Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,395 Commits 15 Branches 491 Tags 148 MiB
Commit Graph

17395 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hitoshi Mitake
d1b1aa9dbe etcdserver: protect lease timetilive with auth 
Signed-off-by: Hitoshi Mitake <h.mitake@gmail.com>
Co-authored-by: Benjamin Wang <wachao@vmware.com>
 2023-05-08 22:45:38 +09:00
sharathsivakumar
c0f2954e9f
server: backport 15743, improved description of --initial-cluster-state flag 
Signed-off-by: sharathsivakumar <mailssr9@gmail.com>
 2023-04-25 08:02:39 +02:00
Marek Siarkowicz
217d183e5a version: bump up to 3.5.8 v3.5.8 tests/v3.5.8 etcdctl/v3.5.8 etcdutl/v3.5.8 server/v3.5.8 client/v3.5.8 client/v2.305.8 client/pkg/v3.5.8 raft/v3.5.8 pkg/v3.5.8 api/v3.5.8 2023-04-13 12:08:47 +02:00
Marek Siarkowicz
9d2cda4e44
Merge pull request #15676 from ahrtr/jwt_panic_3.5_20230410 
[3.5] etcdserver: verify field 'username' and 'revision' present when decoding a JWT token
 2023-04-11 12:21:50 +02:00
Marek Siarkowicz
3cd07fe17c
Merge pull request #15695 from ahrtr/3.5_request_progress_20230411 
[3.5] etcdserver: guarantee order of requested progress notifications
 2023-04-11 10:48:30 +02:00
Benjamin Wang
cd019255ba etcdserver: Guarantee order of requested progress notifications 
Progress notifications requested using ProgressRequest were sent
directly using the ctrlStream, which means that they could race
against watch responses in the watchStream.

This would especially happen when the stream was not synced - e.g. if
you requested a progress notification on a freshly created unsynced
watcher, the notification would typically arrive indicating a revision
for which not all watch responses had been sent.

This changes the behaviour so that v3rpc always goes through the watch
stream, using a new RequestProgressAll function that closely matches
the behaviour of the v3rpc code - i.e.

1. Generate a message with WatchId -1, indicating the revision for
   *all* watchers in the stream

2. Guarantee that a response is (eventually) sent

The latter might require us to defer the response until all watchers
are synced, which is likely as it should be. Note that we do *not*
guarantee that the number of progress notifications matches the number
of requests, only that eventually at least one gets sent.

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-11 09:51:48 +08:00
Benjamin Wang
643e6e1993 etcdserver: verify field 'username' and 'revision' present when decoding a JWT token 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-10 08:21:43 +08:00
Benjamin Wang
5872b80ed5
Merge pull request #15512 from engow/automated-cherry-pick-of-#15432-origin-release-3.5 
[3.5] server/auth: fix auth panic bug when user changes password
 2023-04-08 06:22:37 +08:00
Marek Siarkowicz
4501fd88c7
Merge pull request #15619 from mitake/3.5-backport-15294 
[3.5] backport 15294
 2023-04-07 17:47:23 +02:00
Marek Siarkowicz
7f4eef09a3
Merge pull request #15661 from ahrtr/backport_15447_20230407 
[3.5] etcdserver: set zap logging to wsproxy
 2023-04-07 10:56:46 +02:00
Benjamin Wang
b31caa3f12 set zap logging to wsproxy 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-07 13:33:39 +08:00
Benjamin Wang
b1df3df2b1
Merge pull request #15653 from mitake/3.5-backport-15648 
[3.5] backport 15648
 2023-04-06 20:41:20 +08:00
Benjamin Wang
e6c2e380a9 security: remove password after authenticating the user 
fix https://nvd.nist.gov/vuln/detail/CVE-2021-28235

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-06 20:12:02 +09:00
Benjamin Wang
291cb7172a test: add an e2e test to reproduce https://nvd.nist.gov/vuln/detail/CVE-2021-28235 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-06 20:11:20 +09:00
Benjamin Wang
070341c69f
Merge pull request #15651 from ahrtr/bump_go_20230406_3.5 
[3.5] bump golang to 1.19.8 to fix four CVEs
 2023-04-06 15:48:49 +08:00
Benjamin Wang
f905e2c264 bump golang to 1.19.8 
fix CVE https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8/m/OV40vnafAwAJ

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-06 14:27:40 +08:00
Hitoshi Mitake
e6eeca6885 server/auth: disallow creating empty permission ranges 
Signed-off-by: Hitoshi Mitake <h.mitake@gmail.com>
Co-authored-by: Benjamin Wang <wachao@vmware.com>
 2023-04-03 22:55:55 +09:00
Benjamin Wang
65635e426c
Merge pull request #15558 from fuweid/3.5-use-strict-mode-for-test 
[3.5] chore: enable strict mode for test CI
 2023-04-02 10:34:50 +08:00
Wei Fu
55bce22e97 chore: enable strict mode for test CI 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-04-02 08:57:56 +08:00
Benjamin Wang
7230b943d0
Merge pull request #15612 from zhangguanzhang/release-3.5 
[3.5] Backport fixes all docker images of Architecture show amd64
 2023-04-02 07:17:47 +08:00
zhangguanzhang
77baf66b52 Fixes: #15266 All docker images of Architecture show amd64 
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
 2023-04-01 23:29:25 +08:00
Marek Siarkowicz
1259884695
Merge pull request #15608 from pchan/automated-cherry-pick-of-#15505-upstream-release-3.5 
[3.5] Add testing of etcd in local image in release workflow
 2023-04-01 13:59:36 +02:00
Prasad Chandrasekaran
9e506593bf scripts: Add testing of etcd in local image in release workflow. 
Signed-off-by: Prasad Chandrasekaran <prasadc@vmware.com>
 2023-04-01 16:47:08 +05:30
Marek Siarkowicz
c5b670bff1
Merge pull request #15589 from serathius/separate-grpc-server-3.5 
Separate grpc server 3.5
 2023-03-31 13:18:02 +02:00
Marek Siarkowicz
073c530989 server: Fix defer function closure escape 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-30 16:01:29 +02:00
Marek Siarkowicz
6637aee804 tests: Test separate http port connection multiplexing 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-30 16:01:28 +02:00
Marek Siarkowicz
c0421c7330 server: Add --listen-client-http-urls flag to allow running grpc server separate from http server 
Difference in load configuration for watch delay tests show how huge the
impact is. Even with random write scheduler grpc under http
server can only handle 500 KB with 2 seconds delay. On the other hand,
separate grpc server easily hits 10, 100 or even 1000 MB within 100 miliseconds.

