Skip to content

Commit b726540

Browse files
Jing9Jing9
committed
HDFS-5353. Short circuit reads fail when dfs.encrypt.data.transfer is enabled. Contributed by Colin Patrick McCabe.
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1548987 13f79535-47bb-0310-9956-ffa450edef68
1 parent 207fcfb commit b726540

File tree

9 files changed

+51
-1
lines changed

9 files changed

+51
-1
lines changed

hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -798,6 +798,9 @@ Release 2.3.0 - UNRELEASED
798798
HDFS-5590. Block ID and generation stamp may be reused when persistBlocks is
799799
set to false. (jing9)
800800

801+
HDFS-5353. Short circuit reads fail when dfs.encrypt.data.transfer is
802+
enabled. (Colin Patrick McCabe via jing9)
803+
801804
Release 2.2.0 - 2013-10-13
802805

803806
INCOMPATIBLE CHANGES

hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/net/BasicInetPeer.java

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -125,4 +125,9 @@ public String toString() {
125125
public DomainSocket getDomainSocket() {
126126
return null;
127127
}
128+
129+
@Override
130+
public boolean hasSecureChannel() {
131+
return false;
132+
}
128133
}

hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/net/DomainPeer.java

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -114,4 +114,19 @@ public String toString() {
114114
public DomainSocket getDomainSocket() {
115115
return socket;
116116
}
117+
118+
@Override
119+
public boolean hasSecureChannel() {
120+
//
121+
// Communication over domain sockets is assumed to be secure, since it
122+
// doesn't pass over any network. We also carefully control the privileges
123+
// that can be used on the domain socket inode and its parent directories.
124+
// See #{java.org.apache.hadoop.net.unix.DomainSocket#validateSocketPathSecurity0}
125+
// for details.
126+
//
127+
// So unless you are running as root or the hdfs superuser, you cannot
128+
// launch a man-in-the-middle attach on UNIX domain socket traffic.
129+
//
130+
return true;
131+
}
117132
}

hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/net/EncryptedPeer.java

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -139,4 +139,9 @@ public String toString() {
139139
public DomainSocket getDomainSocket() {
140140
return enclosedPeer.getDomainSocket();
141141
}
142+
143+
@Override
144+
public boolean hasSecureChannel() {
145+
return true;
146+
}
142147
}

hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/net/NioInetPeer.java

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -128,4 +128,9 @@ public String toString() {
128128
public DomainSocket getDomainSocket() {
129129
return null;
130130
}
131+
132+
@Override
133+
public boolean hasSecureChannel() {
134+
return false;
135+
}
131136
}

hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/net/Peer.java

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -112,4 +112,12 @@ public interface Peer extends Closeable {
112112
* peer, or null if there is none.
113113
*/
114114
public DomainSocket getDomainSocket();
115+
116+
/**
117+
* Return true if the channel is secure.
118+
*
119+
* @return True if our channel to this peer is not
120+
* susceptible to man-in-the-middle attacks.
121+
*/
122+
public boolean hasSecureChannel();
115123
}

hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/datanode/DataXceiver.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -162,7 +162,7 @@ public void run() {
162162
try {
163163
peer.setWriteTimeout(datanode.getDnConf().socketWriteTimeout);
164164
InputStream input = socketIn;
165-
if (dnConf.encryptDataTransfer) {
165+
if ((!peer.hasSecureChannel()) && dnConf.encryptDataTransfer) {
166166
IOStreamPair encryptedStreams = null;
167167
try {
168168
encryptedStreams = DataTransferEncryptor.getEncryptedStreams(socketOut,

hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestParallelShortCircuitReadUnCached.java

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,10 @@ static public void setupCluster() throws Exception {
4242
new File(sockDir.getDir(),
4343
"TestParallelShortCircuitReadUnCached._PORT.sock").getAbsolutePath());
4444
conf.setBoolean(DFSConfigKeys.DFS_CLIENT_READ_SHORTCIRCUIT_KEY, true);
45+
// Enabling data transfer encryption should have no effect when using
46+
// short-circuit local reads. This is a regression test for HDFS-5353.
47+
conf.setBoolean(DFSConfigKeys.DFS_ENCRYPT_DATA_TRANSFER_KEY, true);
48+
conf.setBoolean(DFSConfigKeys.DFS_BLOCK_ACCESS_TOKEN_ENABLE_KEY, true);
4549
conf.setBoolean(DFSConfigKeys.
4650
DFS_CLIENT_READ_SHORTCIRCUIT_SKIP_CHECKSUM_KEY, false);
4751
conf.setBoolean(DFSConfigKeys.

hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestPeerCache.java

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -140,6 +140,11 @@ public boolean equals(Object o) {
140140
public int hashCode() {
141141
return dnId.hashCode() ^ (hasDomain ? 1 : 0);
142142
}
143+
144+
@Override
145+
public boolean hasSecureChannel() {
146+
return false;
147+
}
143148
}
144149

145150
@Test

0 commit comments

Comments
 (0)