From 58de2df8606cd598b41785c0c5c6bf98d66ebc15 Mon Sep 17 00:00:00 2001 From: James Date: Wed, 11 Jan 2017 10:54:50 -0500 Subject: [PATCH] HDFS-10685: libhdfs++: return explicit error when non-secured client connects to secured server. Contributed by Kai Jiang. --- .../src/main/native/libhdfspp/include/hdfspp/status.h | 1 + .../src/main/native/libhdfspp/lib/common/status.cc | 11 ++++++++++- .../native/libhdfspp/lib/rpc/cyrus_sasl_engine.cc | 2 +- .../main/native/libhdfspp/lib/rpc/rpc_connection.cc | 6 +++++- 4 files changed, 17 insertions(+), 3 deletions(-) diff --git a/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfspp/include/hdfspp/status.h b/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfspp/include/hdfspp/status.h index 39cf8c62a9..d2c32b2de1 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfspp/include/hdfspp/status.h +++ b/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfspp/include/hdfspp/status.h @@ -43,6 +43,7 @@ class Status { static Status Exception(const char *exception_class_name, const char *exception_details); static Status Error(const char *error_message); static Status AuthenticationFailed(); + static Status AuthenticationFailed(const char *msg); static Status Canceled(); static Status PathNotFound(const char *msg); static Status InvalidOffset(const char *msg); diff --git a/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfspp/lib/common/status.cc b/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfspp/lib/common/status.cc index 15d304abd5..590a036a53 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfspp/lib/common/status.cc +++ b/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfspp/lib/common/status.cc @@ -131,7 +131,16 @@ Status Status::Error(const char *error_message) { } Status Status::AuthenticationFailed() { - return Status(kAuthenticationFailed, "Authentication failed"); + return Status::AuthenticationFailed(nullptr); +} + +Status Status::AuthenticationFailed(const char *msg) { + std::string formatted = "AuthenticationFailed"; + if(msg) { + formatted += ": "; + formatted += msg; + } + return Status(kAuthenticationFailed, formatted.c_str()); } Status Status::Canceled() { diff --git a/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfspp/lib/rpc/cyrus_sasl_engine.cc b/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfspp/lib/rpc/cyrus_sasl_engine.cc index ca8230533c..69b2267a3e 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfspp/lib/rpc/cyrus_sasl_engine.cc +++ b/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfspp/lib/rpc/cyrus_sasl_engine.cc @@ -91,7 +91,7 @@ Status make_status(int rc) { if (rc != SASL_OK && rc != SASL_CONTINUE && rc != SASL_INTERACT) { - return Status::Error(errStr(rc).c_str()); + return Status::AuthenticationFailed(errStr(rc).c_str()); } return Status::OK(); } diff --git a/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfspp/lib/rpc/rpc_connection.cc b/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfspp/lib/rpc/rpc_connection.cc index 2068614fc3..f629d1f23d 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfspp/lib/rpc/rpc_connection.cc +++ b/hadoop-hdfs-project/hadoop-hdfs-native-client/src/main/native/libhdfspp/lib/rpc/rpc_connection.cc @@ -293,7 +293,11 @@ Status RpcConnection::HandleRpcResponse(std::shared_ptr response) { auto req = RemoveFromRunningQueue(h.callid()); if (!req) { LOG_WARN(kRPC, << "RPC response with Unknown call id " << h.callid()); - return Status::Error("Rpc response with unknown call id"); + if((int32_t)h.callid() == RpcEngine::kCallIdSasl) { + return Status::AuthenticationFailed("You have an unsecured client connecting to a secured server"); + } else { + return Status::Error("Rpc response with unknown call id"); + } } Status status;