Todd Lipcon has posted comments on this change. Change subject: rpc: support GSSAPI authentication ......................................................................
Patch Set 3: (4 comments) http://gerrit.cloudera.org:8080/#/c/4763/3/src/kudu/rpc/sasl_rpc-test.cc File src/kudu/rpc/sasl_rpc-test.cc: PS3, Line 196: CHECK > ASSERT_TRUE() hear and below instead of CHECK() ? No can do -- gtest isn't thread safe for assertions, so have to use CHECK from these secondary threads :( http://gerrit.cloudera.org:8080/#/c/4763/3/src/kudu/security/mini_kdc-test.cc File src/kudu/security/mini_kdc-test.cc: Line 62: CHECK_EQ(0, krb5_cc_default(ctx, &ccache)); > As discussed on Slack, this is failing on OS X. Trying to remember, did we just decide to remove this? I think so but want to double check. http://gerrit.cloudera.org:8080/#/c/4763/3/src/kudu/security/mini_kdc.cc File src/kudu/security/mini_kdc.cc: PS3, Line 329: if (!kdc_process_) { : return Status::IllegalState("KDC not started"); : } > So, it's necessary to set these after KDC has been started already? Are we hrm, I suppose it isn't strictly necessary, but it seems like it would be a likely bug if someone forgets to start the KDC, so would rather make it foolproof. Setting the env before starting the KDC means you'll just be pointing at non-existent conf files. Line 333: CHECK_ERR(setenv(p.first.c_str(), p.second.c_str(), 1 /*overrwrite*/)); oops, typo in this line. -- To view, visit http://gerrit.cloudera.org:8080/4763 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: I3c1b93045acd428ef3437597059c5106b03e25d0 Gerrit-PatchSet: 3 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Todd Lipcon <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Tidy Bot Gerrit-Reviewer: Todd Lipcon <[email protected]> Gerrit-HasComments: Yes
