[jira] [Issue Comment Edited] (CASSANDRA-3462) Determine IP address of Message sender from the socket, rather than trusting the sender

Mon, 07 Nov 2011 07:55:16 -0800 

    [ 
https://issues.apache.org/jira/browse/CASSANDRA-3462?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13145513#comment-13145513
 ] 

David Allsopp edited comment on CASSANDRA-3462 at 11/7/11 3:54 PM:
-------------------------------------------------------------------

This small patch corrects the Header if the IP addresses don't match. 
Unfortunately it breaks org.apache.cassandra.service.RemoveTest, which creates 
a ring of nodes with fake IP addresses (127.0.0.2 etc), so not really sure how 
to proceed... Probably need a static flag that the tests can unset to bypass 
the IP check, which seems a little ugly.
                
      was (Author: dallsopp):
    This small patch corrects the Header if the IP addresses don't match. 
Unfortunately it breaks org.apache.cassandra.service.RemoveTest, which creates 
a ring of nodes with fake IP addresses (127.0.0.2 etc), so not really sure how 
to proceed...
                  
> Determine IP address of Message sender from the socket, rather than trusting 
> the sender
> ---------------------------------------------------------------------------------------
>
>                 Key: CASSANDRA-3462
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-3462
>             Project: Cassandra
>          Issue Type: Sub-task
>          Components: Core
>    Affects Versions: 1.0.1
>         Environment: All.
>            Reporter: David Allsopp
>              Labels: authentication, security
>         Attachments: Cassandra-3462.patch
>
>
> A prerequisite for preventing malicious nodes from joining a cluster (parent 
> issue https://issues.apache.org/jira/browse/CASSANDRA-2274) is that we can 
> determine the IP of the sender (setting aside the fact that this may be 
> spoofed by a determined attacker). 
> Currently we deserialize the "from" IP address from the incoming message 
> header, using Header.deserialize() and 
> CompactEndpointSerializationHelper.deserialize() i.e. we trust the sender to 
> supply a true IP address.
> We could stop storing the IP address in the message Header at all (saving a 
> small amount of space) and set the 'true' sender IP upon receipt of the 
> message, in org.apache.cassandra.net.IncomingTcpConnection, using 
> socket.getInetAddress().

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to