hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daryn Sharp (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-9421) Convert SASL to use ProtoBuf and add lengths for non-blocking processing
Date Fri, 21 Jun 2013 18:10:21 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-9421?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Daryn Sharp updated HADOOP-9421:
--------------------------------

    Attachment: HADOOP-9421.patch

Only response that will ever be sent after a connection header is a RPC exception for invalid
fields.  Server will not SASL respond to a client until it sends either NEGOTIATE or INITIATE.

If the client sends NEGOTIATE, the server responds with a full list of his negotiation methods.
 The client has one shot to do an INITIATE before failure.

If the client sends INITIATE, and guesses wrong, the server responds with NEGOTIATE.  Again,
the client now has one shot to send a valid INITIATE.

Basically the client gets one freebie to do a bad INITIATE.  Once the client has been informed
of valid auth methods, it must use a valid one.  This forces authentication down a deterministic
progression of states.  If the client fumbles, the authentication fails.
                
> Convert SASL to use ProtoBuf and add lengths for non-blocking processing
> ------------------------------------------------------------------------
>
>                 Key: HADOOP-9421
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9421
>             Project: Hadoop Common
>          Issue Type: Sub-task
>    Affects Versions: 2.0.3-alpha
>            Reporter: Sanjay Radia
>            Assignee: Daryn Sharp
>            Priority: Blocker
>         Attachments: HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421.patch,
HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421.patch,
HADOOP-9421-v2-demo.patch
>
>


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message