[jira] [Updated] (HBASE-14045) Bumping thrift version to 0.9.2.

Srikanth Srungarapu (JIRA) Mon, 13 Jul 2015 21:55:37 -0700

     [ 
https://issues.apache.org/jira/browse/HBASE-14045?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Srikanth Srungarapu updated HBASE-14045:
----------------------------------------
    Status: Patch Available  (was: Open)

> Bumping thrift version to 0.9.2.
> --------------------------------
>
>                 Key: HBASE-14045
>                 URL: https://issues.apache.org/jira/browse/HBASE-14045
>             Project: HBase
>          Issue Type: Improvement
>            Reporter: Srikanth Srungarapu
>            Assignee: Srikanth Srungarapu
>             Fix For: 2.0.0, 1.3.0
>
>         Attachments: HBASE-14045.patch
>
>
> From mailing list conversation:
> {quote}
> Currently, HBase is using Thrift 0.9.0 version, with the latest  version 
> being 0.9.2. Currently, the HBase Thrift gateway is vulnerable to crashes due 
> to THRIFT-2660 when used with default transport and the workaround for this 
> problem is switching to framed transport. Unfortunately, the recently added 
> impersonation support \[1\] doesn't work with framed transport leaving thrift 
> gateway using this feature susceptible to crashes.  Updating thrift version 
> to 0.9.2 will help us in mitigating this problem. Given that security is one 
> of key requirements for the production clusters, it would be good to ensure 
> our users that security features in thrift gateway can be used without any 
> major concerns. Aside this, there are also some nice fixes pertaining to  
> leaky resources in 0.9.2 like \[2\] and \[3\].
> As far compatibility guarantees are concerned, thrift assures 100% wire 
> compatibility. However, it is my understanding that there were some minor 
> additions (new API) in 0.9.2 \[4\] which won't work in 0.9.0, but that won't 
> affect us since we are not using those features. And I tried running test 
> suite and did manual testing with thrift version set to 0.9.2 and things are 
> running smoothly. If there are no objections to this change, I would be more 
> than happy to file a jira and follow this up.
> \[1\] https://issues.apache.org/jira/browse/HBASE-11349
> \[2\] https://issues.apache.org/jira/browse/THRIFT-2274
> \[3\] https://issues.apache.org/jira/browse/THRIFT-2359
> \[4\] 
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310800&version=12324954
> {quote}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (HBASE-14045) Bumping thrift version to 0.9.2.

Reply via email to