Dan Burkert has posted comments on this change. Change subject: [security] Add per-connection nonce for Kerberos replay resistance ......................................................................
Patch Set 3: (8 comments) http://gerrit.cloudera.org:8080/#/c/6137/3//COMMIT_MSG Commit Message: PS3, Line 11: and is extremely slow in older versions of the library. > I think it's extremely slow in all versions of the library (the "avoid fsyn Done http://gerrit.cloudera.org:8080/#/c/6137/3/docs/design-docs/rpc.md File docs/design-docs/rpc.md: PS3, Line 543: against Kerberos replay attacks. > think it's worth adding here something like "Kerberos's built-in replay att Done http://gerrit.cloudera.org:8080/#/c/6137/3/src/kudu/rpc/client_negotiation.cc File src/kudu/rpc/client_negotiation.cc: PS3, Line 619: if (!response.has_channel_bindings()) { : return Status::NotAuthorized("no channel bindings provided by server"); : } > nit: Is it worth retrieving remote certificate and generating channel bindi Done PS3, Line 625: response.channel_bindings(), : &received_channel_bindings), > nit: off-by-one shift Done http://gerrit.cloudera.org:8080/#/c/6137/3/src/kudu/rpc/rpc_header.proto File src/kudu/rpc/rpc_header.proto: PS3, Line 57: negotatition > nit: typo Done PS3, Line 60: nonce > rename this field to "wrapped_nonce" or "nonce_reply" or something? it seem Done http://gerrit.cloudera.org:8080/#/c/6137/3/src/kudu/rpc/server_negotiation.cc File src/kudu/rpc/server_negotiation.cc: PS3, Line 719: nonce_ = string(kNonceSize, '\0'); : RETURN_NOT_OK(security::GenerateNonce(*nonce_)); : : // Sanity check the nonce. : DCHECK_EQ(kNonceSize, nonce_->size()); : DCHECK_NE(*nonce_, "\0\0\0\0\0\0\0\0"); : > this smells a little goofy to me. why do you have to pre-initialize nonce_? Done http://gerrit.cloudera.org:8080/#/c/6137/3/src/kudu/security/crypto.cc File src/kudu/security/crypto.cc: PS3, Line 246: Slice > nit: consider using Slice* to conform with the style guide. changed to string* -- To view, visit http://gerrit.cloudera.org:8080/6137 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: If0fb433896963be5e81d349ebf3a044a458e6627 Gerrit-PatchSet: 3 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Dan Burkert <danburk...@apache.org> Gerrit-Reviewer: Alexey Serbin <aser...@cloudera.com> Gerrit-Reviewer: Dan Burkert <danburk...@apache.org> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Todd Lipcon <t...@apache.org> Gerrit-HasComments: Yes