hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Haohui Mai (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-11962) Sasl message with MD5 challenge text shouldn't be LOG out even in debug level.
Date Tue, 12 May 2015 17:30:00 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-11962?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14540289#comment-14540289
] 

Haohui Mai commented on HADOOP-11962:
-------------------------------------

+1. I'll commit it shortly.

> Sasl message with MD5 challenge text shouldn't be LOG out even in debug level.
> ------------------------------------------------------------------------------
>
>                 Key: HADOOP-11962
>                 URL: https://issues.apache.org/jira/browse/HADOOP-11962
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: ipc, security
>    Affects Versions: 2.6.0
>            Reporter: Junping Du
>            Assignee: Junping Du
>            Priority: Critical
>         Attachments: HADOOP-11962-v2.patch, HADOOP-11962.patch
>
>
> Some log examples:
> {noformat}
> 2014-09-24 05:42:12,975 DEBUG security.SaslRpcServer (SaslRpcServer.java:create(174))
- Created SASL server with mechanism = DIGEST-MD5
> 2014-09-24 05:42:12,977 DEBUG ipc.Server (Server.java:doSaslReply(1424)) - Sending sasl
message state: NEGOTIATE
> auths {
>   method: "TOKEN"
>   mechanism: "DIGEST-MD5"
>   protocol: ""
>   serverId: "default"
>   challenge: "realm=\"default\",nonce=\"yIvZDpbzGGq3yIrMynVKnEv9Z0qw6lxpr9nZxm0r\",qop=\"auth\",charset=utf-8,algorithm=md5-sess"
> }
> ...
> ...
> 2014-09-24 06:21:59,146 DEBUG ipc.Server (Server.java:doSaslReply(1424)) - Sending sasl
message state: CHALLENGE
> token: "`l\006\t*\206H\206\367\022\001\002\002\002\000o]0[\240\003\002\001\005\241\003\002\001\017\242O0M\240\003\002\001\020\242F\004D#\030\336|kb\232\033V\340\342F\334\230\347\230\362)u!=\215\271\006\244:\244\221vn\215*\323\353\360\350\3006\366\3340\245\371Ri\273\374\307\017\207Z\233\326\217\224!yo$\373\233\315:JsY!^?"
> {noformat}
> We should get rid of this kind of log in production environment even under debug log
level.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message