Re: Review Request 57054: Fixed a bug in master and agent handler authorization logic.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/57054/#review167660 --- Ship it! Ship It! - Adam B On Feb. 27, 2017, 9:31 p.m., Greg Mann wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/57054/ > --- > > (Updated Feb. 27, 2017, 9:31 p.m.) > > > Review request for mesos, Adam B, Alexander Rojas, Jan Schlicht, and Vinod > Kone. > > > Bugs: MESOS-7003 > https://issues.apache.org/jira/browse/MESOS-7003 > > > Repository: mesos > > > Description > --- > > This patch fixes a bug where endpoint handlers would not > correctly handle the case in which authorization is enabled > when authentication is disabled. In this case, the handlers > would send a default-constructed `authorization::Subject` to > the authorizer, leading to an empty-string principal being > evaluated as the subject. > > This patch updates the handlers to correctly send `NONE` as > the subject in this case. > > > Diffs > - > > src/master/http.cpp 6e5178eeea6cc6b90ae253840da22be13444b088 > src/slave/http.cpp 94731ec883c309cefb811694dc4e39de12d1ac59 > src/slave/slave.cpp fc480ae23ffa5cdeeb79b3621a08e1f8703bc01a > > > Diff: https://reviews.apache.org/r/57054/diff/1/ > > > Testing > --- > > Testing details can be found at the end of this patch chain. > > > Thanks, > > Greg Mann > >
Re: Review Request 57054: Fixed a bug in master and agent handler authorization logic.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/57054/ --- (Updated Feb. 28, 2017, 5:31 a.m.) Review request for mesos, Adam B, Alexander Rojas, Jan Schlicht, and Vinod Kone. Bugs: MESOS-7003 https://issues.apache.org/jira/browse/MESOS-7003 Repository: mesos Description (updated) --- This patch fixes a bug where endpoint handlers would not correctly handle the case in which authorization is enabled when authentication is disabled. In this case, the handlers would send a default-constructed `authorization::Subject` to the authorizer, leading to an empty-string principal being evaluated as the subject. This patch updates the handlers to correctly send `NONE` as the subject in this case. Diffs - src/master/http.cpp 6e5178eeea6cc6b90ae253840da22be13444b088 src/slave/http.cpp 94731ec883c309cefb811694dc4e39de12d1ac59 src/slave/slave.cpp fc480ae23ffa5cdeeb79b3621a08e1f8703bc01a Diff: https://reviews.apache.org/r/57054/diff/ Testing --- Testing details can be found at the end of this patch chain. Thanks, Greg Mann
Re: Review Request 57054: Fixed a bug in master and agent handler authorization logic.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/57054/#review166866 --- Ship it! Thanks for taking care of this! - Alexander Rojas On Feb. 25, 2017, 12:06 a.m., Greg Mann wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/57054/ > --- > > (Updated Feb. 25, 2017, 12:06 a.m.) > > > Review request for mesos, Adam B, Alexander Rojas, Jan Schlicht, and Vinod > Kone. > > > Bugs: MESOS-7003 > https://issues.apache.org/jira/browse/MESOS-7003 > > > Repository: mesos > > > Description > --- > > This patch fixes a bug in which endpoint handlers would not > correctly handle the case in which authorization is enabled > when authentication is disabled. In this case, the handlers > would send a default-constructed `authorization::Subject` to > the authorizer, leading to an empty-string principal being > evaluated as the subject. > > This patch updates the handlers to correctly send `NONE` as > the subject in this case. > > > Diffs > - > > src/master/http.cpp 6e5178eeea6cc6b90ae253840da22be13444b088 > src/slave/http.cpp 94731ec883c309cefb811694dc4e39de12d1ac59 > src/slave/slave.cpp fc480ae23ffa5cdeeb79b3621a08e1f8703bc01a > > Diff: https://reviews.apache.org/r/57054/diff/ > > > Testing > --- > > Testing details can be found at the end of this patch chain. > > > Thanks, > > Greg Mann > >
Re: Review Request 57054: Fixed a bug in master and agent handler authorization logic.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/57054/#review166780 --- Ship it! Ship It! - Vinod Kone On Feb. 24, 2017, 11:06 p.m., Greg Mann wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/57054/ > --- > > (Updated Feb. 24, 2017, 11:06 p.m.) > > > Review request for mesos, Adam B, Alexander Rojas, Jan Schlicht, and Vinod > Kone. > > > Bugs: MESOS-7003 > https://issues.apache.org/jira/browse/MESOS-7003 > > > Repository: mesos > > > Description > --- > > This patch fixes a bug in which endpoint handlers would not > correctly handle the case in which authorization is enabled > when authentication is disabled. In this case, the handlers > would send a default-constructed `authorization::Subject` to > the authorizer, leading to an empty-string principal being > evaluated as the subject. > > This patch updates the handlers to correctly send `NONE` as > the subject in this case. > > > Diffs > - > > src/master/http.cpp 6e5178eeea6cc6b90ae253840da22be13444b088 > src/slave/http.cpp 94731ec883c309cefb811694dc4e39de12d1ac59 > src/slave/slave.cpp fc480ae23ffa5cdeeb79b3621a08e1f8703bc01a > > Diff: https://reviews.apache.org/r/57054/diff/ > > > Testing > --- > > Testing details can be found at the end of this patch chain. > > > Thanks, > > Greg Mann > >
Review Request 57054: Fixed a bug in master and agent handler authorization logic.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/57054/ --- Review request for mesos, Adam B, Alexander Rojas, Jan Schlicht, and Vinod Kone. Bugs: MESOS-7003 https://issues.apache.org/jira/browse/MESOS-7003 Repository: mesos Description --- This patch fixes a bug in which endpoint handlers would not correctly handle the case in which authorization is enabled when authentication is disabled. In this case, the handlers would send a default-constructed `authorization::Subject` to the authorizer, leading to an empty-string principal being evaluated as the subject. This patch updates the handlers to correctly send `NONE` as the subject in this case. Diffs - src/master/http.cpp 6e5178eeea6cc6b90ae253840da22be13444b088 src/slave/http.cpp 94731ec883c309cefb811694dc4e39de12d1ac59 src/slave/slave.cpp fc480ae23ffa5cdeeb79b3621a08e1f8703bc01a Diff: https://reviews.apache.org/r/57054/diff/ Testing --- Testing details can be found at the end of this patch chain. Thanks, Greg Mann