HDFS-5353. Short circuit reads fail when dfs.encrypt.data.transfer is enabled. Contributed by Colin Patrick McCabe.

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1548987 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Jing Zhao 2013-12-08 03:52:18 +00:00
parent e1d3670f4c
commit 155020a6f4
9 changed files with 51 additions and 1 deletions

View File

@ -798,6 +798,9 @@ Release 2.3.0 - UNRELEASED
HDFS-5590. Block ID and generation stamp may be reused when persistBlocks is
set to false. (jing9)
HDFS-5353. Short circuit reads fail when dfs.encrypt.data.transfer is
enabled. (Colin Patrick McCabe via jing9)
Release 2.2.0 - 2013-10-13
INCOMPATIBLE CHANGES

View File

@ -125,4 +125,9 @@ class BasicInetPeer implements Peer {
public DomainSocket getDomainSocket() {
return null;
}
@Override
public boolean hasSecureChannel() {
return false;
}
}

View File

@ -114,4 +114,19 @@ public class DomainPeer implements Peer {
public DomainSocket getDomainSocket() {
return socket;
}
@Override
public boolean hasSecureChannel() {
//
// Communication over domain sockets is assumed to be secure, since it
// doesn't pass over any network. We also carefully control the privileges
// that can be used on the domain socket inode and its parent directories.
// See #{java.org.apache.hadoop.net.unix.DomainSocket#validateSocketPathSecurity0}
// for details.
//
// So unless you are running as root or the hdfs superuser, you cannot
// launch a man-in-the-middle attach on UNIX domain socket traffic.
//
return true;
}
}

View File

@ -139,4 +139,9 @@ public class EncryptedPeer implements Peer {
public DomainSocket getDomainSocket() {
return enclosedPeer.getDomainSocket();
}
@Override
public boolean hasSecureChannel() {
return true;
}
}

View File

@ -128,4 +128,9 @@ class NioInetPeer implements Peer {
public DomainSocket getDomainSocket() {
return null;
}
@Override
public boolean hasSecureChannel() {
return false;
}
}

View File

@ -112,4 +112,12 @@ public interface Peer extends Closeable {
* peer, or null if there is none.
*/
public DomainSocket getDomainSocket();
/**
* Return true if the channel is secure.
*
* @return True if our channel to this peer is not
* susceptible to man-in-the-middle attacks.
*/
public boolean hasSecureChannel();
}

View File

@ -162,7 +162,7 @@ class DataXceiver extends Receiver implements Runnable {
try {
peer.setWriteTimeout(datanode.getDnConf().socketWriteTimeout);
InputStream input = socketIn;
if (dnConf.encryptDataTransfer) {
if ((!peer.hasSecureChannel()) && dnConf.encryptDataTransfer) {
IOStreamPair encryptedStreams = null;
try {
encryptedStreams = DataTransferEncryptor.getEncryptedStreams(socketOut,

View File

@ -42,6 +42,10 @@ public class TestParallelShortCircuitReadUnCached extends TestParallelReadUtil {
new File(sockDir.getDir(),
"TestParallelShortCircuitReadUnCached._PORT.sock").getAbsolutePath());
conf.setBoolean(DFSConfigKeys.DFS_CLIENT_READ_SHORTCIRCUIT_KEY, true);
// Enabling data transfer encryption should have no effect when using
// short-circuit local reads. This is a regression test for HDFS-5353.
conf.setBoolean(DFSConfigKeys.DFS_ENCRYPT_DATA_TRANSFER_KEY, true);
conf.setBoolean(DFSConfigKeys.DFS_BLOCK_ACCESS_TOKEN_ENABLE_KEY, true);
conf.setBoolean(DFSConfigKeys.
DFS_CLIENT_READ_SHORTCIRCUIT_SKIP_CHECKSUM_KEY, false);
conf.setBoolean(DFSConfigKeys.

View File

@ -140,6 +140,11 @@ public class TestPeerCache {
public int hashCode() {
return dnId.hashCode() ^ (hasDomain ? 1 : 0);
}
@Override
public boolean hasSecureChannel() {
return false;
}
}
@Test