You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by sn...@apache.org on 2015/05/15 22:03:26 UTC
[1/3] cassandra git commit: Add a flag in cassandra.yaml to enable
UDFs
Repository: cassandra
Updated Branches:
refs/heads/cassandra-2.2 63f596727 -> 6c0a46262
refs/heads/trunk f58a44763 -> ce0a25fa1
Add a flag in cassandra.yaml to enable UDFs
patch by Robert Stupp; reviewed by Aleksey Yeschenko for CASSANDRA-9404
Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo
Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/6c0a4626
Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/6c0a4626
Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/6c0a4626
Branch: refs/heads/cassandra-2.2
Commit: 6c0a4626249af927077bed552533eac2e3ed16a8
Parents: 63f5967
Author: Robert Stupp <sn...@snazy.de>
Authored: Fri May 15 22:01:38 2015 +0200
Committer: Robert Stupp <sn...@snazy.de>
Committed: Fri May 15 22:01:38 2015 +0200
----------------------------------------------------------------------
CHANGES.txt | 1 +
NEWS.txt | 6 ++++++
conf/cassandra.yaml | 5 +++++
src/java/org/apache/cassandra/config/Config.java | 2 ++
src/java/org/apache/cassandra/config/DatabaseDescriptor.java | 5 +++++
src/java/org/apache/cassandra/cql3/functions/UDFunction.java | 7 +++++++
.../cassandra/cql3/statements/CreateFunctionStatement.java | 3 +++
test/conf/cassandra.yaml | 1 +
8 files changed, 30 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cassandra/blob/6c0a4626/CHANGES.txt
----------------------------------------------------------------------
diff --git a/CHANGES.txt b/CHANGES.txt
index c5c505a..e3b25b5 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
2.2.0-beta1
+ * Add a flag in cassandra.yaml to enable UDFs (CASSANDRA-9404)
* Better support of null for UDF (CASSANDRA-8374)
* Use ecj instead of javassist for UDFs (CASSANDRA-8241)
* faster async logback configuration for tests (CASSANDRA-9376)
http://git-wip-us.apache.org/repos/asf/cassandra/blob/6c0a4626/NEWS.txt
----------------------------------------------------------------------
diff --git a/NEWS.txt b/NEWS.txt
index 9d56841..c9d36ad 100644
--- a/NEWS.txt
+++ b/NEWS.txt
@@ -48,6 +48,12 @@ New features
directory.
- Support for user-defined functions and user-defined aggregates have
been added to CQL.
+ ************************************************************************
+ IMPORTANT NOTE: user-defined functions can be used to execute
+ arbitrary and possibly evil code in Cassandra 2.2-beta1.
+ To enable UDFs edit cassandra.yaml and set enable_user_defined_functions
+ to true. CASSANDRA-9402 will add a security manager for UDFs.
+ ************************************************************************
- Row-cache is now fully off-heap.
- jemalloc is now automatically preloaded and used on Linux and OS-X if
installed.
http://git-wip-us.apache.org/repos/asf/cassandra/blob/6c0a4626/conf/cassandra.yaml
----------------------------------------------------------------------
diff --git a/conf/cassandra.yaml b/conf/cassandra.yaml
index 5033a8d..fb103fa 100644
--- a/conf/cassandra.yaml
+++ b/conf/cassandra.yaml
@@ -843,3 +843,8 @@ inter_dc_tcp_nodelay: false
# TTL for different trace types used during logging of the repair process.
tracetype_query_ttl: 86400
tracetype_repair_ttl: 604800
+
+# UDFs (user defined functions) are disabled by default.
+# As of Cassandra 2.2-beta1, there is no security manager or anything else in place that
+# prevents execution of evil code. CASSANDRA-9402 will fix this issue for Cassandra 2.2-rc1.
