You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Noble Paul (JIRA)" <ji...@apache.org> on 2015/04/05 07:40:33 UTC
[jira] [Resolved] (SOLR-7126) Secure loading of runtime external
jars
[ https://issues.apache.org/jira/browse/SOLR-7126?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Noble Paul resolved SOLR-7126.
------------------------------
Resolution: Fixed
I'm unable to spot a jenkins failure in the past 100 runs . May be it was a false alarm
> Secure loading of runtime external jars
> ---------------------------------------
>
> Key: SOLR-7126
> URL: https://issues.apache.org/jira/browse/SOLR-7126
> Project: Solr
> Issue Type: Sub-task
> Reporter: Noble Paul
> Assignee: Noble Paul
> Priority: Blocker
> Labels: security
> Fix For: Trunk, 5.1
>
> Attachments: SOLR-7126.patch, SOLR-7126.patch, SOLR-7126.patch
>
>
> We need to ensure that the jars loaded into solr are trusted
> We shall use simple PKI to protect the jars/config loaded into the system
> The following are the steps involved for doing that.
> {noformat}
> #Step 1:
> # generate a 768-bit RSA private key. or whaterver strength you would need
> $ openssl genrsa -out priv_key.pem 768
> # store your private keys safely (with a password if possible)
> # output public key portion in DER format (so that Java can read it)
> $ openssl rsa -in priv_key.pem -pubout -outform DER -out pub_key.der
> #Step 2:
> #Load the .DER files to ZK under /keys/exe
> Step3:
> # start all your servers with -Denable.runtime.lib=true
> Step 4:
> # sign the sha1 digest of your jar with one of your private keys and get the base64 string of that signature .
> $ openssl dgst -sha1 -sign priv_key.pem myjar.jar | openssl enc -base64
> #Step 5:
> # load your jars into blob store . refer SOLR-6787
> #Step 6:
> # use the command to add your jar to classpath as follows
> {noformat}
> {code}
> curl http://localhost:8983/solr/collection1/config -H 'Content-type:application/json' -d '{
> "add-runtimelib" : {"name": "jarname" , "version":2 , "sig":"mW1Gwtz2QazjfVdrLFHfbGwcr8xzFYgUOLu68LHqWRDvLG0uLcy1McQ+AzVmeZFBf1yLPDEHBWJb5KXr8bdbHN/PYgUB1nsr9pk4EFyD9KfJ8TqeH/ijQ9waa/vjqyiKEI9U550EtSzruLVZ32wJ7smvV0fj2YYhrUaaPzOn9g0=" }// output of step 4. concatenate the lines
> }'
> {code}
> sig is the extra parameter that is nothing but the base64 encoded value of the jar's sha1 signature
> If no keys are present , the jar is loaded without any checking.
> Before loading a jar from blob store , each Solr node would check if there are keys present in the keys directory. If yes, each jar's signature will be verified with all the available public keys. If atleast one succeeds , the jar is loaded into memory. If nothing succeeds , it will be rejected
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org