Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 7F9FE200C22 for ; Tue, 7 Feb 2017 00:22:39 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 7E1CA160B62; Mon, 6 Feb 2017 23:22:39 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id D9A4D160B56 for ; Tue, 7 Feb 2017 00:22:37 +0100 (CET) Received: (qmail 28656 invoked by uid 500); 6 Feb 2017 23:22:37 -0000 Mailing-List: contact commits-help@kudu.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@kudu.apache.org Delivered-To: mailing list commits@kudu.apache.org Received: (qmail 28647 invoked by uid 99); 6 Feb 2017 23:22:37 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 06 Feb 2017 23:22:37 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id E718BDFCA3; Mon, 6 Feb 2017 23:22:36 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: danburkert@apache.org To: commits@kudu.apache.org Message-Id: <5bed463cbb5b4e0fb6201d1dd021db99@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: kudu git commit: Rename SaslAuth to SaslMechanism Date: Mon, 6 Feb 2017 23:22:36 +0000 (UTC) archived-at: Mon, 06 Feb 2017 23:22:39 -0000 Repository: kudu Updated Branches: refs/heads/master aa90fc02c -> d47c13872 Rename SaslAuth to SaslMechanism As part of the recent RPC negotiation changes the role of this message changed slightly, and the new name is more indicative of its purpose. Change-Id: I1e4750825812b31229516a7c71ac308056ca15c8 Reviewed-on: http://gerrit.cloudera.org:8080/5913 Reviewed-by: Todd Lipcon Tested-by: Kudu Jenkins Project: http://git-wip-us.apache.org/repos/asf/kudu/repo Commit: http://git-wip-us.apache.org/repos/asf/kudu/commit/d47c1387 Tree: http://git-wip-us.apache.org/repos/asf/kudu/tree/d47c1387 Diff: http://git-wip-us.apache.org/repos/asf/kudu/diff/d47c1387 Branch: refs/heads/master Commit: d47c13872061e66924c6d9033df59638fe5ceea0 Parents: aa90fc0 Author: Dan Burkert Authored: Fri Feb 3 19:38:19 2017 -0800 Committer: Dan Burkert Committed: Mon Feb 6 23:22:23 2017 +0000 ---------------------------------------------------------------------- docs/design-docs/rpc.md | 14 +++++++------- .../org/apache/kudu/client/SecureRpcHelper.java | 9 ++++----- src/kudu/rpc/client_negotiation.cc | 8 +++----- src/kudu/rpc/rpc_header.proto | 8 ++++---- src/kudu/rpc/server_negotiation.cc | 18 +++++++++--------- 5 files changed, 27 insertions(+), 30 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/kudu/blob/d47c1387/docs/design-docs/rpc.md ---------------------------------------------------------------------- diff --git a/docs/design-docs/rpc.md b/docs/design-docs/rpc.md index 6c2c598..23d697a 100644 --- a/docs/design-docs/rpc.md +++ b/docs/design-docs/rpc.md @@ -393,13 +393,13 @@ Client Server | +----NegotiatePB-----------------------------+ | | | step = NEGOTIATE | | | | supported_features = | ----------------------> | - | | auths = | | + | | mechanisms = | | | +--------------------------------------------+ | | | | +----NegotiatePB-----------------------------+ | | | step = NEGOTIATE | | | <---------------------- | supported_features = | | - | | auths = | | + | | mechanisms = | | | +--------------------------------------------+ | ``` @@ -463,11 +463,11 @@ client, respectively, may occur depending on the mechanism. ``` Client Server | | - | +----NegotiatePB----------------+ | - | | step = SASL_INITIATE | | - | | auths[0] = | -----------------------------------> | - | | token = | | - | +-------------------------------+ | + | +----NegotiatePB---------------------+ | + | | step = SASL_INITIATE | | + | | mechanisms[0] = | ------------------------------> | + | | token = | | + | +------------------------------------+ | | | | <...SASL_INITIATE is followed by 0 or more SASL_CHALLENGE + | | SASL_RESPONSE steps...> | http://git-wip-us.apache.org/repos/asf/kudu/blob/d47c1387/java/kudu-client/src/main/java/org/apache/kudu/client/SecureRpcHelper.java ---------------------------------------------------------------------- diff --git a/java/kudu-client/src/main/java/org/apache/kudu/client/SecureRpcHelper.java b/java/kudu-client/src/main/java/org/apache/kudu/client/SecureRpcHelper.java index 0ec6547..23bc35d 100644 --- a/java/kudu-client/src/main/java/org/apache/kudu/client/SecureRpcHelper.java +++ b/java/kudu-client/src/main/java/org/apache/kudu/client/SecureRpcHelper.java @@ -202,10 +202,9 @@ public class SecureRpcHelper { } - private void handleNegotiateResponse(Channel chan, RpcHeader.NegotiatePB response) throws - SaslException { - RpcHeader.NegotiatePB.SaslAuth negotiatedAuth = null; - for (RpcHeader.NegotiatePB.SaslAuth auth : response.getAuthsList()) { + private void handleNegotiateResponse(Channel chan, RpcHeader.NegotiatePB response) throws SaslException { + RpcHeader.NegotiatePB.SaslMechanism negotiatedAuth = null; + for (RpcHeader.NegotiatePB.SaslMechanism auth : response.getSaslMechanismsList()) { negotiatedAuth = auth; } @@ -227,7 +226,7 @@ public class SecureRpcHelper { builder.setToken(ZeroCopyLiteralByteString.wrap(saslToken)); } builder.setStep(RpcHeader.NegotiatePB.NegotiateStep.SASL_INITIATE); - builder.addAuths(negotiatedAuth); + builder.addSaslMechanisms(negotiatedAuth); sendSaslMessage(chan, builder.build()); } http://git-wip-us.apache.org/repos/asf/kudu/blob/d47c1387/src/kudu/rpc/client_negotiation.cc ---------------------------------------------------------------------- diff --git a/src/kudu/rpc/client_negotiation.cc b/src/kudu/rpc/client_negotiation.cc index 3d32e14..bb1bfb2 100644 --- a/src/kudu/rpc/client_negotiation.cc +++ b/src/kudu/rpc/client_negotiation.cc @@ -329,13 +329,11 @@ Status ClientNegotiation::HandleNegotiate(const NegotiatePB& response) { // Build a map of the SASL mechanisms offered by the server. const set& client_mechs = helper_.EnabledMechs(); set server_mechs; - map server_mech_map; - for (const NegotiatePB::SaslAuth& auth : response.auths()) { - auto mech = SaslMechanism::value_of(auth.mechanism()); + for (const NegotiatePB::SaslMechanism& sasl_mech : response.sasl_mechanisms()) { + auto mech = SaslMechanism::value_of(sasl_mech.mechanism()); if (mech == SaslMechanism::INVALID) { continue; } - server_mech_map[mech] = auth; server_mechs.insert(mech); } @@ -468,7 +466,7 @@ Status ClientNegotiation::SendSaslInitiate() { NegotiatePB msg; msg.set_step(NegotiatePB::SASL_INITIATE); msg.mutable_token()->assign(init_msg, init_msg_len); - msg.add_auths()->set_mechanism(negotiated_mech); + msg.add_sasl_mechanisms()->set_mechanism(negotiated_mech); return SendNegotiatePB(msg); } http://git-wip-us.apache.org/repos/asf/kudu/blob/d47c1387/src/kudu/rpc/rpc_header.proto ---------------------------------------------------------------------- diff --git a/src/kudu/rpc/rpc_header.proto b/src/kudu/rpc/rpc_header.proto index 5bc628d..3159688 100644 --- a/src/kudu/rpc/rpc_header.proto +++ b/src/kudu/rpc/rpc_header.proto @@ -88,13 +88,13 @@ message NegotiatePB { TLS_HANDSHAKE = 5; } - message SaslAuth { + message SaslMechanism { // The SASL mechanism, i.e. 'PLAIN' or 'GSSAPI'. required string mechanism = 2; // Deprecated: no longer used. - optional string DEPRECATED_method = 1; - optional bytes DEPRECATED_challenge = 5 [(REDACT) = true]; + // optional string method = 1; + // optional bytes challenge = 5 [(REDACT) = true]; } // When the client sends its NEGOTIATE step message, it sends its set of @@ -127,7 +127,7 @@ message NegotiatePB { // During the NEGOTIATE step, contains the supported SASL mechanisms. // During the SASL_INITIATE step, contains the single chosen SASL mechanism. - repeated SaslAuth auths = 4; + repeated SaslMechanism sasl_mechanisms = 4; } message RemoteMethodPB { http://git-wip-us.apache.org/repos/asf/kudu/blob/d47c1387/src/kudu/rpc/server_negotiation.cc ---------------------------------------------------------------------- diff --git a/src/kudu/rpc/server_negotiation.cc b/src/kudu/rpc/server_negotiation.cc index 6f5c118..d52eb75 100644 --- a/src/kudu/rpc/server_negotiation.cc +++ b/src/kudu/rpc/server_negotiation.cc @@ -356,8 +356,8 @@ Status ServerNegotiation::SendNegotiate(const set& server_m NegotiatePB response; response.set_step(NegotiatePB::NEGOTIATE); - for (auto mech : server_mechs) { - response.add_auths()->set_mechanism(SaslMechanism::name_of(mech)); + for (auto mechanism : server_mechs) { + response.add_sasl_mechanisms()->set_mechanism(SaslMechanism::name_of(mechanism)); } // Tell the client which features we support. @@ -421,18 +421,18 @@ Status ServerNegotiation::HandleSaslInitiate(const NegotiatePB& request) { } TRACE("Received SASL_INITIATE request from client"); - if (request.auths_size() != 1) { + if (request.sasl_mechanisms_size() != 1) { Status s = Status::NotAuthorized( - "SASL_INITIATE request must include exactly one SaslAuth section, found", - std::to_string(request.auths_size())); + "SASL_INITIATE request must include exactly one SASL mechanism, found", + std::to_string(request.sasl_mechanisms_size())); RETURN_NOT_OK(SendError(ErrorStatusPB::FATAL_UNAUTHORIZED, s)); return s; } - const NegotiatePB::SaslAuth& auth = request.auths(0); - TRACE("Client requested to use mechanism: $0", auth.mechanism()); + const string& mechanism = request.sasl_mechanisms(0).mechanism(); + TRACE("Client requested to use mechanism: $0", mechanism); - negotiated_mech_ = SaslMechanism::value_of(auth.mechanism()); + negotiated_mech_ = SaslMechanism::value_of(mechanism); // If we are speaking TLS and the negotiated mechanism is GSSAPI (Kerberos), // configure SASL to use integrity protection so that the channel bindings @@ -448,7 +448,7 @@ Status ServerNegotiation::HandleSaslInitiate(const NegotiatePB& request) { Status s = WrapSaslCall(sasl_conn_.get(), [&]() { return sasl_server_start( sasl_conn_.get(), // The SASL connection context created by init() - auth.mechanism().c_str(), // The mechanism requested by the client. + mechanism.c_str(), // The mechanism requested by the client. request.token().c_str(), // Optional string the client gave us. request.token().length(), // Client string len. &server_out, // The output of the SASL library, might not be NULL terminated