Return-Path:
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
by cust-asf2.ponee.io (Postfix) with ESMTP id 75A8A200C86
for ; Wed, 26 Apr 2017 04:37:16 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
id 744BD160BB9; Wed, 26 Apr 2017 02:37:16 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
by cust-asf.ponee.io (Postfix) with SMTP id A06EC160BB8
for ; Wed, 26 Apr 2017 04:37:15 +0200 (CEST)
Received: (qmail 67254 invoked by uid 500); 26 Apr 2017 02:37:14 -0000
Mailing-List: contact issues-help@drill.apache.org; run by ezmlm
Precedence: bulk
List-Help:
List-Unsubscribe:
List-Post:
List-Id:
Reply-To: dev@drill.apache.org
Delivered-To: mailing list issues@drill.apache.org
Received: (qmail 67245 invoked by uid 99); 26 Apr 2017 02:37:14 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142)
by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 26 Apr 2017 02:37:14 +0000
Received: from localhost (localhost [127.0.0.1])
by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 68D281A0668
for ; Wed, 26 Apr 2017 02:37:14 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -100.002
X-Spam-Level:
X-Spam-Status: No, score=-100.002 tagged_above=-999 required=6.31
tests=[RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001,
USER_IN_WHITELIST=-100] autolearn=disabled
Received: from mx1-lw-us.apache.org ([10.40.0.8])
by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024)
with ESMTP id VLY7qqbC6FnG for ;
Wed, 26 Apr 2017 02:37:12 +0000 (UTC)
Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139])
by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 676905FCCB
for ; Wed, 26 Apr 2017 02:37:09 +0000 (UTC)
Received: from jira-lw-us.apache.org (unknown [207.244.88.139])
by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 23BEBE0DCD
for ; Wed, 26 Apr 2017 02:37:08 +0000 (UTC)
Received: from jira-lw-us.apache.org (localhost [127.0.0.1])
by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 4D4D221E3D
for ; Wed, 26 Apr 2017 02:37:06 +0000 (UTC)
Date: Wed, 26 Apr 2017 02:37:06 +0000 (UTC)
From: "ASF GitHub Bot (JIRA)"
To: issues@drill.apache.org
Message-ID:
In-Reply-To:
References:
Subject: [jira] [Commented] (DRILL-4335) Apache Drill should support network
encryption
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394
archived-at: Wed, 26 Apr 2017 02:37:16 -0000
[ https://issues.apache.org/jira/browse/DRILL-4335?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15984066#comment-15984066 ]
ASF GitHub Bot commented on DRILL-4335:
---------------------------------------
Github user sudheeshkatkam commented on a diff in the pull request:
https://github.com/apache/drill/pull/773#discussion_r113349330
--- Diff: exec/rpc/src/main/java/org/apache/drill/exec/rpc/SaslEncryptionHandler.java ---
@@ -0,0 +1,181 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.drill.exec.rpc;
+
+import io.netty.buffer.ByteBuf;
+import io.netty.buffer.CompositeByteBuf;
+import io.netty.channel.ChannelHandlerContext;
+import io.netty.handler.codec.MessageToMessageEncoder;
+
+import org.apache.drill.exec.exception.OutOfMemoryException;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+import java.nio.ByteOrder;
+import java.util.List;
+
+import static com.google.common.base.Preconditions.checkArgument;
+
+
+/**
+ * Handler to wrap the input Composite ByteBuf components separately and append the encrypted length for each
+ * component in the output ByteBuf. If there are multiple components in the input ByteBuf then each component will be
+ * encrypted individually and added to output ByteBuf with it's length prepended.
+ *
Output ByteBuf --> [[EBLN1, EB1], [EBLN2, EB2]] - List of ByteBuf's with each ByteBuf containing
+ * Encrypted Byte Length (EBLNx) in network order as per SASL RFC and Encrypted Bytes (EBx).
+ *
+ */
+class SaslEncryptionHandler extends MessageToMessageEncoder {
+
+ private static final org.slf4j.Logger logger = org.slf4j.LoggerFactory.getLogger(
+ SaslEncryptionHandler.class.getCanonicalName());
+
+ private final SaslCodec saslCodec;
+
+ private final int maxRawWrapSize;
+
+ private byte[] origMsgBuffer;
+
+ private final ByteBuffer lengthOctets;
+
+ private final OutOfMemoryHandler outOfMemoryHandler;
+
+ /**
+ * We don't provide preference to allocator to use heap buffer instead of direct buffer.
+ * Drill uses it's own buffer allocator which doesn't support heap buffer allocation. We use
+ * Drill buffer allocator in the channel.
+ */
+ SaslEncryptionHandler(SaslCodec saslCodec, final int maxRawWrapSize, final OutOfMemoryHandler oomHandler) {
+ this.saslCodec = saslCodec;
+ this.maxRawWrapSize = maxRawWrapSize;
+ this.outOfMemoryHandler = oomHandler;
+
+ // The maximum size of the component will be maxRawWrapSize. Since this is maximum size we can allocate once
+ // and reuse it for each component encode.
+ origMsgBuffer = new byte[this.maxRawWrapSize];
+ lengthOctets = ByteBuffer.allocate(RpcConstants.LENGTH_FIELD_LENGTH);
+ lengthOctets.order(ByteOrder.BIG_ENDIAN);
+ }
+
+ @Override
+ public void handlerAdded(ChannelHandlerContext ctx) throws Exception {
+ super.handlerAdded(ctx);
+ logger.trace("Added " + RpcConstants.SASL_ENCRYPTION_HANDLER + " handler!");
+ }
+
+ @Override
+ public void handlerRemoved(ChannelHandlerContext ctx) throws Exception {
+ super.handlerRemoved(ctx);
+ logger.trace("Removed " + RpcConstants.SASL_ENCRYPTION_HANDLER + " handler");
+ }
+
+ public void encode(ChannelHandlerContext ctx, ByteBuf msg, List