Repository: kudu Updated Branches: refs/heads/master 5759a08d3 -> c5ec0ddb0
[macOS] fix security test failures Change-Id: I5c4d464edc09f41151f95ad2f0e694f2bc00b0f0 Reviewed-on: http://gerrit.cloudera.org:8080/6346 Tested-by: Kudu Jenkins Reviewed-by: Alexey Serbin <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/kudu/repo Commit: http://git-wip-us.apache.org/repos/asf/kudu/commit/c5ec0ddb Tree: http://git-wip-us.apache.org/repos/asf/kudu/tree/c5ec0ddb Diff: http://git-wip-us.apache.org/repos/asf/kudu/diff/c5ec0ddb Branch: refs/heads/master Commit: c5ec0ddb01da87de4a037a4879a4ef92c434930f Parents: 5759a08 Author: Dan Burkert <[email protected]> Authored: Fri Mar 10 12:46:18 2017 -0800 Committer: Dan Burkert <[email protected]> Committed: Fri Mar 10 21:56:19 2017 +0000 ---------------------------------------------------------------------- src/kudu/rpc/client_negotiation.cc | 2 +- src/kudu/rpc/connection.cc | 2 +- src/kudu/rpc/rpc-test.cc | 8 +++++++- src/kudu/security/init.cc | 28 ++++------------------------ 4 files changed, 13 insertions(+), 27 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/kudu/blob/c5ec0ddb/src/kudu/rpc/client_negotiation.cc ---------------------------------------------------------------------- diff --git a/src/kudu/rpc/client_negotiation.cc b/src/kudu/rpc/client_negotiation.cc index 1a8906f..35bafd6 100644 --- a/src/kudu/rpc/client_negotiation.cc +++ b/src/kudu/rpc/client_negotiation.cc @@ -527,7 +527,7 @@ Status ClientNegotiation::AuthenticateByToken(faststring* recv_buf) { } Status ClientNegotiation::SendSaslInitiate() { - TRACE("Initiating SASL $0 handshake", negotiated_mech_); + TRACE("Initiating SASL $0 handshake", SaslMechanism::name_of(negotiated_mech_)); // At this point we've already chosen the SASL mechanism to use // (negotiated_mech_), but we need to let the SASL library know. SASL likes to http://git-wip-us.apache.org/repos/asf/kudu/blob/c5ec0ddb/src/kudu/rpc/connection.cc ---------------------------------------------------------------------- diff --git a/src/kudu/rpc/connection.cc b/src/kudu/rpc/connection.cc index 809abe5..66aecd2 100644 --- a/src/kudu/rpc/connection.cc +++ b/src/kudu/rpc/connection.cc @@ -143,7 +143,7 @@ void Connection::Shutdown(const Status &status) { if (inbound_ && inbound_->TransferStarted()) { double secs_since_active = (reactor_thread_->cur_time() - last_activity_time_).ToSeconds(); - LOG(WARNING) << "Shutting down connection " << ToString() << " with pending inbound data (" + LOG(WARNING) << "Shutting down " << ToString() << " with pending inbound data (" << inbound_->StatusAsString() << ", last active " << HumanReadableElapsedTime::ToShortString(secs_since_active) << " ago, status=" << status.ToString() << ")"; http://git-wip-us.apache.org/repos/asf/kudu/blob/c5ec0ddb/src/kudu/rpc/rpc-test.cc ---------------------------------------------------------------------- diff --git a/src/kudu/rpc/rpc-test.cc b/src/kudu/rpc/rpc-test.cc index d707a50..f1b9a3a 100644 --- a/src/kudu/rpc/rpc-test.cc +++ b/src/kudu/rpc/rpc-test.cc @@ -337,7 +337,13 @@ TEST_P(TestRpc, TestRpcSidecarLimits) { request, &resp, &controller); ASSERT_TRUE(status.IsNetworkError()) << "Unexpected error: " << status.ToString(); // Remote responds to extra-large payloads by closing the connection. - ASSERT_STR_CONTAINS(status.ToString(), "Connection reset by peer"); + ASSERT_STR_MATCHES(status.ToString(), + // Linux + "Connection reset by peer" + // macOS, while reading from socket. + "|got EOF from remote" + // macOS, while writing to socket. + "|Protocol wrong type for socket"); } } http://git-wip-us.apache.org/repos/asf/kudu/blob/c5ec0ddb/src/kudu/security/init.cc ---------------------------------------------------------------------- diff --git a/src/kudu/security/init.cc b/src/kudu/security/init.cc index fb27f40..294a96b 100644 --- a/src/kudu/security/init.cc +++ b/src/kudu/security/init.cc @@ -364,29 +364,6 @@ Status GetConfiguredPrincipal(string* principal) { *principal = p; return Status::OK(); } - -// macOS's Heimdal library has a no-op implementation of -// krb5_aname_to_localname, so instead this does a crude approximation by -// grabbing the username from the principal. -#ifdef __APPLE__ -// Grabs the username from a krb5 principal, and writes it to the provided -// buffer with a null terminator. -krb5_error_code principal_to_username(krb5_const_principal princ, - int len, - char* buf) { - if (princ->length == 0) { - return KRB5_LNAME_NOTRANS; - } - auto username = princ->data[0]; - if (username.length + 1 > len) { - return KRB5_CONFIG_NOTENUFSPACE; - } - // Copy username and a trailing null byte. - memcpy(buf, username.data, username.length); - username.data[username.length + 1] = 0; - return 0; -} -#endif } // anonymous namespace @@ -420,7 +397,10 @@ Status MapPrincipalToLocalName(const std::string& principal, std::string* local_ #ifndef __APPLE__ rc = krb5_aname_to_localname(g_krb5_ctx, princ, arraysize(buf), buf); #else - rc = principal_to_username(princ, arraysize(buf), buf); + // macOS's Heimdal library has a no-op implementation of + // krb5_aname_to_localname, so instead we fall down to below and grab the + // first component of the principal. + rc = KRB5_LNAME_NOTRANS; #endif if (rc == KRB5_LNAME_NOTRANS) { // No name mapping specified. We fall back to simply taking the first component
