Return-Path: X-Original-To: apmail-hadoop-common-issues-archive@minotaur.apache.org Delivered-To: apmail-hadoop-common-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 61AAC17BEE for ; Tue, 12 May 2015 15:13:00 +0000 (UTC) Received: (qmail 63107 invoked by uid 500); 12 May 2015 15:13:00 -0000 Delivered-To: apmail-hadoop-common-issues-archive@hadoop.apache.org Received: (qmail 63060 invoked by uid 500); 12 May 2015 15:13:00 -0000 Mailing-List: contact common-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: common-issues@hadoop.apache.org Delivered-To: mailing list common-issues@hadoop.apache.org Received: (qmail 63049 invoked by uid 99); 12 May 2015 15:13:00 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 12 May 2015 15:13:00 +0000 Date: Tue, 12 May 2015 15:13:00 +0000 (UTC) From: "Junping Du (JIRA)" To: common-issues@hadoop.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (HADOOP-11962) Sasl message with MD5 challenge text shouldn't be LOG out even in debug level. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HADOOP-11962?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Junping Du updated HADOOP-11962: -------------------------------- Attachment: HADOOP-11962-v2.patch > Sasl message with MD5 challenge text shouldn't be LOG out even in debug level. > ------------------------------------------------------------------------------ > > Key: HADOOP-11962 > URL: https://issues.apache.org/jira/browse/HADOOP-11962 > Project: Hadoop Common > Issue Type: Bug > Components: ipc, security > Affects Versions: 2.6.0 > Reporter: Junping Du > Assignee: Junping Du > Priority: Critical > Attachments: HADOOP-11962-v2.patch, HADOOP-11962.patch > > > Some log examples: > {noformat} > 2014-09-24 05:42:12,975 DEBUG security.SaslRpcServer (SaslRpcServer.java:create(174)) - Created SASL server with mechanism = DIGEST-MD5 > 2014-09-24 05:42:12,977 DEBUG ipc.Server (Server.java:doSaslReply(1424)) - Sending sasl message state: NEGOTIATE > auths { > method: "TOKEN" > mechanism: "DIGEST-MD5" > protocol: "" > serverId: "default" > challenge: "realm=\"default\",nonce=\"yIvZDpbzGGq3yIrMynVKnEv9Z0qw6lxpr9nZxm0r\",qop=\"auth\",charset=utf-8,algorithm=md5-sess" > } > ... > ... > 2014-09-24 06:21:59,146 DEBUG ipc.Server (Server.java:doSaslReply(1424)) - Sending sasl message state: CHALLENGE > token: "`l\006\t*\206H\206\367\022\001\002\002\002\000o]0[\240\003\002\001\005\241\003\002\001\017\242O0M\240\003\002\001\020\242F\004D#\030\336|kb\232\033V\340\342F\334\230\347\230\362)u!=\215\271\006\244:\244\221vn\215*\323\353\360\350\3006\366\3340\245\371Ri\273\374\307\017\207Z\233\326\217\224!yo$\373\233\315:JsY!^?" > {noformat} > We should get rid of this kind of log in production environment even under debug log level. -- This message was sent by Atlassian JIRA (v6.3.4#6332)