Hello Todd Lipcon, Alexey Serbin, I'd like you to do a code review. Please visit
http://gerrit.cloudera.org:8080/5988 to review the following change. Change subject: WIP: [security] Negotiate authentication type during RPC setup ...................................................................... WIP: [security] Negotiate authentication type during RPC setup This commit introduces the concept of an authentication type to the RPC negotiation sequence. The current valid authentication types are SASL, CERTIFICATE, and TOKEN. Early in the negotiation sequence the client and server decide on an authentication type to use for the connection based on the mutually supported capabilities. If either side does not support the new authentication negotiation, the connection automatically falls back to SASL authentication in order to maintain backwards compatibility. WIP: still a few TODO's to touch up and tests to write. Want to get the review out ASAP because it's touching some areas in common with Alexey's work. Change-Id: I8ed9a1a474990dbfe9b71173adffdec95ec02b6c --- M src/kudu/master/master.proto M src/kudu/rpc/CMakeLists.txt M src/kudu/rpc/client_negotiation.cc M src/kudu/rpc/client_negotiation.h M src/kudu/rpc/messenger.cc M src/kudu/rpc/messenger.h M src/kudu/rpc/negotiation-test.cc M src/kudu/rpc/negotiation.cc M src/kudu/rpc/rpc_header.proto M src/kudu/rpc/sasl_common.h M src/kudu/rpc/server_negotiation.cc M src/kudu/rpc/server_negotiation.h M src/kudu/server/server_base.h M src/kudu/tserver/heartbeater.cc 14 files changed, 382 insertions(+), 85 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/88/5988/1 -- To view, visit http://gerrit.cloudera.org:8080/5988 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I8ed9a1a474990dbfe9b71173adffdec95ec02b6c Gerrit-PatchSet: 1 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Dan Burkert <danburk...@apache.org> Gerrit-Reviewer: Alexey Serbin <aser...@cloudera.com> Gerrit-Reviewer: Todd Lipcon <t...@apache.org>