commit 66ce31ae82ce4439cc597dc4326f263960ce0514 Author: Vihang Karajgaonkar Date: Fri Mar 24 17:22:20 2017 -0700 HIVE-16297 : Redact configuration entries before dumping diff --git a/common/src/java/org/apache/hadoop/hive/conf/HiveConfUtil.java b/common/src/java/org/apache/hadoop/hive/conf/HiveConfUtil.java index 9ba08e532613311853fb1122e756d63f6991b96c..9e4c7eb1b431aa4e936bd1e3b15d660f8b902a8a 100644 --- a/common/src/java/org/apache/hadoop/hive/conf/HiveConfUtil.java +++ b/common/src/java/org/apache/hadoop/hive/conf/HiveConfUtil.java @@ -45,6 +45,7 @@ public class HiveConfUtil { private static final String CLASS_NAME = HiveConfUtil.class.getName(); private static final Log LOG = LogFactory.getLog(CLASS_NAME); + public static final String HIVE_CONF_REDACTED_PROPERTY_VALUE = "***REDACTED***"; /** * Check if metastore is being used in embedded mode. * This utility function exists so that the logic for determining the mode is same @@ -99,6 +100,24 @@ public static void stripConfigurations(Configuration conf, Set hiddenSet } } + /** + * This util method creates a copy of the given config object and redacts the hidden config + * entries.It replaces any entry provided in hive.conf.hidden.list and replaces its value with a + * redacted string. + * + * @param conf + */ + public static Configuration redactConfigurations(Configuration originalConf) { + Configuration conf = new Configuration(originalConf); + Set hiddenSet = getHiddenSet(conf); + for (String name : hiddenSet) { + if (conf.get(name) != null) { + conf.set(name, HIVE_CONF_REDACTED_PROPERTY_VALUE); + } + } + return conf; + } + public static void dumpConfig(Configuration originalConf, StringBuilder sb) { Set hiddenSet = getHiddenSet(originalConf); sb.append("Values omitted for security reason if present: ").append(hiddenSet).append("\n"); diff --git a/common/src/java/org/apache/hive/http/ConfServlet.java b/common/src/java/org/apache/hive/http/ConfServlet.java index 253df4f2d62e5f2397f76a50adf2fb6980873866..9fac1bdc619faed8edebcec9e29d2962cf439db5 100644 --- a/common/src/java/org/apache/hive/http/ConfServlet.java +++ b/common/src/java/org/apache/hive/http/ConfServlet.java @@ -26,6 +26,7 @@ import javax.servlet.http.HttpServletResponse; import org.apache.hadoop.conf.Configuration; +import org.apache.hadoop.hive.conf.HiveConfUtil; /** * A servlet to print out the running configuration data. @@ -83,7 +84,7 @@ public void doGet(HttpServletRequest request, HttpServletResponse response) static void writeResponse(Configuration conf, Writer out, String format) throws IOException, BadFormatException { if (FORMAT_JSON.equals(format)) { - Configuration.dumpConfiguration(conf, out); + Configuration.dumpConfiguration(HiveConfUtil.redactConfigurations(conf), out); } else if (FORMAT_XML.equals(format)) { conf.writeXml(out); } else { diff --git a/common/src/test/org/apache/hadoop/hive/conf/TestHiveConf.java b/common/src/test/org/apache/hadoop/hive/conf/TestHiveConf.java index fa51ef64291336453b38f237bca56bd944f2d949..af5bc2e94c0f89463a1aec604f46b6736e118a85 100644 --- a/common/src/test/org/apache/hadoop/hive/conf/TestHiveConf.java +++ b/common/src/test/org/apache/hadoop/hive/conf/TestHiveConf.java @@ -141,6 +141,26 @@ public void testHiddenConfig() throws Exception { } @Test + public void testRedactedConfigs() throws Exception { + HiveConf conf = new HiveConf(); + final String s3key = "fs.s3a.secret.key"; + final String metastorePwd = "testPassword"; + conf.set(HiveConf.ConfVars.METASTOREPWD.varname, metastorePwd); + // check password configs are hidden + Assert.assertTrue(conf.isHiddenConfig(HiveConf.ConfVars.METASTOREPWD.varname)); + Assert.assertTrue(conf.isHiddenConfig(s3key)); + + //check s3key is not set in the config + Assert.assertNull(conf.get(s3key)); + Configuration conf2 = HiveConfUtil.redactConfigurations(conf); + //hidden configs which are set should be redacted + Assert.assertEquals(HiveConfUtil.HIVE_CONF_REDACTED_PROPERTY_VALUE, + conf2.get(HiveConf.ConfVars.METASTOREPWD.varname)); + // Configs should be redacted only when they are present in the original conf + Assert.assertNull(conf2.get(s3key)); + } + + @Test public void testSparkConfigUpdate(){ HiveConf conf = new HiveConf(); Assert.assertFalse(conf.getSparkConfigUpdated()); diff --git a/ql/src/java/org/apache/hadoop/hive/ql/exec/FileSinkOperator.java b/ql/src/java/org/apache/hadoop/hive/ql/exec/FileSinkOperator.java index a9d03d060adeaa5cad6bef48a63c048f23819d01..3a8d7e70e4be96497db9e4b488817e1e4e138b5f 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/exec/FileSinkOperator.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/exec/FileSinkOperator.java @@ -26,6 +26,7 @@ import org.apache.hadoop.hive.common.FileUtils; import org.apache.hadoop.hive.common.StatsSetupConst; import org.apache.hadoop.hive.conf.HiveConf; +import org.apache.hadoop.hive.conf.HiveConfUtil; import org.apache.hadoop.hive.conf.HiveConf.ConfVars; import org.apache.hadoop.hive.ql.CompilationOpContext; import org.apache.hadoop.hive.ql.ErrorMsg; @@ -466,7 +467,8 @@ private void logOutputFormatError(Configuration hconf, HiveException ex) { StringWriter errorWriter = new StringWriter(); errorWriter.append("Failed to create output format; configuration: "); try { - Configuration.dumpConfiguration(hconf, errorWriter); + //redact sensitive information before logging + Configuration.dumpConfiguration(HiveConfUtil.redactConfigurations(hconf), errorWriter); } catch (IOException ex2) { errorWriter.append("{ failed to dump configuration: " + ex2.getMessage() + " }"); } diff --git a/ql/src/java/org/apache/hadoop/hive/ql/exec/spark/RemoteHiveSparkClient.java b/ql/src/java/org/apache/hadoop/hive/ql/exec/spark/RemoteHiveSparkClient.java index 4c698994e7e970811f68c4123a2eacd1ce158a10..ea5953e3c6ef323ada922b3cf4de0f93f9ff9dde 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/exec/spark/RemoteHiveSparkClient.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/exec/spark/RemoteHiveSparkClient.java @@ -358,7 +358,9 @@ private void logConfigurations(JobConf localJobConf) { LOG.info("Logging job configuration: "); StringWriter outWriter = new StringWriter(); try { - Configuration.dumpConfiguration(localJobConf, outWriter); + // redact sensitive information before logging + Configuration.dumpConfiguration(HiveConfUtil.redactConfigurations(localJobConf), + outWriter); } catch (IOException e) { LOG.warn("Error logging job configuration", e); }