+enable_user_defined_functions: false
http://git-wip-us.apache.org/repos/asf/cassandra/blob/6c0a4626/src/java/org/apache/cassandra/config/Config.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/config/Config.java b/src/java/org/apache/cassandra/config/Config.java
index 2ede76e..269f577 100644
--- a/src/java/org/apache/cassandra/config/Config.java
+++ b/src/java/org/apache/cassandra/config/Config.java
@@ -259,6 +259,8 @@ public class Config
public static final int otc_coalescing_window_us_default = 200;
public int otc_coalescing_window_us = otc_coalescing_window_us_default;
+ public boolean enable_user_defined_functions = false;
+
public static boolean getOutboundBindAny()
{
return outboundBindAny;
http://git-wip-us.apache.org/repos/asf/cassandra/blob/6c0a4626/src/java/org/apache/cassandra/config/DatabaseDescriptor.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/config/DatabaseDescriptor.java b/src/java/org/apache/cassandra/config/DatabaseDescriptor.java
index b5c5fb4..ad6b117 100644
--- a/src/java/org/apache/cassandra/config/DatabaseDescriptor.java
+++ b/src/java/org/apache/cassandra/config/DatabaseDescriptor.java
@@ -1683,4 +1683,9 @@ public class DatabaseDescriptor
{
return conf.otc_coalescing_window_us;
}
+
+ public static boolean enableUserDefinedFunctions()
+ {
+ return conf.enable_user_defined_functions;
+ }
}
http://git-wip-us.apache.org/repos/asf/cassandra/blob/6c0a4626/src/java/org/apache/cassandra/cql3/functions/UDFunction.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/cql3/functions/UDFunction.java b/src/java/org/apache/cassandra/cql3/functions/UDFunction.java
index 873a1f2..a01f08f 100644
--- a/src/java/org/apache/cassandra/cql3/functions/UDFunction.java
+++ b/src/java/org/apache/cassandra/cql3/functions/UDFunction.java
@@ -27,6 +27,7 @@ import org.slf4j.LoggerFactory;
import com.datastax.driver.core.DataType;
import com.datastax.driver.core.ProtocolVersion;
import com.datastax.driver.core.UserType;
+import org.apache.cassandra.config.DatabaseDescriptor;
import org.apache.cassandra.config.KSMetaData;
import org.apache.cassandra.config.Schema;
import org.apache.cassandra.cql3.*;
@@ -92,6 +93,9 @@ public abstract class UDFunction extends AbstractFunction implements ScalarFunct
String body)
throws InvalidRequestException
{
+ if (!DatabaseDescriptor.enableUserDefinedFunctions())
+ throw new InvalidRequestException("User-defined-functions are disabled in cassandra.yaml - set enable_user_defined_functions=true to enable if you are aware of the security risks");
+
switch (language)
{
case "java": return JavaSourceUDFFactory.buildUDF(name, argNames, argTypes, returnType, calledOnNullInput, body);
@@ -131,6 +135,9 @@ public abstract class UDFunction extends AbstractFunction implements ScalarFunct
public final ByteBuffer execute(int protocolVersion, List<ByteBuffer> parameters) throws InvalidRequestException
{
+ if (!DatabaseDescriptor.enableUserDefinedFunctions())
+ throw new InvalidRequestException("User-defined-functions are disabled in cassandra.yaml - set enable_user_defined_functions=true to enable if you are aware of the security risks");
+
if (!isCallableWrtNullable(parameters))
return null;
return executeUserDefined(protocolVersion, parameters);
http://git-wip-us.apache.org/repos/asf/cassandra/blob/6c0a4626/src/java/org/apache/cassandra/cql3/statements/CreateFunctionStatement.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/cql3/statements/CreateFunctionStatement.java b/src/java/org/apache/cassandra/cql3/statements/CreateFunctionStatement.java
index 3cef6e4..4ceecba 100644
--- a/src/java/org/apache/cassandra/cql3/statements/CreateFunctionStatement.java
