Return-Path:
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
by cust-asf2.ponee.io (Postfix) with ESMTP id DCDE9200C77
for ; Mon, 1 May 2017 21:48:14 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
id DB94F160BA0; Mon, 1 May 2017 19:48:14 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
by cust-asf.ponee.io (Postfix) with SMTP id EA2AA160BAE
for ; Mon, 1 May 2017 21:48:13 +0200 (CEST)
Received: (qmail 36730 invoked by uid 500); 1 May 2017 19:48:13 -0000
Mailing-List: contact issues-help@drill.apache.org; run by ezmlm
Precedence: bulk
List-Help:
List-Unsubscribe:
List-Post:
List-Id:
Reply-To: dev@drill.apache.org
Delivered-To: mailing list issues@drill.apache.org
Received: (qmail 36660 invoked by uid 99); 1 May 2017 19:48:11 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142)
by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 01 May 2017 19:48:11 +0000
Received: from localhost (localhost [127.0.0.1])
by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 698A1D8574
for ; Mon, 1 May 2017 19:48:11 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -100.002
X-Spam-Level:
X-Spam-Status: No, score=-100.002 tagged_above=-999 required=6.31
tests=[RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001,
USER_IN_WHITELIST=-100] autolearn=disabled
Received: from mx1-lw-eu.apache.org ([10.40.0.8])
by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024)
with ESMTP id m2ThRwVsI3ea for ;
Mon, 1 May 2017 19:48:10 +0000 (UTC)
Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139])
by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTP id 3FD9360DC6
for ; Mon, 1 May 2017 19:48:09 +0000 (UTC)
Received: from jira-lw-us.apache.org (unknown [207.244.88.139])
by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 67F05E0DD1
for ; Mon, 1 May 2017 19:48:08 +0000 (UTC)
Received: from jira-lw-us.apache.org (localhost [127.0.0.1])
by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 2851621E31
for ; Mon, 1 May 2017 19:48:06 +0000 (UTC)
Date: Mon, 1 May 2017 19:48:06 +0000 (UTC)
From: "ASF GitHub Bot (JIRA)"
To: issues@drill.apache.org
Message-ID:
In-Reply-To:
References:
Subject: [jira] [Commented] (DRILL-4335) Apache Drill should support network
encryption
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394
archived-at: Mon, 01 May 2017 19:48:15 -0000
[ https://issues.apache.org/jira/browse/DRILL-4335?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15991400#comment-15991400 ]
ASF GitHub Bot commented on DRILL-4335:
---------------------------------------
Github user sohami commented on a diff in the pull request:
https://github.com/apache/drill/pull/773#discussion_r113836168
--- Diff: exec/rpc/src/main/java/org/apache/drill/exec/rpc/SaslDecryptionHandler.java ---
@@ -0,0 +1,162 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.drill.exec.rpc;
+
+import io.netty.buffer.ByteBuf;
+import io.netty.channel.ChannelHandlerContext;
+import io.netty.handler.codec.MessageToMessageDecoder;
+
+import org.apache.drill.exec.exception.OutOfMemoryException;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+import java.nio.ByteOrder;
+import java.util.List;
+
+import static com.google.common.base.Preconditions.checkArgument;
+
+/**
+ * Handler to Decrypt the input ByteBuf. It expects input to be in format where it has length of the bytes to
+ * decode in network order and actual encrypted bytes. The handler reads the length and then reads the
+ * required bytes to pass it to unwrap function for decryption. The decrypted buffer is copied to a new
+ * ByteBuf and added to out list.
+ *
+ * Example:
+ *
Input - [EBLN1, EB1, EBLN2, EB2] --> ByteBuf with repeated combination of encrypted byte length
+ * in network order (EBLNx) and encrypted bytes (EB)
+ *
Output - [DB1] --> Decrypted ByteBuf of first chunk.(EB1)
+ *
+ */
+class SaslDecryptionHandler extends MessageToMessageDecoder {
+
+ private static final org.slf4j.Logger logger = org.slf4j.LoggerFactory.getLogger(
+ SaslDecryptionHandler.class.getCanonicalName());
+
+ private final SaslCodec saslCodec;
+
+ private final int maxEncodedSize;
+
+ private final OutOfMemoryHandler outOfMemoryHandler;
+
+ private final byte[] encodedMsg;
+
+ private final ByteBuffer lengthOctets;
+
+ SaslDecryptionHandler(SaslCodec saslCodec, int maxEncodedSize, OutOfMemoryHandler oomHandler) {
+ this.saslCodec = saslCodec;
+ this.outOfMemoryHandler = oomHandler;
+ this.maxEncodedSize = maxEncodedSize;
+
+ // Allocate the byte array of maxEncodedSize to reuse for each encoded packet received on this connection
+ // Maximum value of maxEncodedSize can be 16MB (i.e. OXFFFFFF)
+ encodedMsg = new byte[maxEncodedSize];
+ lengthOctets = ByteBuffer.allocate(RpcConstants.LENGTH_FIELD_LENGTH);
+ lengthOctets.order(ByteOrder.BIG_ENDIAN);
+ }
+
+ @Override
+ public void handlerAdded(ChannelHandlerContext ctx) throws Exception {
+ super.handlerAdded(ctx);
+ logger.trace("Added " + RpcConstants.SASL_DECRYPTION_HANDLER + " handler");
+ }
+
+ @Override
+ public void handlerRemoved(ChannelHandlerContext ctx) throws Exception {
+ super.handlerRemoved(ctx);
+ logger.trace("Removed " + RpcConstants.SASL_DECRYPTION_HANDLER + " handler");
+ }
+
+ public void decode(ChannelHandlerContext ctx, ByteBuf msg, List