[ https://issues.apache.org/jira/browse/DRILL-4335?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15970794#comment-15970794 ]
ASF GitHub Bot commented on DRILL-4335: --------------------------------------- Github user sohami commented on a diff in the pull request: https://github.com/apache/drill/pull/773#discussion_r111649193 --- Diff: exec/rpc/src/main/java/org/apache/drill/exec/rpc/SaslDecryptionHandler.java --- @@ -0,0 +1,158 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.drill.exec.rpc; + +import io.netty.buffer.ByteBuf; +import io.netty.channel.ChannelHandlerContext; +import io.netty.handler.codec.MessageToMessageDecoder; + +import org.apache.drill.exec.exception.OutOfMemoryException; + +import java.io.IOException; +import java.nio.ByteBuffer; +import java.nio.ByteOrder; +import java.util.List; +/** + * Handler to Decrypt the input ByteBuf. It expects input to be in format where it has length of the bytes to + * decode in network order and actual encrypted bytes. The handler reads the length and then reads the + * required bytes to pass it to unwrap function for decryption. The decrypted buffer is copied to a new + * ByteBuf and added to out list. + * <p> + * Example: + * <li>Input - [EBLN1, EB1, EBLN2, EB2] --> ByteBuf with repeated combination of encrypted byte length + * in network order (EBLNx) and encrypted bytes (EB) + * <li>Output - [DB1] --> Decrypted ByteBuf of first chunk.(EB1) + * </p> + */ +class SaslDecryptionHandler extends MessageToMessageDecoder<ByteBuf> { + + final org.slf4j.Logger logger; --- End diff -- fixed. > Apache Drill should support network encryption > ---------------------------------------------- > > Key: DRILL-4335 > URL: https://issues.apache.org/jira/browse/DRILL-4335 > Project: Apache Drill > Issue Type: New Feature > Reporter: Keys Botzum > Assignee: Sorabh Hamirwasia > Labels: security > Attachments: ApacheDrillEncryptionUsingSASLDesign.pdf > > > This is clearly related to Drill-291 but wanted to make explicit that this > needs to include network level encryption and not just authentication. This > is particularly important for the client connection to Drill which will often > be sending passwords in the clear until there is encryption. -- This message was sent by Atlassian JIRA (v6.3.15#6346)