You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@kudu.apache.org by "Dan Burkert (Code Review)" <ge...@cloudera.org> on 2017/03/03 21:51:28 UTC
[kudu-CR] KUDU-1897: disable Kerberos replay cache
Dan Burkert has uploaded a new change for review.
http://gerrit.cloudera.org:8080/6254
Change subject: KUDU-1897: disable Kerberos replay cache
......................................................................
KUDU-1897: disable Kerberos replay cache
Also provides an initial cut of an RPC negotiation benchmark / stress
tester.
Change-Id: Ifbce55a0b12682fdf69e7b2c361c6336495db64d
---
M src/kudu/rpc/CMakeLists.txt
A src/kudu/rpc/rpc-negotiation-bench.cc
M src/kudu/security/init.cc
3 files changed, 277 insertions(+), 1 deletion(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/54/6254/1
--
To view, visit http://gerrit.cloudera.org:8080/6254
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ifbce55a0b12682fdf69e7b2c361c6336495db64d
Gerrit-PatchSet: 1
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-Owner: Dan Burkert <da...@apache.org>
[kudu-CR] KUDU-1897: disable Kerberos replay cache
Posted by "Dan Burkert (Code Review)" <ge...@cloudera.org>.
Dan Burkert has uploaded a new patch set (#2).
Change subject: KUDU-1897: disable Kerberos replay cache
......................................................................
KUDU-1897: disable Kerberos replay cache
Also provides an initial cut of an RPC negotiation benchmark / stress
tester.
Change-Id: Ifbce55a0b12682fdf69e7b2c361c6336495db64d
---
M src/kudu/rpc/CMakeLists.txt
A src/kudu/rpc/rpc-negotiation-bench.cc
M src/kudu/security/init.cc
3 files changed, 270 insertions(+), 1 deletion(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/54/6254/2
--
To view, visit http://gerrit.cloudera.org:8080/6254
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-MessageType: newpatchset
Gerrit-Change-Id: Ifbce55a0b12682fdf69e7b2c361c6336495db64d
Gerrit-PatchSet: 2
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-Owner: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Kudu Jenkins
Gerrit-Reviewer: Tidy Bot
Gerrit-Reviewer: Todd Lipcon <to...@apache.org>
[kudu-CR] KUDU-1897: disable Kerberos replay cache
Posted by "Dan Burkert (Code Review)" <ge...@cloudera.org>.
Hello Kudu Jenkins,
I'd like you to reexamine a change. Please visit
http://gerrit.cloudera.org:8080/6254
to look at the new patch set (#3).
Change subject: KUDU-1897: disable Kerberos replay cache
......................................................................
KUDU-1897: disable Kerberos replay cache
Change-Id: Ifbce55a0b12682fdf69e7b2c361c6336495db64d
---
M src/kudu/security/init.cc
1 file changed, 6 insertions(+), 0 deletions(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/54/6254/3
--
To view, visit http://gerrit.cloudera.org:8080/6254
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-MessageType: newpatchset
Gerrit-Change-Id: Ifbce55a0b12682fdf69e7b2c361c6336495db64d
Gerrit-PatchSet: 3
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-Owner: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Kudu Jenkins
Gerrit-Reviewer: Tidy Bot
Gerrit-Reviewer: Todd Lipcon <to...@apache.org>
[kudu-CR] KUDU-1897: disable Kerberos replay cache
Posted by "Todd Lipcon (Code Review)" <ge...@cloudera.org>.
Todd Lipcon has posted comments on this change.
Change subject: KUDU-1897: disable Kerberos replay cache
......................................................................
Patch Set 3: Code-Review+2
--
To view, visit http://gerrit.cloudera.org:8080/6254
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: Ifbce55a0b12682fdf69e7b2c361c6336495db64d
Gerrit-PatchSet: 3
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-Owner: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Kudu Jenkins
Gerrit-Reviewer: Tidy Bot
Gerrit-Reviewer: Todd Lipcon <to...@apache.org>
Gerrit-HasComments: No
[kudu-CR] KUDU-1897: disable Kerberos replay cache
Posted by "Alexey Serbin (Code Review)" <ge...@cloudera.org>.
Alexey Serbin has posted comments on this change.
Change subject: KUDU-1897: disable Kerberos replay cache
......................................................................
Patch Set 2:
(2 comments)
http://gerrit.cloudera.org:8080/#/c/6254/2/src/kudu/rpc/rpc-negotiation-bench.cc
File src/kudu/rpc/rpc-negotiation-bench.cc:
PS2, Line 130: StartTestServerWithGeneratedCode(&server_addr_)
Is it necessary to enable TLS support if running with TLS-enabled configuration?
PS2, Line 214: Acquire_Load(&should_run_)
Consider using atomic<bool> for should_run_ since atomic<int> is introduced for negotiation_count.
--
To view, visit http://gerrit.cloudera.org:8080/6254
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: Ifbce55a0b12682fdf69e7b2c361c6336495db64d
Gerrit-PatchSet: 2
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-Owner: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Kudu Jenkins
Gerrit-Reviewer: Tidy Bot
Gerrit-Reviewer: Todd Lipcon <to...@apache.org>
Gerrit-HasComments: Yes
[kudu-CR] KUDU-1897: disable Kerberos replay cache
Posted by "Alexey Serbin (Code Review)" <ge...@cloudera.org>.
