Hello Kudu Jenkins,
I'd like you to reexamine a change. Please visit
http://gerrit.cloudera.org:8080/6514
to look at the new patch set (#22).
Change subject: KUDU-1875: Refuse unauthenticated connections from publicly
routable IP addrs
......................................................................
KUDU-1875: Refuse unauthenticated connections from publicly routable
IP addrs
This rejects unauthenticated connections from publicly routable IPs,
even if authentication and encryption are not configured.
An adavance flag 'trusted_subnets', a trusted subnet whitelist.
All unauthenticated or unencrypted connections are prohibited
except these from the specified subnets and local subnets of
all local network interfaces. Set the flag to '0.0.0.0/0' can
completely disable this restriction. However network access is
not otherwise restricted by a firewall, malicious users may be
able to gain unauthorized access.
Change-Id: I6c3fbb5491785874c5701d6c9d866949cfac905e
---
M src/kudu/rpc/negotiation-test.cc
M src/kudu/rpc/server_negotiation.cc
M src/kudu/rpc/server_negotiation.h
M src/kudu/util/net/net_util-test.cc
M src/kudu/util/net/net_util.cc
M src/kudu/util/net/net_util.h
M src/kudu/util/net/sockaddr.cc
M src/kudu/util/net/sockaddr.h
M src/kudu/util/net/socket.h
9 files changed, 288 insertions(+), 3 deletions(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/14/6514/22
--
To view, visit http://gerrit.cloudera.org:8080/6514
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I6c3fbb5491785874c5701d6c9d866949cfac905e
Gerrit-PatchSet: 22
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-Owner: Hao Hao <hao....@cloudera.com>
Gerrit-Reviewer: Alexey Serbin <aser...@cloudera.com>
Gerrit-Reviewer: Dan Burkert <danburk...@apache.org>
Gerrit-Reviewer: Hao Hao <hao....@cloudera.com>
Gerrit-Reviewer: Harsh J <ha...@harshj.com>
Gerrit-Reviewer: Kudu Jenkins
Gerrit-Reviewer: Tidy Bot
Gerrit-Reviewer: Todd Lipcon <t...@apache.org>
