[ https://issues.apache.org/jira/browse/HDFS-13617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16524793#comment-16524793 ]
Erik Krogen commented on HDFS-13617: ------------------------------------ Hey [~vagarychen], I just tried to apply this on trunk and the patch failed to apply. Can you try rebasing again? Some initial thoughts: * {{PBHelperClient}} L357 is checking if {{builder}} has a handshake secret; it should be checking {{tok}} * For {{DFS_QOP_WRAP_HMAC_ALGORITHM_DEFAULT}}, it looks like other similar usages hard-code this. Does this need to be configurable? * Is {{IOException}} really the right exception to throw for the two misconfiguration cases within the {{NameNodeRpcServer}} constructor? I think a {{Precondition}} or {{IllegalArgumentException}} or something would be more suitable. * The {{Mac}} instance needs to be {{ThreadLocal}}. It could also use a more descriptive name. * Looking at the patch makes me feel that we need to reduce the attack surface for replay attacks. For example, instead of just generating a secret of the QOP, can we generate a secret of the QOP + clientUserName (which can't be faked due to Kerberos auth)? I think ideally it would contain some combination of the QOP, client user name, client IP, and block ID. Just for my reference, this patch *only* adds the NameNode side of things; the client / DataNode handling is in HDFS-13699. > Allow wrapping NN QOP into token in encrypted message > ----------------------------------------------------- > > Key: HDFS-13617 > URL: https://issues.apache.org/jira/browse/HDFS-13617 > Project: Hadoop HDFS > Issue Type: Sub-task > Reporter: Chen Liang > Assignee: Chen Liang > Priority: Major > Attachments: HDFS-13617.001.patch, HDFS-13617.002.patch > > > This Jira allows NN to configurably wrap the QOP it has established with the > client into the token message sent back to the client. The QOP is sent back > in encrypted message, using BlockAccessToken encryption key as the key. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org