
>
> HDFS-6606 introduced use of AES for encryption of DataTransferProtocol. This
> issue proposes introduction of a configuration property for administrators to
> control whether or not AES is used or the existing support for 3DES and RC4
> is used.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
