You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@mesos.apache.org by Greg Mann <gr...@mesosphere.io> on 2017/02/24 23:06:05 UTC
Review Request 57054: Fixed a bug in master and agent handler
authorization logic.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/57054/
-----------------------------------------------------------
Review request for mesos, Adam B, Alexander Rojas, Jan Schlicht, and Vinod Kone.
Bugs: MESOS-7003
https://issues.apache.org/jira/browse/MESOS-7003
Repository: mesos
Description
-------
This patch fixes a bug in which endpoint handlers would not
correctly handle the case in which authorization is enabled
when authentication is disabled. In this case, the handlers
would send a default-constructed `authorization::Subject` to
the authorizer, leading to an empty-string principal being
evaluated as the subject.
This patch updates the handlers to correctly send `NONE` as
the subject in this case.
Diffs
-----
src/master/http.cpp 6e5178eeea6cc6b90ae253840da22be13444b088
src/slave/http.cpp 94731ec883c309cefb811694dc4e39de12d1ac59
src/slave/slave.cpp fc480ae23ffa5cdeeb79b3621a08e1f8703bc01a
Diff: https://reviews.apache.org/r/57054/diff/
Testing
-------
Testing details can be found at the end of this patch chain.
Thanks,
Greg Mann
Re: Review Request 57054: Fixed a bug in master and agent handler
authorization logic.
Posted by Adam B <ad...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/57054/#review167660
-----------------------------------------------------------
Ship it!
Ship It!
- Adam B
On Feb. 27, 2017, 9:31 p.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/57054/
> -----------------------------------------------------------
>
> (Updated Feb. 27, 2017, 9:31 p.m.)
>
>
> Review request for mesos, Adam B, Alexander Rojas, Jan Schlicht, and Vinod Kone.
>
>
> Bugs: MESOS-7003
> https://issues.apache.org/jira/browse/MESOS-7003
>
>
> Repository: mesos
>
>
> Description
> -------
>
> This patch fixes a bug where endpoint handlers would not
> correctly handle the case in which authorization is enabled
> when authentication is disabled. In this case, the handlers
> would send a default-constructed `authorization::Subject` to
> the authorizer, leading to an empty-string principal being
> evaluated as the subject.
>
> This patch updates the handlers to correctly send `NONE` as
> the subject in this case.
>
>
> Diffs
> -----
>
> src/master/http.cpp 6e5178eeea6cc6b90ae253840da22be13444b088
> src/slave/http.cpp 94731ec883c309cefb811694dc4e39de12d1ac59
> src/slave/slave.cpp fc480ae23ffa5cdeeb79b3621a08e1f8703bc01a
>
>
> Diff: https://reviews.apache.org/r/57054/diff/1/
>
>
> Testing
> -------
>
> Testing details can be found at the end of this patch chain.
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 57054: Fixed a bug in master and agent handler
authorization logic.
Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/57054/
-----------------------------------------------------------
(Updated Feb. 28, 2017, 5:31 a.m.)
Review request for mesos, Adam B, Alexander Rojas, Jan Schlicht, and Vinod Kone.
Bugs: MESOS-7003
https://issues.apache.org/jira/browse/MESOS-7003
Repository: mesos
Description (updated)
-------
This patch fixes a bug where endpoint handlers would not
correctly handle the case in which authorization is enabled
when authentication is disabled. In this case, the handlers
would send a default-constructed `authorization::Subject` to
the authorizer, leading to an empty-string principal being
evaluated as the subject.
This patch updates the handlers to correctly send `NONE` as
the subject in this case.
Diffs
-----
src/master/http.cpp 6e5178eeea6cc6b90ae253840da22be13444b088
src/slave/http.cpp 94731ec883c309cefb811694dc4e39de12d1ac59
src/slave/slave.cpp fc480ae23ffa5cdeeb79b3621a08e1f8703bc01a
Diff: https://reviews.apache.org/r/57054/diff/
Testing
-------
Testing details can be found at the end of this patch chain.
Thanks,
Greg Mann
Re: Review Request 57054: Fixed a bug in master and agent handler
authorization logic.
Posted by Vinod Kone <vi...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/57054/#review166780
-----------------------------------------------------------
Ship it!
Ship It!
- Vinod Kone
On Feb. 24, 2017, 11:06 p.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/57054/
> -----------------------------------------------------------
>
> (Updated Feb. 24, 2017, 11:06 p.m.)
>
>
> Review request for mesos, Adam B, Alexander Rojas, Jan Schlicht, and Vinod Kone.
>
>
> Bugs: MESOS-7003
> https://issues.apache.org/jira/browse/MESOS-7003
>
>
> Repository: mesos
>
>
> Description
> -------
>
> This patch fixes a bug in which endpoint handlers would not
> correctly handle the case in which authorization is enabled
> when authentication is disabled. In this case, the handlers
> would send a default-constructed `authorization::Subject` to
> the authorizer, leading to an empty-string principal being
> evaluated as the subject.
>
> This patch updates the handlers to correctly send `NONE` as
> the subject in this case.
>
>
> Diffs
> -----
>
> src/master/http.cpp 6e5178eeea6cc6b90ae253840da22be13444b088
> src/slave/http.cpp 94731ec883c309cefb811694dc4e39de12d1ac59
> src/slave/slave.cpp fc480ae23ffa5cdeeb79b3621a08e1f8703bc01a
>
> Diff: https://reviews.apache.org/r/57054/diff/
>
>
> Testing
> -------
>
> Testing details can be found at the end of this patch chain.
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 57054: Fixed a bug in master and agent handler
authorization logic.
Posted by Alexander Rojas <al...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/57054/#review166866
-----------------------------------------------------------
Ship it!
Thanks for taking care of this!
- Alexander Rojas
On Feb. 25, 2017, 12:06 a.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/57054/
> -----------------------------------------------------------
>
> (Updated Feb. 25, 2017, 12:06 a.m.)
>
>
> Review request for mesos, Adam B, Alexander Rojas, Jan Schlicht, and Vinod Kone.
>
>
> Bugs: MESOS-7003
> https://issues.apache.org/jira/browse/MESOS-7003
>
>
> Repository: mesos
>
>
> Description
> -------
>
> This patch fixes a bug in which endpoint handlers would not
> correctly handle the case in which authorization is enabled
> when authentication is disabled. In this case, the handlers
> would send a default-constructed `authorization::Subject` to
> the authorizer, leading to an empty-string principal being
> evaluated as the subject.
>
> This patch updates the handlers to correctly send `NONE` as
> the subject in this case.
>
>
> Diffs
> -----
>
> src/master/http.cpp 6e5178eeea6cc6b90ae253840da22be13444b088
> src/slave/http.cpp 94731ec883c309cefb811694dc4e39de12d1ac59
> src/slave/slave.cpp fc480ae23ffa5cdeeb79b3621a08e1f8703bc01a
>
> Diff: https://reviews.apache.org/r/57054/diff/
>
>
> Testing
> -------
>
> Testing details can be found at the end of this patch chain.
>
>
> Thanks,
>
> Greg Mann
>
>