nsivarajan opened a new pull request, #63918:
URL: https://github.com/apache/doris/pull/63918
### What problem does this PR solve?
Issue Number: close #xxx
Related PR: #xxx
**Problem Summary:**
When Doris FE is configured with `enable_https=true` and `http_port=0`
(HTTPS-only hardened deployment), the BE's `SmallFileMgr` fails to download
small files (SSL certificates, UDF jars, Kerberos keytabs) from the FE master.
`SmallFileMgr` is the only BE→FE path that uses HTTP rather than
Thrift/RPC. It downloads files via `/api/get_small_file` using a hardcoded
`http://` scheme. When the FE disables HTTP (`http_port=0`), this connection is
refused and the
download fails — breaking features that depend on small files, such as
Routine Load with Kafka SSL certificates.
### What is changed and how does it work?
`_download_file()` in `small_file_mgr.cpp` now tries HTTP first
(preserving zero-overhead behavior for existing HTTP deployments), then falls
back to HTTPS if HTTP fails. The HTTPS attempt uses `use_untrusted_ssl()` which
skips TLS certificate chain verification.
This is safe for two reasons:
1. This is internal cluster traffic on a private network (FE master → BE).
2. Every downloaded file is independently verified via MD5 checksum after
download, making it computationally infeasible for a tampered file to pass
undetected.
Note: A companion FE PR is needed for the complete fix. The FE
`HeartbeatMgr` must send `https_port` (not `http_port`) to BEs when
`enable_https=true`, so that `master_fe_http_port` contains the correct port
for both the HTTP and HTTPS attempts. Without the FE change #60921 , this BE
change is safe (no regression) . With both PRs merged, the full end-to-end fix
is complete.
### Release note
None
### Check List (For Author)
- Test <!-- At least one of them must be included. -->
- [ ] Regression test
- [ ] Unit Test
- [ ] Manual test (add detailed scripts or steps below)
- [ ] No need to test or manual test. Explain why:
- [ ] This is a refactor/code format and no logic has been changed.
- [ ] Previous test can cover this change.
- [ ] No code files have been changed.
- [ ] Other reason <!-- Add your reason? -->
- Behavior changed:
- [ ] No.
- [ ] Yes. <!-- Explain the behavior change -->
- Does this need documentation?
- [ ] No.
- [ ] Yes. <!-- Add document PR link here. eg:
https://github.com/apache/doris-website/pull/1214 -->
### Check List (For Reviewer who merge this PR)
- [ ] Confirm the release note
- [ ] Confirm test cases
- [ ] Confirm document
- [ ] Add branch pick label <!-- Add branch pick label that this PR should
merge into -->
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
