Todd Lipcon has posted comments on this change. Change subject: [security] do actual token signing/verification ......................................................................
Patch Set 2: (1 comment) http://gerrit.cloudera.org:8080/#/c/5812/2/src/kudu/security/token_signing_key.cc File src/kudu/security/token_signing_key.cc: Line 35: CHECK(pb_.has_rsa_key_der()); > Why CHECK is fishy in constructors? Do you mean it's better to remove CHEC oh, I missed your response to Dan. I think it's fishy here because this is externally-provided data (a protobuf which arrives over the network). It's not _awful_ because at least it's Kudu-provided rather than user-provided, but I think still it would be better to return a bad Status than crash. -- To view, visit http://gerrit.cloudera.org:8080/5812 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: Icf035c64032320a450731ae921e92615bf2efd98 Gerrit-PatchSet: 2 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Alexey Serbin <aser...@cloudera.com> Gerrit-Reviewer: Alexey Serbin <aser...@cloudera.com> Gerrit-Reviewer: Dan Burkert <danburk...@apache.org> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Todd Lipcon <t...@apache.org> Gerrit-HasComments: Yes