[kudu-CR] WIP: [security] Negotiate authentication type during RPC setup

Mon, 13 Feb 2017 15:22:37 -0800 

Hello Todd Lipcon, Alexey Serbin,

I'd like you to do a code review.  Please visit

    http://gerrit.cloudera.org:8080/5988

to review the following change.

Change subject: WIP: [security] Negotiate authentication type during RPC setup
......................................................................

WIP: [security] Negotiate authentication type during RPC setup

This commit introduces the concept of an authentication type to the RPC
negotiation sequence. The current valid authentication types are SASL,
CERTIFICATE, and TOKEN. Early in the negotiation sequence the client and
server decide on an authentication type to use for the connection based
on the mutually supported capabilities. If either side does not support
the new authentication negotiation, the connection automatically falls
back to SASL authentication in order to maintain backwards
compatibility.

WIP: still a few TODO's to touch up and tests to write.  Want to get the
review out ASAP because it's touching some areas in common with Alexey's
work.

Change-Id: I8ed9a1a474990dbfe9b71173adffdec95ec02b6c
---
M src/kudu/master/master.proto
M src/kudu/rpc/CMakeLists.txt
M src/kudu/rpc/client_negotiation.cc
M src/kudu/rpc/client_negotiation.h
M src/kudu/rpc/messenger.cc
M src/kudu/rpc/messenger.h
M src/kudu/rpc/negotiation-test.cc
M src/kudu/rpc/negotiation.cc
M src/kudu/rpc/rpc_header.proto
M src/kudu/rpc/sasl_common.h
M src/kudu/rpc/server_negotiation.cc
M src/kudu/rpc/server_negotiation.h
M src/kudu/server/server_base.h
M src/kudu/tserver/heartbeater.cc
14 files changed, 382 insertions(+), 85 deletions(-)


  git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/88/5988/1
-- 
To view, visit http://gerrit.cloudera.org:8080/5988
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I8ed9a1a474990dbfe9b71173adffdec95ec02b6c
Gerrit-PatchSet: 1
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-Owner: Dan Burkert <danburk...@apache.org>
Gerrit-Reviewer: Alexey Serbin <aser...@cloudera.com>
Gerrit-Reviewer: Todd Lipcon <t...@apache.org>

Reply via email to