You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@couchdb.apache.org by rn...@apache.org on 2023/10/05 14:01:15 UTC

[couchdb] branch send-original-cookie-format updated (f7bb6f467 -> 1a6613b8c)

This is an automated email from the ASF dual-hosted git repository.

rnewson pushed a change to branch send-original-cookie-format
in repository https://gitbox.apache.org/repos/asf/couchdb.git


    omit f7bb6f467 Send compatible AuthSession cookie when possible.
     add dca403dab mango: add unit tests for text cursor
     add d6d4ad979 mango: prevent occasional duplication of paginated `text` results
     add ce2607a5c mango: de-duplicate results on returning them in `nouveau`
     new 1a6613b8c Send compatible AuthSession cookie when possible.

This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version.  This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:

 * -- * -- B -- O -- O -- O   (f7bb6f467)
            \
             N -- N -- N   refs/heads/send-original-cookie-format (1a6613b8c)

You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.

Any revisions marked "omit" are not gone; other references still
refer to them.  Any revisions marked "discard" are gone forever.

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 src/mango/src/mango_cursor_nouveau.erl   |  55 +-
 src/mango/src/mango_cursor_text.erl      | 893 ++++++++++++++++++++++++++++++-
 src/mango/test/24-text-paginated-test.py | 108 ++++
 src/mango/test/mango.py                  |  46 +-
 4 files changed, 1056 insertions(+), 46 deletions(-)
 create mode 100644 src/mango/test/24-text-paginated-test.py

[couchdb] 01/01: Send compatible AuthSession cookie when possible.

Posted by rn...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

rnewson pushed a commit to branch send-original-cookie-format
in repository https://gitbox.apache.org/repos/asf/couchdb.git

commit 1a6613b8c0cee77f5f153d606ca6900cf8e62201
Author: Robert Newson <rn...@apache.org>
AuthorDate: Thu Oct 5 10:06:05 2023 +0100

    Send compatible AuthSession cookie when possible.
    
    To smooth cluster upgrades, send the original format of AuthSession cookie if
    MustMatchBasic is false (i.e, when generating a Cookie from a successful
    cookie_auth_handler call).
    
    Prior to this (and after 50c69a0c68), during an upgrade, a cookie issued by
    the basic auth handler from an upgraded node will not be parseable by
    not-upgraded nodes.
    
    With this change a cookie issued by the cookie_auth_handler retains its
    original format. Only cookies issued by the default_auth_handler will
    be the new format.
    
    Relates to https://github.com/apache/couchdb/pull/4702
---
 src/couch/src/couch_httpd_auth.erl | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/src/couch/src/couch_httpd_auth.erl b/src/couch/src/couch_httpd_auth.erl
index c1e4c8e42..db3dfe045 100644
--- a/src/couch/src/couch_httpd_auth.erl
+++ b/src/couch/src/couch_httpd_auth.erl
@@ -460,16 +460,17 @@ cookie_auth_header(
 cookie_auth_header(_Req, _Headers) ->
     [].
 
-cookie_auth_cookie(Req, User, Secret, TimeStamp, MustMatchBasic) ->
-    MustMatchBasicStr =
-        case MustMatchBasic of
-            true -> "1";
-            false -> "0"
-        end,
+cookie_auth_cookie(Req, User, Secret, TimeStamp, true) ->
     SessionData = lists:join(":", [
         User,
-        lists:join(",", [erlang:integer_to_list(TimeStamp, 16), MustMatchBasicStr])
+        lists:join(",", [erlang:integer_to_list(TimeStamp, 16), "1"])
     ]),
+    cookie_auth_cookie(Req, Secret, SessionData);
+cookie_auth_cookie(Req, User, Secret, TimeStamp, false) ->
+    SessionData = ?b2l(User) ++ ":" ++ erlang:integer_to_list(TimeStamp, 16),
+    cookie_auth_cookie(Req, Secret, SessionData).
+
+cookie_auth_cookie(Req, Secret, SessionData) ->
     [HashAlgorithm | _] = couch_util:get_config_hash_algorithms(),
     Hash = couch_util:hmac(HashAlgorithm, Secret, SessionData),
     mochiweb_cookies:cookie(