/** * Registers this executor with an external shuffle server. This registration is required to * inform the shuffle server about where and how we store our shuffle files. * * @param host Host of shuffle server. * @param port Port of shuffle server. * @param execId This Executor's id. * @param executorInfo Contains all info necessary for the service to find our shuffle files. */ public void registerWithShuffleServer( String host, int port, String execId, ExecutorShuffleInfo executorInfo) throws IOException, InterruptedException { checkInit(); try (TransportClient client = clientFactory.createUnmanagedClient(host, port)) { ByteBuffer registerMessage = new RegisterExecutor(appId, execId, executorInfo).toByteBuffer(); client.sendRpcSync(registerMessage, registrationTimeoutMs); } }
/** * Registers this executor with an external shuffle server. This registration is required to * inform the shuffle server about where and how we store our shuffle files. * * @param host Host of shuffle server. * @param port Port of shuffle server. * @param execId This Executor's id. * @param executorInfo Contains all info necessary for the service to find our shuffle files. */ public void registerWithShuffleServer( String host, int port, String execId, ExecutorShuffleInfo executorInfo) throws IOException, InterruptedException { checkInit(); try (TransportClient client = clientFactory.createUnmanagedClient(host, port)) { ByteBuffer registerMessage = new RegisterExecutor(appId, execId, executorInfo).toByteBuffer(); client.sendRpcSync(registerMessage, registrationTimeoutMs); } }
private void doSparkAuth(TransportClient client, Channel channel) throws GeneralSecurityException, IOException { String secretKey = secretKeyHolder.getSecretKey(appId); try (AuthEngine engine = new AuthEngine(appId, secretKey, conf)) { ClientChallenge challenge = engine.challenge(); ByteBuf challengeData = Unpooled.buffer(challenge.encodedLength()); challenge.encode(challengeData); ByteBuffer responseData = client.sendRpcSync(challengeData.nioBuffer(), conf.authRTTimeoutMs()); ServerResponse response = ServerResponse.decodeMessage(responseData); engine.validate(response); engine.sessionCipher().addToChannel(channel); } }
private void doSparkAuth(TransportClient client, Channel channel) throws GeneralSecurityException, IOException { String secretKey = secretKeyHolder.getSecretKey(appId); try (AuthEngine engine = new AuthEngine(appId, secretKey, conf)) { ClientChallenge challenge = engine.challenge(); ByteBuf challengeData = Unpooled.buffer(challenge.encodedLength()); challenge.encode(challengeData); ByteBuffer responseData = client.sendRpcSync(challengeData.nioBuffer(), conf.authRTTimeoutMs()); ServerResponse response = ServerResponse.decodeMessage(responseData); engine.validate(response); engine.sessionCipher().addToChannel(channel); } }
@Test public void testNoSaslClient() throws IOException, InterruptedException { clientFactory = context.createClientFactory(new ArrayList<>()); TransportClient client = clientFactory.createClient(TestUtils.getLocalHost(), server.getPort()); try { client.sendRpcSync(ByteBuffer.allocate(13), TIMEOUT_MS); fail("Should have failed"); } catch (Exception e) { assertTrue(e.getMessage(), e.getMessage().contains("Expected SaslMessage")); } try { // Guessing the right tag byte doesn't magically get you in... client.sendRpcSync(ByteBuffer.wrap(new byte[] { (byte) 0xEA }), TIMEOUT_MS); fail("Should have failed"); } catch (Exception e) { assertTrue(e.getMessage(), e.getMessage().contains("java.lang.IndexOutOfBoundsException")); } }
@Test public void testNoSaslClient() throws IOException, InterruptedException { clientFactory = context.createClientFactory(new ArrayList<>()); TransportClient client = clientFactory.createClient(TestUtils.getLocalHost(), server.getPort()); try { client.sendRpcSync(ByteBuffer.allocate(13), TIMEOUT_MS); fail("Should have failed"); } catch (Exception e) { assertTrue(e.getMessage(), e.getMessage().contains("Expected SaslMessage")); } try { // Guessing the right tag byte doesn't magically get you in... client.sendRpcSync(ByteBuffer.wrap(new byte[] { (byte) 0xEA }), TIMEOUT_MS); fail("Should have failed"); } catch (Exception e) { assertTrue(e.getMessage(), e.getMessage().contains("java.lang.IndexOutOfBoundsException")); } }
private void doSparkAuth(TransportClient client, Channel channel) throws GeneralSecurityException, IOException { String secretKey = secretKeyHolder.getSecretKey(appId); try (AuthEngine engine = new AuthEngine(appId, secretKey, conf)) { ClientChallenge challenge = engine.challenge(); ByteBuf challengeData = Unpooled.buffer(challenge.encodedLength()); challenge.encode(challengeData); ByteBuffer responseData = client.sendRpcSync(challengeData.nioBuffer(), conf.authRTTimeoutMs()); ServerResponse response = ServerResponse.decodeMessage(responseData); engine.validate(response); engine.sessionCipher().addToChannel(channel); } }
@Test public void testNoSaslClient() throws IOException, InterruptedException { clientFactory = context.createClientFactory(new ArrayList<>()); TransportClient client = clientFactory.createClient(TestUtils.getLocalHost(), server.getPort()); try { client.sendRpcSync(ByteBuffer.allocate(13), TIMEOUT_MS); fail("Should have failed"); } catch (Exception e) { assertTrue(e.getMessage(), e.getMessage().contains("Expected SaslMessage")); } try { // Guessing the right tag byte doesn't magically get you in... client.sendRpcSync(ByteBuffer.wrap(new byte[] { (byte) 0xEA }), TIMEOUT_MS); fail("Should have failed"); } catch (Exception e) { assertTrue(e.getMessage(), e.getMessage().contains("java.lang.IndexOutOfBoundsException")); } }
