hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Luke Lu (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-9421) Convert SASL to use ProtoBuf and add lengths for non-blocking processing
Date Thu, 20 Jun 2013 17:58:24 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-9421?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13689451#comment-13689451
] 

Luke Lu commented on HADOOP-9421:
---------------------------------

Specifically:

bq. Re-introduces the roundtrip I removed for tokens and usable by other auths in the future

Not true. The initiate proto wrapped in rpc header is part of the connection header packet
even though they're logically separate messages.

bq. Appears to add yet another roundtrip for non-token auths

Not true. See above.

bq. Completely removes the ability for the client to chose the best or most preferred auth

Not true. In fact the client initiate proto allows future auths without introduce new round-trip.

bq. Ruins pluggable auths because the client now requires specific logic to "guess" if it
can do the new auth

Not true. initiate "allows" but not "requires" client specific logic, hence more extensible.

bq. Prevents elimination of token use_ip

Not applicable to any known token mechs: Digest-MD5 or SCRAM, as the former is always server
initiated and the latter doesn't care.

bq. Prevents supporting tokens for multi-interface, multi-A record, or CNAMEs

Not true. Token auth don't care, see above. And the initiate proto is extensible for all kinds
of auth metadata.

bq. Breaks my ability to add IP failover support

Not true. IP failover works with tokens as is and for Kerberos if server principal is shared
among the servers for the same logical server. Can be extended to support insane cross server
principal failover, while maintaining minimum round-trips in normal cases.

bq. Allows clients to do complete DOS attacks by tying up the socket indefinitely with initiates

Clients can already do the same by keeping RPC connections indefinitely. DoS is only significant
if it requires client less resource to DoS a server, which is not the case.

In summary, your patch changes the major flow of the current RPC with a new negotiate round-trip
except for a round-trip reduction hack for Digest-MD5 tokens, since it disallows client to
send any new auth metadata in the first packet. My patch is actually a (conceptually) small
change to extend the capability to send arbitrary auth metadata in the first packet and allows
server to intelligently respond with either challenge or negotiate, which allows round-trip
optimization for all future auths besides Digest-MD5 tokens.


                
> Convert SASL to use ProtoBuf and add lengths for non-blocking processing
> ------------------------------------------------------------------------
>
>                 Key: HADOOP-9421
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9421
>             Project: Hadoop Common
>          Issue Type: Sub-task
>    Affects Versions: 2.0.3-alpha
>            Reporter: Sanjay Radia
>            Assignee: Daryn Sharp
>            Priority: Blocker
>         Attachments: HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421.patch,
HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421-v2-demo.patch
>
>


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message