Alexey Serbin has posted comments on this change.
Change subject: KUDU-1897: disable Kerberos replay cache
......................................................................
Patch Set 2:
(3 comments)
http://gerrit.cloudera.org:8080/#/c/6254/2/src/kudu/rpc/rpc-negotiation-bench.cc
File src/kudu/rpc/rpc-negotiation-bench.cc:
PS2, Line 148: friend class ClientThread;
: friend class ClientAsyncWorkload;
It seems these declaration are not needed.
PS2, Line 190:
nit: off-by-one shift
PS2, Line 198: authn_token = SignedTokenPB();
: security::TokenPB token;
: token.set_expire_unix_epoch_seconds(WallTime_Now() + validity / 2);
: token.mutable_authn()->set_username("client-token");
: ASSERT_TRUE(token.SerializeToString(authn_token->mutable_token_data()));
: ASSERT_OK(token_signer.SignToken(&authn_token.get()));
Consider replacing with:
SignedTokenPB authn_token;
ASSERT_OK(token_signer.GenerateAuthnToken("client-token", &authn_token));
--
To view, visit http://gerrit.cloudera.org:8080/6254
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: Ifbce55a0b12682fdf69e7b2c361c6336495db64d
Gerrit-PatchSet: 2
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-Owner: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Kudu Jenkins
Gerrit-Reviewer: Tidy Bot
Gerrit-Reviewer: Todd Lipcon <to...@apache.org>
Gerrit-HasComments: Yes
[kudu-CR] KUDU-1897: disable Kerberos replay cache
Posted by "Dan Burkert (Code Review)" <ge...@cloudera.org>.
Dan Burkert has submitted this change and it was merged.
Change subject: KUDU-1897: disable Kerberos replay cache
......................................................................
KUDU-1897: disable Kerberos replay cache
Change-Id: Ifbce55a0b12682fdf69e7b2c361c6336495db64d
Reviewed-on: http://gerrit.cloudera.org:8080/6254
Reviewed-by: Todd Lipcon <to...@apache.org>
Tested-by: Kudu Jenkins
---
M src/kudu/security/init.cc
1 file changed, 6 insertions(+), 0 deletions(-)
Approvals:
Todd Lipcon: Looks good to me, approved
Kudu Jenkins: Verified
--
To view, visit http://gerrit.cloudera.org:8080/6254
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Ifbce55a0b12682fdf69e7b2c361c6336495db64d
Gerrit-PatchSet: 4
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-Owner: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Kudu Jenkins
Gerrit-Reviewer: Tidy Bot
Gerrit-Reviewer: Todd Lipcon <to...@apache.org>
[kudu-CR] KUDU-1897: disable Kerberos replay cache
Posted by "Todd Lipcon (Code Review)" <ge...@cloudera.org>.
Todd Lipcon has posted comments on this change.
Change subject: KUDU-1897: disable Kerberos replay cache
......................................................................
Patch Set 2:
(1 comment)
http://gerrit.cloudera.org:8080/#/c/6254/2/src/kudu/rpc/rpc-negotiation-bench.cc
File src/kudu/rpc/rpc-negotiation-bench.cc:
PS2, Line 109: // Setup the KDC once. InitKerberosForServer uses global state, so it's easier
: // not to create a new KDC for every test case.
: void SetUp() override {
I think this still sets it up for every test case, doesn't it? maybe use static void SetUpTestCase?
--
To view, visit http://gerrit.cloudera.org:8080/6254
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: Ifbce55a0b12682fdf69e7b2c361c6336495db64d
Gerrit-PatchSet: 2
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-Owner: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Kudu Jenkins
Gerrit-Reviewer: Tidy Bot
Gerrit-Reviewer: Todd Lipcon <to...@apache.org>
Gerrit-HasComments: Yes
[kudu-CR] KUDU-1897: disable Kerberos replay cache
Posted by "Dan Burkert (Code Review)" <ge...@cloudera.org>.
Dan Burkert has posted comments on this change.
Change subject: KUDU-1897: disable Kerberos replay cache
......................................................................
Patch Set 1:
(4 comments)
http://gerrit.cloudera.org:8080/#/c/6254/1/src/kudu/rpc/rpc-negotiation-bench.cc
File src/kudu/rpc/rpc-negotiation-bench.cc:
Line 55: using std::bind;
> warning: using decl 'bind' is unused [misc-unused-using-decls]
Done
Line 56: using std::shared_ptr;
> warning: using decl 'shared_ptr' is unused [misc-unused-using-decls]
Done
Line 69: using kudu::security::TokenVerifier;
> warning: using decl 'TokenVerifier' is unused [misc-unused-using-decls]
Done
Line 121: // TODO: this initializes global state that will break if more than one test
> warning: missing username/bug in TODO [google-readability-todo]
Done
--
To view, visit http://gerrit.cloudera.org:8080/6254
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: Ifbce55a0b12682fdf69e7b2c361c6336495db64d
Gerrit-PatchSet: 1
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-Owner: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Dan Burkert <da...@apache.org>
Gerrit-Reviewer: Kudu Jenkins
Gerrit-Reviewer: Tidy Bot
Gerrit-Reviewer: Todd Lipcon <to...@apache.org>
Gerrit-HasComments: Yes