+++ b/src/java/org/apache/cassandra/cql3/statements/CreateFunctionStatement.java
@@ -130,6 +130,9 @@ public final class CreateFunctionStatement extends SchemaAlteringStatement
public void validate(ClientState state) throws InvalidRequestException
{
+ if (!DatabaseDescriptor.enableUserDefinedFunctions())
+ throw new InvalidRequestException("User-defined-functions are disabled in cassandra.yaml - set enable_user_defined_functions=true to enable if you are aware of the security risks");
+
if (ifNotExists && orReplace)
throw new InvalidRequestException("Cannot use both 'OR REPLACE' and 'IF NOT EXISTS' directives");
http://git-wip-us.apache.org/repos/asf/cassandra/blob/6c0a4626/test/conf/cassandra.yaml
----------------------------------------------------------------------
diff --git a/test/conf/cassandra.yaml b/test/conf/cassandra.yaml
index f419fbd..3d3de84 100644
--- a/test/conf/cassandra.yaml
+++ b/test/conf/cassandra.yaml
@@ -38,3 +38,4 @@ concurrent_compactors: 4
compaction_throughput_mb_per_sec: 0
row_cache_class_name: org.apache.cassandra.cache.OHCProvider
row_cache_size_in_mb: 16
+enable_user_defined_functions: true
[2/3] cassandra git commit: Add a flag in cassandra.yaml to enable
UDFs
Posted by sn...@apache.org.
Add a flag in cassandra.yaml to enable UDFs
patch by Robert Stupp; reviewed by Aleksey Yeschenko for CASSANDRA-9404
Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo
Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/6c0a4626
Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/6c0a4626
Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/6c0a4626
Branch: refs/heads/trunk
Commit: 6c0a4626249af927077bed552533eac2e3ed16a8
Parents: 63f5967
Author: Robert Stupp <sn...@snazy.de>
Authored: Fri May 15 22:01:38 2015 +0200
Committer: Robert Stupp <sn...@snazy.de>
Committed: Fri May 15 22:01:38 2015 +0200
----------------------------------------------------------------------
CHANGES.txt | 1 +
NEWS.txt | 6 ++++++
conf/cassandra.yaml | 5 +++++
src/java/org/apache/cassandra/config/Config.java | 2 ++
src/java/org/apache/cassandra/config/DatabaseDescriptor.java | 5 +++++
src/java/org/apache/cassandra/cql3/functions/UDFunction.java | 7 +++++++
.../cassandra/cql3/statements/CreateFunctionStatement.java | 3 +++
test/conf/cassandra.yaml | 1 +
8 files changed, 30 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cassandra/blob/6c0a4626/CHANGES.txt
----------------------------------------------------------------------
diff --git a/CHANGES.txt b/CHANGES.txt
index c5c505a..e3b25b5 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
2.2.0-beta1
+ * Add a flag in cassandra.yaml to enable UDFs (CASSANDRA-9404)
* Better support of null for UDF (CASSANDRA-8374)
* Use ecj instead of javassist for UDFs (CASSANDRA-8241)
* faster async logback configuration for tests (CASSANDRA-9376)
http://git-wip-us.apache.org/repos/asf/cassandra/blob/6c0a4626/NEWS.txt
----------------------------------------------------------------------
diff --git a/NEWS.txt b/NEWS.txt
index 9d56841..c9d36ad 100644
--- a/NEWS.txt
+++ b/NEWS.txt
@@ -48,6 +48,12 @@ New features
directory.
- Support for user-defined functions and user-defined aggregates have
been added to CQL.
+ ************************************************************************
+ IMPORTANT NOTE: user-defined functions can be used to execute
+ arbitrary and possibly evil code in Cassandra 2.2-beta1.
+ To enable UDFs edit cassandra.yaml and set enable_user_defined_functions
+ to true. CASSANDRA-9402 will add a security manager for UDFs.
+ ************************************************************************
- Row-cache is now fully off-heap.
