hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Larry McCay (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-16076) SPNEGO+SSL Client Connections with HttpClient Broken
Date Mon, 04 Feb 2019 17:16:00 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-16076?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16760031#comment-16760031
] 

Larry McCay commented on HADOOP-16076:
--------------------------------------

[~eyang] - internal testing seems to be good with this patch revision.


> SPNEGO+SSL Client Connections with HttpClient Broken
> ----------------------------------------------------
>
>                 Key: HADOOP-16076
>                 URL: https://issues.apache.org/jira/browse/HADOOP-16076
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: build, security
>    Affects Versions: 3.2.0
>            Reporter: Larry McCay
>            Assignee: Larry McCay
>            Priority: Major
>         Attachments: HADOOP-16076-01.patch
>
>
> Client connections with HttpClient to a SPNEGO secured endpoint with TLS enabled break
due to a misrepresentation of the SPN to include HTTPS instead of just HTTP.
> The current use of HTTPClient 4.5.2 is affected by HTTPCLIENT-1712 and breaks SPNEGO
with HTTPS endpoints since it include the httpS in the principal name.
> We need to migrate to at least 4.5.3 as we have tested with that version and observed
it fixing the issue. Need to do some due diligence to determine the cleanest version to upgrade
to but will provide a patch in a day or so.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org


Mime
View raw message