pan3793 commented on code in PR #55308:
URL: https://github.com/apache/spark/pull/55308#discussion_r3217110108
##########
sql/catalyst/src/main/scala/org/apache/spark/sql/internal/StaticSQLConf.scala:
##########
@@ -122,6 +122,17 @@ object StaticSQLConf {
.booleanConf
.createWithDefault(false)
+ val HIVE_THRIFT_SERVER_HTTP_SNI_HOST_CHECK_ENABLED =
+ buildStaticConf("spark.sql.hive.thriftServer.http.sniHostCheckEnabled")
+ .internal()
+ .doc("Whether to enable Jetty's SNI host check on the
ThriftHttpCLIService HTTPS " +
+ "connector. Since SPARK-45522 (Jetty 10+), Spark has disabled SNI host
check to " +
+ "preserve backward compatibility. Set to true to enforce SNI host
checking for " +
+ "stricter security. See SPARK-54293.")
+ .version("4.2.0")
Review Comment:
code change lgtm, this requires a PMC member to justify whether to include
this in 4.2 as a late-arriving feature.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