@Test public void testDataEncryptionIsActuallyEnabled() throws Exception { // This test sets up an encrypted connection but then, using a client bootstrap, removes // the encryption handler from the client side. This should cause the server to not be // able to understand RPCs sent to it and thus close the connection. SaslTestCtx ctx = null; try { ctx = new SaslTestCtx(mock(RpcHandler.class), true, true); ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), TimeUnit.SECONDS.toMillis(10)); fail("Should have failed to send RPC to server."); } catch (Exception e) { assertFalse(e.getCause() instanceof TimeoutException); } finally { if (ctx != null) { ctx.close(); } } }
@Test public void testAuthReplay() throws Exception { // This test covers the case where an attacker replays a challenge message sniffed from the // network, but doesn't know the actual secret. The server should close the connection as // soon as a message is sent after authentication is performed. This is emulated by removing // the client encryption handler after authentication. ctx = new AuthTestCtx(); ctx.createServer("secret"); ctx.createClient("secret"); assertNotNull(ctx.client.getChannel().pipeline() .remove(TransportCipher.ENCRYPTION_HANDLER_NAME)); try { ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), 5000); fail("Should have failed unencrypted RPC."); } catch (Exception e) { assertTrue(ctx.authRpcHandler.doDelegate); } }
@Test public void testAuthReplay() throws Exception { // This test covers the case where an attacker replays a challenge message sniffed from the // network, but doesn't know the actual secret. The server should close the connection as // soon as a message is sent after authentication is performed. This is emulated by removing // the client encryption handler after authentication. ctx = new AuthTestCtx(); ctx.createServer("secret"); ctx.createClient("secret"); assertNotNull(ctx.client.getChannel().pipeline() .remove(TransportCipher.ENCRYPTION_HANDLER_NAME)); try { ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), 5000); fail("Should have failed unencrypted RPC."); } catch (Exception e) { assertTrue(ctx.authRpcHandler.doDelegate); } }
@Test public void testGoodClient() throws IOException, InterruptedException { clientFactory = context.createClientFactory( Arrays.asList(new SaslClientBootstrap(conf, "app-1", secretKeyHolder))); TransportClient client = clientFactory.createClient(TestUtils.getLocalHost(), server.getPort()); String msg = "Hello, World!"; ByteBuffer resp = client.sendRpcSync(JavaUtils.stringToBytes(msg), TIMEOUT_MS); assertEquals(msg, JavaUtils.bytesToString(resp)); }
@Test public void testGoodClient() throws IOException, InterruptedException { clientFactory = context.createClientFactory( Arrays.asList(new SaslClientBootstrap(conf, "app-1", secretKeyHolder))); TransportClient client = clientFactory.createClient(TestUtils.getLocalHost(), server.getPort()); String msg = "Hello, World!"; ByteBuffer resp = client.sendRpcSync(JavaUtils.stringToBytes(msg), TIMEOUT_MS); assertEquals(msg, JavaUtils.bytesToString(resp)); }
@Test public void testGoodClient() throws IOException, InterruptedException { clientFactory = context.createClientFactory( Arrays.asList(new SaslClientBootstrap(conf, "app-1", secretKeyHolder))); TransportClient client = clientFactory.createClient(TestUtils.getLocalHost(), server.getPort()); String msg = "Hello, World!"; ByteBuffer resp = client.sendRpcSync(JavaUtils.stringToBytes(msg), TIMEOUT_MS); assertEquals(msg, JavaUtils.bytesToString(resp)); }
@Test public void testSaslClientFallback() throws Exception { ctx = new AuthTestCtx(); ctx.createServer("secret", false); ctx.createClient("secret", true); ByteBuffer reply = ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), 5000); assertEquals("Pong", JavaUtils.bytesToString(reply)); }
@Test public void testSaslServerFallback() throws Exception { ctx = new AuthTestCtx(); ctx.createServer("secret", true); ctx.createClient("secret", false); ByteBuffer reply = ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), 5000); assertEquals("Pong", JavaUtils.bytesToString(reply)); }
@Test public void testSaslClientFallback() throws Exception { ctx = new AuthTestCtx(); ctx.createServer("secret", false); ctx.createClient("secret", true); ByteBuffer reply = ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), 5000); assertEquals("Pong", JavaUtils.bytesToString(reply)); }
@Test public void testSaslServerFallback() throws Exception { ctx = new AuthTestCtx(); ctx.createServer("secret", true); ctx.createClient("secret", false); ByteBuffer reply = ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), 5000); assertEquals("Pong", JavaUtils.bytesToString(reply)); }
@Test public void testNewAuth() throws Exception { ctx = new AuthTestCtx(); ctx.createServer("secret"); ctx.createClient("secret"); ByteBuffer reply = ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), 5000); assertEquals("Pong", JavaUtils.bytesToString(reply)); assertTrue(ctx.authRpcHandler.doDelegate); assertFalse(ctx.authRpcHandler.delegate instanceof SaslRpcHandler); }
@Test public void testNewAuth() throws Exception { ctx = new AuthTestCtx(); ctx.createServer("secret"); ctx.createClient("secret"); ByteBuffer reply = ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), 5000); assertEquals("Pong", JavaUtils.bytesToString(reply)); assertTrue(ctx.authRpcHandler.doDelegate); assertFalse(ctx.authRpcHandler.delegate instanceof SaslRpcHandler); }