Priority write scheduler that was used in most previous releases
is far worse than random one.

Tests configured to only 5 MB to avoid flakes and taking too long to fill
etcd.

Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-30 15:53:11 +02:00
Marek Siarkowicz
2d5f48a7ef server: Pick one address that all grpc gateways connect to 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-30 15:11:59 +02:00
Marek Siarkowicz
a9e0a04c9a server: Extract resolveUrl helper function 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-30 15:11:59 +02:00
Marek Siarkowicz
245067b15d server: Separate client listener grouping from serving 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-30 15:11:59 +02:00
Marek Siarkowicz
63576a25f5 refactor: Use proper variable names for urls 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-30 15:11:58 +02:00
Marek Siarkowicz
8b4549d534
Merge pull request #15443 from ArkaSaha30/automated-cherry-pick-of-#14860-upstream-release-3.5 
[3.5] Automated cherry-pick of #14860: Trigger release in current branch for github workflow case
 2023-03-30 14:39:30 +02:00
engow
f7ac9dfcd6 sever/auth: fix addUserWithNoOption of store_test 
Signed-off-by: engow <engow@hotmail.com>
 2023-03-30 19:13:33 +08:00
tangcong
dcb1bf6078 server/auth: fix auth panic bug when user changes password 
Signed-off-by: tangcong <tangcong506@foxmail.com>
Signed-off-by: engow <engow@hotmail.com>
 2023-03-30 19:13:33 +08:00
Benjamin Wang
44d78bf9aa Automated cherry-pick of #14860: Trigger release in current branch for github workflow case 
Signed-off-by: ArkaSaha30 <arkasaha30@gmail.com>
 2023-03-30 16:39:08 +05:30
Benjamin Wang
fe37277c7e
Merge pull request #15517 from fuweid/cp-15509-to-3.5 
[3.5] server/embed: fix data race when start insecure grpc
 2023-03-20 21:45:59 +08:00
Wei Fu
9e974792f9 server/embed: fix data race when start insecure grpc 
There are two goroutines accessing the `gs` grpc server var. Before
insecure `gs` server start, the `gs` can be changed to secure server and
then the client will fail to connect to etcd with insecure request. It
is data-race. We should use argument for reference in the new goroutine.

fix: #15495

Signed-off-by: Wei Fu <fuweid89@gmail.com>
(cherry picked from commit a9988e2625eede1af81d189b5f2ecf7d4af3edf1)
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-03-20 20:41:49 +08:00
Marek Siarkowicz
15b3756abd
Merge pull request #15515 from serathius/fix-issue15271-3.5 
[v3.5] Fix issue15271
 2023-03-20 13:08:31 +01:00
Marek Siarkowicz
92e56ab61e server: Test watch restore 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-20 12:04:43 +01:00
Bogdan Kanivets
dafdaaedf2 mvcc: update minRev when watcher stays synced 
Problem: during restore in watchableStore.Restore, synced watchers are moved to unsynced.
minRev will be behind since it's not updated when watcher stays synced.

Solution: update minRev

fixes: https://github.com/etcd-io/etcd/issues/15271
Signed-off-by: Bogdan Kanivets <bkanivets@apple.com>
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-20 12:02:49 +01:00
Marek Siarkowicz
930a450a55
Merge pull request #15491 from serathius/test-cmux-3.5 
Connection multiplexing regression tests for v3.5
 2023-03-18 13:23:36 +01:00
Marek Siarkowicz
86101d333b tests: Add v2 API to connection multiplexing test 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-17 10:51:36 +01:00
Marek Siarkowicz
eb614c35f7 tests: Add connection muiltiplexer testing 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-17 10:51:35 +01:00
Marek Siarkowicz
2eeb26083f tests: Backport RunUtilCompletion 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-17 10:50:21 +01:00
Marek Siarkowicz
00e1e5db21 tests: Backport tls for etcdctl 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-17 10:50:19 +01:00
Marek Siarkowicz
46d6c1d7b2 tests: Extract e2e test utils 
Consider creating generic testutils for both e2e and integration tests.

Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-16 17:24:42 +01:00
Marek Siarkowicz
2f4d75feb1 tests: Allow specifying http version in curl 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-16 17:24:42 +01:00
Marek Siarkowicz
4e9911ec26 tests: Refactor newClient args 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-16 17:24:42 +01:00
Marek Siarkowicz
64bc55ef4e tests: Refactor CURLPrefixArgs 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-16 17:24:42 +01:00
Benjamin Wang
11ca1d356a
Merge pull request #15483 from jmhbnz/release-3.5-backport 
[3.5] Backport tls 1.3 support
 2023-03-16 06:06:45 +08:00