- jemalloc is now automatically preloaded and used on Linux and OS-X if
installed.
http://git-wip-us.apache.org/repos/asf/cassandra/blob/6c0a4626/conf/cassandra.yaml
----------------------------------------------------------------------
diff --git a/conf/cassandra.yaml b/conf/cassandra.yaml
index 5033a8d..fb103fa 100644
--- a/conf/cassandra.yaml
+++ b/conf/cassandra.yaml
@@ -843,3 +843,8 @@ inter_dc_tcp_nodelay: false
# TTL for different trace types used during logging of the repair process.
tracetype_query_ttl: 86400
tracetype_repair_ttl: 604800
+
+# UDFs (user defined functions) are disabled by default.
+# As of Cassandra 2.2-beta1, there is no security manager or anything else in place that
+# prevents execution of evil code. CASSANDRA-9402 will fix this issue for Cassandra 2.2-rc1.
+enable_user_defined_functions: false
http://git-wip-us.apache.org/repos/asf/cassandra/blob/6c0a4626/src/java/org/apache/cassandra/config/Config.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/config/Config.java b/src/java/org/apache/cassandra/config/Config.java
index 2ede76e..269f577 100644
--- a/src/java/org/apache/cassandra/config/Config.java
+++ b/src/java/org/apache/cassandra/config/Config.java
@@ -259,6 +259,8 @@ public class Config
public static final int otc_coalescing_window_us_default = 200;
public int otc_coalescing_window_us = otc_coalescing_window_us_default;
+ public boolean enable_user_defined_functions = false;
+
public static boolean getOutboundBindAny()
{
return outboundBindAny;
http://git-wip-us.apache.org/repos/asf/cassandra/blob/6c0a4626/src/java/org/apache/cassandra/config/DatabaseDescriptor.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/config/DatabaseDescriptor.java b/src/java/org/apache/cassandra/config/DatabaseDescriptor.java
index b5c5fb4..ad6b117 100644
--- a/src/java/org/apache/cassandra/config/DatabaseDescriptor.java
+++ b/src/java/org/apache/cassandra/config/DatabaseDescriptor.java
@@ -1683,4 +1683,9 @@ public class DatabaseDescriptor
{
return conf.otc_coalescing_window_us;
}
+
+ public static boolean enableUserDefinedFunctions()
+ {
+ return conf.enable_user_defined_functions;
+ }
}
http://git-wip-us.apache.org/repos/asf/cassandra/blob/6c0a4626/src/java/org/apache/cassandra/cql3/functions/UDFunction.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/cql3/functions/UDFunction.java b/src/java/org/apache/cassandra/cql3/functions/UDFunction.java
index 873a1f2..a01f08f 100644
--- a/src/java/org/apache/cassandra/cql3/functions/UDFunction.java
+++ b/src/java/org/apache/cassandra/cql3/functions/UDFunction.java
@@ -27,6 +27,7 @@ import org.slf4j.LoggerFactory;
import com.datastax.driver.core.DataType;
import com.datastax.driver.core.ProtocolVersion;
import com.datastax.driver.core.UserType;
+import org.apache.cassandra.config.DatabaseDescriptor;
import org.apache.cassandra.config.KSMetaData;
import org.apache.cassandra.config.Schema;
import org.apache.cassandra.cql3.*;
@@ -92,6 +93,9 @@ public abstract class UDFunction extends AbstractFunction implements ScalarFunct
String body)
throws InvalidRequestException
{
+ if (!DatabaseDescriptor.enableUserDefinedFunctions())
+ throw new InvalidRequestException("User-defined-functions are disabled in cassandra.yaml - set enable_user_defined_functions=true to enable if you are aware of the security risks");
+
switch (language)
{
case "java": return JavaSourceUDFFactory.buildUDF(name, argNames, argTypes, returnType, calledOnNullInput, body);
@@ -131,6 +135,9 @@ public abstract class UDFunction extends AbstractFunction implements ScalarFunct
