Alexey Serbin has uploaded a new change for review. http://gerrit.cloudera.org:8080/5930
Change subject: WIP [security] tailored TokenSigner for system catalog ...................................................................... WIP [security] tailored TokenSigner for system catalog Updated the TokenSigner class in preparation to loading public part of token signing keys from the system catalog. The expected use-case for the TokenSigner is calling AddTokenSigningPublicKey() multiple times while loading public part of TSKs from the system catalog and subsequent call of Init(). That's the sequence to be exercised by a master server upon becoming a leader. It's possible to run this sequence multiple times on the same instance of TokenSigner, generating new signing keys only when already existing signing keys are about to expire. Also, the TokenSigner class now embeds the logic to rotate its signing key on Init(), if necessary. Change-Id: Ie2417e2ccba6a1114db366b2f642f95362bf479c --- M src/kudu/security/token-test.cc M src/kudu/security/token_signer.cc M src/kudu/security/token_signer.h M src/kudu/security/token_signing_key.cc M src/kudu/security/token_signing_key.h 5 files changed, 293 insertions(+), 48 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/30/5930/1 -- To view, visit http://gerrit.cloudera.org:8080/5930 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ie2417e2ccba6a1114db366b2f642f95362bf479c Gerrit-PatchSet: 1 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Alexey Serbin <[email protected]>
