kaysoky commented on a change in pull request #324: MESOS-9499 extended URI
syntax to support any Zookeeper authentication schemes
URL: https://github.com/apache/mesos/pull/324#discussion_r247638473
##########
File path: include/mesos/zookeeper/url.hpp
##########
@@ -101,16 +102,35 @@ inline Try<URL> URL::parse(const std::string& url)
// Look for the trailing '@' (if any), that's where servers starts.
size_t index = s.find_last_of('@');
- if (index != std::string::npos) {
- return URL(s.substr(0, index), s.substr(index + 1), path);
- } else {
+ if (index == std::string::npos)
return URL(s, path);
+
+ std::string servers = s.substr(index + 1);
+ std::string auth = s.substr(0, index);
+
+ size_t schemeDelimiter = auth.find_first_of('!');
+
+ // If there is not '!' in URL scheme is "digest" and everything before '@'
is credentials
+ std::string scheme = "digest";
+ std::string credentials = auth;
Review comment:
Adding the authentication scheme into this location gives us a small-ish
patch, but has downsides:
- The addition of an exclamation mark delimiter invalidates the URI schema,
according to https://tools.ietf.org/html/rfc1034#section-3.5 . Only letters,
digits, and dashes are allowed in a "host" field. If we (Mesos) ever change
our URI parsing logic, we would need to rip out this code.
- Zookeeper's pluggable system does not seem to limit the characters in an
authentication scheme (as far as I know). If a plugin's scheme has an `@` in
the name for whatever reason, the URI parsing logic here would fail
spectacularly 😈 .
My recommendation is to add an optional master/agent flag which specifies
the ZK authentication scheme.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
