[jira] [Commented] (HADOOP-19639) SecretManager configuration at runtime

[ASF GitHub Bot (Jira)]

    [ 
https://issues.apache.org/jira/browse/HADOOP-19639?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18010391#comment-18010391
 ] 

ASF GitHub Bot commented on HADOOP-19639:
-----------------------------------------

K0K0V0K commented on PR #7827:
URL: https://github.com/apache/hadoop/pull/7827#issuecomment-3127087300

   Hi @abstractdog @slfan1989,
   
   I ended up deleting the SecretManagerConfig file and moved the relevant code 
into SecretManager. This ensures that only SecretManager has access to key 
generation and MAC creation, reducing the risk of other components using that 
logic unintentionally.
   
   Thank you for your previous reviews and suggestions—they were very helpful 
in improving this PR. When you have a moment, could you kindly take another 
look?
   
   Thanks again!




> SecretManager configuration at runtime
> --------------------------------------
>
>                 Key: HADOOP-19639
>                 URL: https://issues.apache.org/jira/browse/HADOOP-19639
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: hadoop-common
>    Affects Versions: 3.5.0
>            Reporter: Bence Kosztolnik
>            Assignee: Bence Kosztolnik
>            Priority: Major
>              Labels: pull-request-available
>
> In case of TEZ *DAGAppMaster* the Hadoop *SecretManager* code can not read 
> yarn config xml file, therefore the SELECTED_ALGORITHM and SELECTED_LENGTH 
> variables in SecretManager can not be set at runtime.
> This can results with the following exception in FIPS environment:
> {code:java}
> java.security.InvalidParameterException: Key size for HMAC must be at least 
> 112 bits in approved mode: SHA-1/HMAC
>       at 
> com.safelogic.cryptocomply.fips.core/com.safelogic.cryptocomply.jcajce.provider.BaseKeyGenerator.engineInit(Unknown
>  Source)
>       at java.base/javax.crypto.KeyGenerator.init(KeyGenerator.java:540)
>       at java.base/javax.crypto.KeyGenerator.init(KeyGenerator.java:517)
>       at 
> org.apache.hadoop.security.token.SecretManager.<init>(SecretManager.java:157)
>       at 
> org.apache.hadoop.yarn.security.client.BaseClientToAMTokenSecretManager.<init>(BaseClientToAMTokenSecretManager.java:38)
>       at 
> org.apache.hadoop.yarn.security.client.ClientToAMTokenSecretManager.<init>(ClientToAMTokenSecretManager.java:46)
>       at 
> org.apache.tez.common.security.TezClientToAMTokenSecretManager.<init>(TezClientToAMTokenSecretManager.java:33)
>       at 
> org.apache.tez.dag.app.DAGAppMaster.serviceInit(DAGAppMaster.java:493)
>       at 
> org.apache.hadoop.service.AbstractService.init(AbstractService.java:164)
>       at org.apache.tez.dag.app.DAGAppMaster$9.run(DAGAppMaster.java:2649)
>       at java.base/java.security.AccessController.doPrivileged(Native Method)
>       at java.base/javax.security.auth.Subject.doAs(Subject.java:423)
>       at 
> org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1910)
>       at 
> org.apache.tez.dag.app.DAGAppMaster.initAndStartAppMaster(DAGAppMaster.java:2646)
>       at org.apache.tez.dag.app.DAGAppMaster.main(DAGAppMaster.java:2440)
> {code}
> To mitigate the problem we should provide some ability for the component to 
> be able to modify the configuration without corresponding config files on 
> class path.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org