sha174n commented on PR #40673: URL: https://github.com/apache/superset/pull/40673#issuecomment-4699237416
Really clean implementation: the migration chains correctly off the current merge-head, the `catalogs.py` `lazyload` fix is a nice catch, and the authorized-key parsing is robust. One design point worth resolving before merge, plus a small doc fix. **Verification runs on a separate connection from the tunnel.** `_verify_host_key` opens its own socket/`Transport`, checks `get_remote_server_key()`, then closes it; `create_tunnel` then calls `sshtunnel.open_tunnel(...)`, which opens a fresh, unverified connection. That stops a naive always-on MITM (it can't pass the probe without the real host key), but two gaps remain for a feature whose goal is MITM resistance: - **DNS re-resolution:** `server_address` is resolved independently for the probe and for the tunnel, so a hostname can verify against IP-A and then tunnel to IP-B. - **Selective interception:** an in-path party can let the probe through and intercept only the tunnel connection. Closing both means verifying the key on the connection that actually carries the tunnel: after `open_tunnel`, read the forwarder's own transport key and tear down on mismatch. The test would then assert against the tunnel's transport rather than a probe. **Minor:** the PR description's migration details look stale. It says revision `a1b2c3d4e5f6` / down `33d7e0e21daa`, but the actual file is `78a40c08b4be` off `b7c9d1e2f3a4` (and `a1b2c3d4e5f6` is already a merged 2026-03-02 migration, so the description reads like a collision even though the file itself is correct). Worth syncing the body to the file. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