public final ByteBuffer execute(int protocolVersion, List<ByteBuffer> parameters) throws InvalidRequestException
{
+ if (!DatabaseDescriptor.enableUserDefinedFunctions())
+ throw new InvalidRequestException("User-defined-functions are disabled in cassandra.yaml - set enable_user_defined_functions=true to enable if you are aware of the security risks");
+
if (!isCallableWrtNullable(parameters))
return null;
return executeUserDefined(protocolVersion, parameters);
http://git-wip-us.apache.org/repos/asf/cassandra/blob/6c0a4626/src/java/org/apache/cassandra/cql3/statements/CreateFunctionStatement.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/cql3/statements/CreateFunctionStatement.java b/src/java/org/apache/cassandra/cql3/statements/CreateFunctionStatement.java
index 3cef6e4..4ceecba 100644
--- a/src/java/org/apache/cassandra/cql3/statements/CreateFunctionStatement.java
+++ b/src/java/org/apache/cassandra/cql3/statements/CreateFunctionStatement.java
@@ -130,6 +130,9 @@ public final class CreateFunctionStatement extends SchemaAlteringStatement
public void validate(ClientState state) throws InvalidRequestException
{
+ if (!DatabaseDescriptor.enableUserDefinedFunctions())
+ throw new InvalidRequestException("User-defined-functions are disabled in cassandra.yaml - set enable_user_defined_functions=true to enable if you are aware of the security risks");
+
if (ifNotExists && orReplace)
throw new InvalidRequestException("Cannot use both 'OR REPLACE' and 'IF NOT EXISTS' directives");
http://git-wip-us.apache.org/repos/asf/cassandra/blob/6c0a4626/test/conf/cassandra.yaml
----------------------------------------------------------------------
diff --git a/test/conf/cassandra.yaml b/test/conf/cassandra.yaml
index f419fbd..3d3de84 100644
--- a/test/conf/cassandra.yaml
+++ b/test/conf/cassandra.yaml
@@ -38,3 +38,4 @@ concurrent_compactors: 4
compaction_throughput_mb_per_sec: 0
row_cache_class_name: org.apache.cassandra.cache.OHCProvider
row_cache_size_in_mb: 16
+enable_user_defined_functions: true
[3/3] cassandra git commit: Merge branch 'cassandra-2.2' into trunk
Posted by sn...@apache.org.
Merge branch 'cassandra-2.2' into trunk
Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo
Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/ce0a25fa
Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/ce0a25fa
Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/ce0a25fa
Branch: refs/heads/trunk
Commit: ce0a25fa118307fdb929660ec93f39451519ce70
Parents: f58a447 6c0a462
Author: Robert Stupp <sn...@snazy.de>
Authored: Fri May 15 22:02:57 2015 +0200
Committer: Robert Stupp <sn...@snazy.de>
Committed: Fri May 15 22:02:57 2015 +0200
----------------------------------------------------------------------
CHANGES.txt | 1 +
NEWS.txt | 6 ++++++
conf/cassandra.yaml | 5 +++++
src/java/org/apache/cassandra/config/Config.java | 2 ++
src/java/org/apache/cassandra/config/DatabaseDescriptor.java | 5 +++++
src/java/org/apache/cassandra/cql3/functions/UDFunction.java | 7 +++++++
.../cassandra/cql3/statements/CreateFunctionStatement.java | 3 +++
test/conf/cassandra.yaml | 1 +
8 files changed, 30 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cassandra/blob/ce0a25fa/CHANGES.txt
----------------------------------------------------------------------
diff --cc CHANGES.txt
index c08d322,e3b25b5..2350e62
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@@ -1,4 -1,5 +1,5 @@@
-2.2.0-beta1
+2.2
+ * Add a flag in cassandra.yaml to enable UDFs (CASSANDRA-9404)
* Better support of null for UDF (CASSANDRA-8374)
* Use ecj instead of javassist for UDFs (CASSANDRA-8241)
* faster async logback configuration for tests (CASSANDRA-9376)