You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@kudu.apache.org by "Todd Lipcon (Jira)" <ji...@apache.org> on 2019/11/01 05:12:00 UTC

[jira] [Created] (KUDU-2989) SASL server fails when FQDN is greater than 63 characters long

Todd Lipcon created KUDU-2989:
---------------------------------

             Summary: SASL server fails when FQDN is greater than 63 characters long
                 Key: KUDU-2989
                 URL: https://issues.apache.org/jira/browse/KUDU-2989
             Project: Kudu
          Issue Type: Bug
          Components: rpc, security
    Affects Versions: 1.10.0
            Reporter: Todd Lipcon


Currently, on the server side, Kudu doesn't explicitly pass the host's FQDN into the SASL library. Due to an upstream SASL bug (https://github.com/cyrusimap/cyrus-sasl/issues/583) the FQDN gets truncated when trying to determine the server's principal, in the case that the server's fQDN is longer than 64 characters.

This results in startup failures where the preflight checks fail due to not finding the appropriate keytab entry (after searching for a truncated host name)

To work around this, we should use our own code to compute the FQDN.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)