You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@storm.apache.org by et...@apache.org on 2019/07/19 21:39:25 UTC

[storm] branch master updated: STORM-3470: fix null dereference in SimpleSaslServer authentication

This is an automated email from the ASF dual-hosted git repository.

ethanli pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/storm.git


The following commit(s) were added to refs/heads/master by this push:
     new f4bda6d  STORM-3470: fix null dereference in SimpleSaslServer authentication
     new 2576e38  Merge pull request #3088 from nescohen/fix/minor-ssasl-npe
f4bda6d is described below

commit f4bda6d6a41049d1e2dc6fdb617efb620cdf8b2e
Author: Nes Cohen <nc...@galois.com>
AuthorDate: Thu Jul 18 10:58:49 2019 -0700

    STORM-3470: fix null dereference in SimpleSaslServer authentication
---
 .../storm/security/auth/sasl/SimpleSaslServerCallbackHandler.java    | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/storm-client/src/jvm/org/apache/storm/security/auth/sasl/SimpleSaslServerCallbackHandler.java b/storm-client/src/jvm/org/apache/storm/security/auth/sasl/SimpleSaslServerCallbackHandler.java
index 2bb153f..5962eda 100644
--- a/storm-client/src/jvm/org/apache/storm/security/auth/sasl/SimpleSaslServerCallbackHandler.java
+++ b/storm-client/src/jvm/org/apache/storm/security/auth/sasl/SimpleSaslServerCallbackHandler.java
@@ -16,6 +16,7 @@ import java.io.IOException;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
+import java.util.Objects;
 import java.util.Optional;
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
@@ -178,9 +179,9 @@ public class SimpleSaslServerCallbackHandler implements CallbackHandler {
                 ac.setAuthorizedID(zid);
             }
 
-            //When zid and zid are not equal, nid is attempting to impersonate zid, We
+            //When nid and zid are not equal, nid is attempting to impersonate zid, We
             //add the nid as the real user in reqContext's subject which will be used during authorization.
-            if (!nid.equals(zid)) {
+            if (!Objects.equals(nid, zid)) {
                 LOG.info("Impersonation attempt  authenticationID = {} authorizationID = {}",
                          nid, zid);
                 if (!allowImpersonation) {