[
https://issues.apache.org/jira/browse/ZOOKEEPER-4895?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kezhu Wang resolved ZOOKEEPER-4895.
-----------------------------------
Fix Version/s: 3.9.4
3.10.0
Resolution: Fixed
Issue resolved by pull request 2223
[https://github.com/apache/zookeeper/pull/2223]
> Introduce a helper function for C client to generate password for SASL
> authentication
> -------------------------------------------------------------------------------------
>
> Key: ZOOKEEPER-4895
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4895
> Project: ZooKeeper
> Issue Type: New Feature
> Components: c client, security
> Reporter: Dan Wang
> Assignee: Dan Wang
> Priority: Minor
> Labels: pull-request-available
> Fix For: 3.9.4, 3.10.0
>
> Time Spent: 2h
> Remaining Estimate: 0h
>
> C client has provided zoo_sasl_make_basic_callbacks() function to help users
> initialize SASL callbacks with the password in the specified file. The client
> would use this password directly for SASL authentication.
> However, considering the security of the production environment, the password
> in a file is usually encrypted. Also, security software also scans files in
> the system and will issue an alert if it detects an unencrypted password.
> Therefore, we need a mechanism to read the encrypted text from the file and
> decrypt it to obtain the real password.
> To achieve this, a helper function is introduced to decrypt the encrypted
> text in the file using a user-provided custom callback. A handback object is
> also introduced to provide necessary information for the decryption.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
