[
https://issues.apache.org/jira/browse/ZOOKEEPER-4895?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kezhu Wang updated ZOOKEEPER-4895:
----------------------------------
Component/s: security
> Introduce a helper function for C client to generate password for SASL
> authentication
> -------------------------------------------------------------------------------------
>
> Key: ZOOKEEPER-4895
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4895
> Project: ZooKeeper
> Issue Type: New Feature
> Components: c client, security
> Reporter: Dan Wang
> Assignee: Dan Wang
> Priority: Minor
> Labels: pull-request-available
> Time Spent: 1h 50m
> Remaining Estimate: 0h
>
> C client has provided zoo_sasl_make_basic_callbacks() function to help users
> initialize SASL callbacks with the password in the specified file. The client
> would use this password directly for SASL authentication.
> However, considering the security of the production environment, the password
> in a file is usually encrypted. Also, security software also scans files in
> the system and will issue an alert if it detects an unencrypted password.
> Therefore, we need a mechanism to read the encrypted text from the file and
> decrypt it to obtain the real password.
> To achieve this, a helper function is introduced to decrypt the encrypted
> text in the file using a user-provided custom callback. A handback object is
> also introduced to provide necessary information for the decryption.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
