Mailing-List: contact hdfs-issues-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
Reply-To: hdfs-issues@hadoop.apache.org
Date: Fri, 31 Oct 2014 00:07:35 +0000 (UTC)
From: "Chris Nauroth (JIRA)" <jira@apache.org>
To: hdfs-issues@hadoop.apache.org
Message-ID: <JIRA.12751828.1414713717000.378106.1414714055336@Atlassian.JIRA>
In-Reply-To: <JIRA.12751828.1414713717000@Atlassian.JIRA>
References: <JIRA.12751828.1414713717000@Atlassian.JIRA>
 <JIRA.12751828.1414713717071@arcas>
Subject: [jira] [Updated] (HDFS-7313) Support optional configuration of AES
 cipher suite on DataTransferProtocol.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit


     [ https://issues.apache.org/jira/browse/HDFS-7313?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Chris Nauroth updated HDFS-7313:
--------------------------------
    Attachment: HDFS-7313.1.patch

Full disclosure: Support for configuration was discussed once before in HDFS-6606, and the decision at that time was to not make it configurable.  See several comments starting here:

https://issues.apache.org/jira/browse/HDFS-6606?focusedCommentId=14145832&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14145832

However, since then, I've heard feedback that it would be preferable to maintain the existing behavior of 3DES or RC4 in existing clusters by default, and activate AES only if configured explicitly.  This is seen as a safety net for managing rollout of the new feature in 2.6.0.  There is no argument against AES as the superior choice, so we can revisit switching it to the default in a future release after some stabilization time.

[~hitliuyi] and [~atm], you participated in the HDFS-6606 discussion.  What do you think of this patch?

Here is a summary of the changes.
* {{SecureMode.apt.vm}}: While I was working on this, I decided to update the docs to cover our new encryption capabilities.
* {{GenericTestUtils}}: Added new test helper method.
* {{DFSConfigKeys}}/{{hdfs-default.xml}}}: Defined new configuration property for specifying cipher suites used during DataTransferProtocol encryption.
* {{DataTransferSaslUtil}}: On the server side, only negotiate AES if it's configured.
* {{SaslDataTransferClient}}: On the client side, only negotiate AES if it's configured.
* {{DataXceiver}}: This fixes a regression that I had introduced in my HDFS-2856 patch.  The fix restores some special case handling from Aaron's earlier HDFS-3637 patch.  We didn't catch the regression earlier because of a bug in the tests.  (See below.)
* {{TestEncryptedTransfer}}: I changed test assertions on existing tests to assert that AES is not used, and I added a new test with AES configured.  I discovered that some of the assertions in this suite have not been running due to an erroneous check on {{resolverClazz}}.  If it's ever non-null, then it's going to be {{TestTrustedChannelResolver}}, effectively meaning that the assertions were never running.  I fixed this and confirmed that the assertions are running now.


> Support optional configuration of AES cipher suite on DataTransferProtocol.
> ---------------------------------------------------------------------------
>
>                 Key: HDFS-7313
>                 URL: https://issues.apache.org/jira/browse/HDFS-7313
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>          Components: datanode, hdfs-client, security
>            Reporter: Chris Nauroth
>            Assignee: Chris Nauroth
>         Attachments: HDFS-7313.1.patch
>
>
> HDFS-6606 introduced use of AES for encryption of DataTransferProtocol.  This issue proposes introduction of a configuration property for administrators to control whether or not AES is used or the existing support for 3DES and RC4 is used.


--
This message was sent by Atlassian JIRA
(v6.3.4#6332)