Todd Lipcon has submitted this change and it was merged. Change subject: [security] tailored TokenSigner for system catalog ......................................................................
[security] tailored TokenSigner for system catalog Updated the TokenSigner class in preparation for loading/storing TSKs (Token Signing Keys) in system catalog. The expected use-case for the TokenSigner is calling ImportKey() on elected-as-leader callback with entries loaded from the system catalog table, and then calling CheckNeedKey()/AddKey(), TryRotateKey() sequence. Further down the road, it's necessary to call the CheckNeedKey()/AddKey(), TryRotateKey() sequence periodically to generate and activate new TSKs. Change-Id: Ie2417e2ccba6a1114db366b2f642f95362bf479c Reviewed-on: http://gerrit.cloudera.org:8080/5930 Tested-by: Kudu Jenkins Reviewed-by: Todd Lipcon <[email protected]> Reviewed-by: Dan Burkert <[email protected]> --- M src/kudu/master/CMakeLists.txt D src/kudu/master/authn_token_manager.cc D src/kudu/master/authn_token_manager.h M src/kudu/master/master-test.cc M src/kudu/master/master.cc M src/kudu/master/master.h M src/kudu/master/master_service.cc M src/kudu/rpc/negotiation-test.cc M src/kudu/security/token-test.cc M src/kudu/security/token.proto M src/kudu/security/token_signer.cc M src/kudu/security/token_signer.h M src/kudu/security/token_signing_key.cc M src/kudu/security/token_signing_key.h M src/kudu/security/token_verifier.cc M src/kudu/security/token_verifier.h M src/kudu/tserver/heartbeater.cc 17 files changed, 801 insertions(+), 334 deletions(-) Approvals: Dan Burkert: Looks good to me, approved Todd Lipcon: Looks good to me, approved Kudu Jenkins: Verified -- To view, visit http://gerrit.cloudera.org:8080/5930 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: merged Gerrit-Change-Id: Ie2417e2ccba6a1114db366b2f642f95362bf479c Gerrit-PatchSet: 20 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Tidy Bot Gerrit-Reviewer: Todd Lipcon <[email protected]>
