Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,380 Commits 15 Branches 491 Tags
e6c2e380a911ffcfb3dea4f2aef635b8e3553a4b
Commit Graph

18 Commits

Author SHA1 Message Date
James Blair
1ea808b5ba Backport go_srcs_in_module changes and fix goword failures. 
Signed-off-by: James Blair <mail@jamesblair.net>
 2023-02-24 22:01:41 +13:00
Hitoshi Mitake
1e96e0be38 etcdserver: call refreshRangePermCache on Recover() in AuthStore. #14574 
Signed-off-by: Oleg Guba <oleg@dropbox.com>
Signed-off-by: Hitoshi Mitake <h.mitake@gmail.com>
 2022-10-29 13:56:08 +09:00
Hitoshi Mitake
efb9480b96 server: add a unit test case for authStore.Reocver() with empty rangePermCache 
Signed-off-by: Hitoshi Mitake <h.mitake@gmail.com>
 2022-10-29 13:26:31 +09:00
Haimantika Mitra
653d6e18c3 Replace github.com/form3tech-oss/jwt-go with https://github.com/golang-jwt/jwt/v4 
Signed-off-by: haimantika mitra <haimantikamitra@gmail.com>
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2022-09-19 15:35:08 -04:00
Vivek Patani
7639d93f15 server,test: refresh cache on each NewAuthStore 
- permissions were incorrectly loaded on restarts.
- #14355
- Backport of https://github.com/etcd-io/etcd/pull/14358

Signed-off-by: vivekpatani <9080894+vivekpatani@users.noreply.github.com>
 2022-09-07 10:22:05 -07:00
Hitoshi Mitake
e15c005fef server/auth: protect rangePermCache with a RW lock 
Signed-off-by: Hitoshi Mitake <h.mitake@gmail.com>
 2022-07-19 15:56:12 +09:00
cfz
cceb25d758 server/auth: enable tokenProvider if recoved store enables auth 
we found a lease leak issue:
if a new member(by member add) is recovered by snapshot, and then
become leader, the lease will never expire afterwards. leader will
log the revoke failure caused by "invalid auth token", since the
token provider is not functional, and drops all generated token
from upper layer, which in this case, is the lease revoking
routine.
 2022-05-06 12:24:28 +08:00
ahrtr
66c7aab4d3 fix the data inconsistency issue by adding a txPostLockHook into the backend 
Previously the SetConsistentIndex() is called during the apply workflow,
but it's outside the db transaction. If a commit happens between SetConsistentIndex
and the following apply workflow, and etcd crashes for whatever reason right
after the commit, then etcd commits an incomplete transaction to db.
Eventually etcd runs into the data inconsistency issue.

In this commit, we move the SetConsistentIndex into a txPostLockHook, so
it will be executed inside the transaction lock.
 2022-04-08 20:37:34 +08:00
J. David Lowe
e27effa250 etcdserver: don't attempt to grant nil permission to a role 
Prevent etcd from crashing when given a bad grant payload, e.g.:

$ curl -d '{"name": "foo"}' http://localhost:2379/v3/auth/role/add
{"header":{"cluster_id":"14841639068965178418", ...
$ curl -d '{"name": "foo"}' http://localhost:2379/v3/auth/role/grant
curl: (52) Empty reply from server

Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2021-06-04 15:34:22 -07:00
Piotr Tabor
e6baf6d751 Represent bucket as object instead of []byte name. 
Thanks to this change:
  - all the maps bucket -> buffer are indexed by int's instead of
string. No need to do: byte[] -> string -> hash conversion on each
access.
  - buckets are strongly typed in backend/mvcc API.
 2021-05-25 09:22:25 +02:00
Piotr Tabor
fe3254aee3 Remove explicit authStore->ConsistencyIndex updates, as they are taken care by hook. 2021-05-04 15:38:23 +02:00
Piotr Tabor
ffea1537d4 ClientV3 tests use integration.NewClient that configures proper logger. 2021-04-29 18:18:34 +02:00
Piotr Tabor
d7d110b5a8 mvcc/backend tests: Refactor: Do not mix testing&prod code. 2021-04-21 09:43:13 +02:00
Piotr Tabor
3bb7acc8cf Migrate dependencies pkg/foo -> client/pkg/foo 2021-04-07 00:38:47 +02:00
Piotr Tabor
03f55eeb2c Make NewTmpBackend use testing tmp location (so cleanup). 2021-03-26 13:54:55 +01:00
Dan Lorenc
5b90402082 Switch from dgrijalva/jwt-go to form3tech-oss/jwt-go. 
dgrijalva/jwt-go has been abandoned and contains several serious
security issues. Most projects are now switching to the form3tech fork.

See https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515 for
info on the issues.

Signed-off-by: Dan Lorenc <dlorenc@google.com>
 2021-01-10 08:04:20 -06:00
Piotr Tabor
aaf423e962 server: Update imports. 
find -name '*.go' | xargs sed -i --follow-symlinks 's|etcd/v3/|etcd/server/v3/|g'
 2020-10-26 13:02:32 +01:00
Piotr Tabor
4a5e9d1261 server: Move server files to 'server' directory. 
26  git mv mvcc wal auth etcdserver etcdmain proxy embed/ lease/ server
   36  git mv go.mod go.sum server
 2020-10-26 12:57:19 +01:00