This commit adds a script to sync the version present in .go-version
across all go.mod files as the toolchain directive. As part of that,
this commit also modifies go.mod files that did not have synced toolchain
directives.
Additionally, this also adds a script to verify all toolchain and go
directives against the version present in .go-version as follows:
(1) The go directive <= version in .go-version
(2) The toolchain directive == version in .go-version
This script runs as part of the `make verify` target, making it run
as a presbumit by default.
Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
Resolves#12450
This commits adds support to unix/unixs socket URLs, which currently
fail with the message "URL address does not have the form "host:port".
It also replaces the work started in #11747.
(cherry picked from commit d93b7c8cb185af5a8af8408fbfcc55a21e3d9e5a)
Signed-off-by: Hubert Zhang <hubert.zyk@gmail.com>
Added keepalive_listener_unix.go and keepalive_listener_openbsd.go to
handle SetKeepAlivePeriod() specially on OpenBSD.
Signed-off-by: Ruize Tang <1466040111@qq.com>
The last step with gRPC update behavior changes auditing to resolve CVE #16740 in 3.5
This PR backports #14922, #16338, #16587, #16630, #16636 and #16739 to release-3.5.
Signed-off-by: Chao Chen <chaochn@amazon.com>
so that they cabn be configured via config file.
Co-authored-by: Shawn Gerrard <shawn.gerrard@gmail.com>
Signed-off-by: James Blair <mail@jamesblair.net>
fix the unexpected blocking when using Barrier.Wait(), e.g.
NewBarrier(client, "a").Wait() will block if key "a" is not existed but "a0" is existed, but it should return immediately.
Signed-off-by: zhangwenkang <zwenkang@vmware.com>
Historic capnslog timestamps are in microsecond resolution. We need to match that when we migrate to the zap logger.
Signed-off-by: James Blair <mail@jamesblair.net>
In order to fix https://github.com/etcd-io/etcd/issues/12385,
PR https://github.com/etcd-io/etcd/pull/14322 introduced a change
in which the client side may retry based on the error message
returned from server side.
This is not good, as it's too fragile and it's also changed the
protocol between client and server. Please see the discussion
in https://github.com/kubernetes/kubernetes/pull/114403
Note: The issue https://github.com/etcd-io/etcd/issues/12385 only
happens when auth is enabled, and client side reuse the same client
to watch.
So we decided to rollback the change on 3.5, reasons:
1.K8s doesn't enable auth at all. It has no any impact on K8s.
2.It's very easy for client application to workaround the issue.
The client just needs to create a new client each time before watching.
Signed-off-by: Benjamin Wang <wachao@vmware.com>
Add empty implementation for reuse port socket option since Solaris does not
support SO_REUSEPORT.
(cherry picked from commit af626ebfdeb46c1025f9a717959b241fecc44d0a)
Conflicts:
client/pkg/transport/sockopt_unix.go
Signed-off-by: Andrew Stormont <andyjstormont@gmail.com>
When users use the TLS CommonName based authentication, the
authTokenBundle is always nil. But it's possible for the clients
to get `rpctypes.ErrAuthOldRevision` response when the clients
concurrently modify auth data (e.g, addUser, deleteUser etc.).
In this case, there is no need to refresh the token; instead the
clients just need to retry the operations (e.g. Put, Delete etc).
Signed-off-by: Benjamin Wang <wachao@vmware.com>
