[jira] [Assigned] (HIVE-11555) Beeline sends password in clear text if we miss -ssl=true flag in the connect string
[ https://issues.apache.org/jira/browse/HIVE-11555?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Junjie Chen reassigned HIVE-11555: -- Assignee: (was: Junjie Chen) > Beeline sends password in clear text if we miss -ssl=true flag in the connect > string > > > Key: HIVE-11555 > URL: https://issues.apache.org/jira/browse/HIVE-11555 > Project: Hive > Issue Type: Bug > Components: Beeline >Affects Versions: 1.2.0 >Reporter: bharath v > > {code} > I used tcpdump to display the network traffic: > [root@fe01 ~]# beeline > Beeline version 0.13.1-cdh5.3.2 by Apache Hive > beeline> !connect jdbc:hive2://fe01.sectest.poc:1/default > Connecting to jdbc:hive2://fe01.sectest.poc:1/default > Enter username for jdbc:hive2://fe01.sectest.poc:1/default: tdaranyi > Enter password for jdbc:hive2://fe01.sectest.poc:1/default: * > (I entered "cleartext" as the password) > The tcpdump in a different window > tdara...@fe01.sectest.poc:~$ sudo tcpdump -n -X -i lo port 1 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on lo, link-type EN10MB (Ethernet), capture size 65535 bytes > (...) > 10:25:16.329974 IP 192.168.32.102.54322 > 192.168.32.102.ndmp: Flags [P.], > seq 11:35, ack 1, win 512, options [nop,nop,TS val 2412851969 ecr > 2412851969], length 24 > 0x: 4500 004c 3dd3 4000 4006 3abc c0a8 2066 E..L=.@.@.:f > 0x0010: c0a8 2066 d432 2710 714c 0edc b45c 9268 ...f.2'.qL...\.h > 0x0020: 8018 0200 c25b 0101 080a 8fd1 3301 .[3. > 0x0030: 8fd1 3301 0500 1300 7464 6172 616e ..3...tdaran > 0x0040: 7969 0063 6c65 6172 7465 7874 yi.cleartext > (...) > {code} > We rely on the user supplied configuration to decide whether to open an SSL > socket or a Plain one. Instead we can negotiate this information from the HS2 > and connect accordingly. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Assigned] (HIVE-11555) Beeline sends password in clear text if we miss -ssl=true flag in the connect string
[ https://issues.apache.org/jira/browse/HIVE-11555?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Junjie Chen reassigned HIVE-11555: -- Assignee: Junjie Chen > Beeline sends password in clear text if we miss -ssl=true flag in the connect > string > > > Key: HIVE-11555 > URL: https://issues.apache.org/jira/browse/HIVE-11555 > Project: Hive > Issue Type: Bug > Components: Beeline >Affects Versions: 1.2.0 >Reporter: bharath v >Assignee: Junjie Chen > > {code} > I used tcpdump to display the network traffic: > [root@fe01 ~]# beeline > Beeline version 0.13.1-cdh5.3.2 by Apache Hive > beeline> !connect jdbc:hive2://fe01.sectest.poc:1/default > Connecting to jdbc:hive2://fe01.sectest.poc:1/default > Enter username for jdbc:hive2://fe01.sectest.poc:1/default: tdaranyi > Enter password for jdbc:hive2://fe01.sectest.poc:1/default: * > (I entered "cleartext" as the password) > The tcpdump in a different window > tdara...@fe01.sectest.poc:~$ sudo tcpdump -n -X -i lo port 1 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on lo, link-type EN10MB (Ethernet), capture size 65535 bytes > (...) > 10:25:16.329974 IP 192.168.32.102.54322 > 192.168.32.102.ndmp: Flags [P.], > seq 11:35, ack 1, win 512, options [nop,nop,TS val 2412851969 ecr > 2412851969], length 24 > 0x: 4500 004c 3dd3 4000 4006 3abc c0a8 2066 E..L=.@.@.:f > 0x0010: c0a8 2066 d432 2710 714c 0edc b45c 9268 ...f.2'.qL...\.h > 0x0020: 8018 0200 c25b 0101 080a 8fd1 3301 .[3. > 0x0030: 8fd1 3301 0500 1300 7464 6172 616e ..3...tdaran > 0x0040: 7969 0063 6c65 6172 7465 7874 yi.cleartext > (...) > {code} > We rely on the user supplied configuration to decide whether to open an SSL > socket or a Plain one. Instead we can negotiate this information from the HS2 > and connect accordingly. -- This message was sent by Atlassian JIRA (v6.3.4#6332)