This is an automated email from the ASF dual-hosted git repository.
arojas pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mesos.git
The following commit(s) were added to refs/heads/master by this push:
new 6dc4d77 Removed Principal object from
This is an automated email from the ASF dual-hosted git repository.
arojas pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mesos.git
The following commit(s) were added to refs/heads/master by this push:
new 5a32447 Removed unused local variable in
Repository: mesos
Updated Branches:
refs/heads/1.6.x f86c9f8ac -> 052af588c
Fixed unproperly guarded future.
This patch fixes a bug where the code path could cause a crash because
of calling `Fture::get()` on a future which is failed.
Review: https://reviews.apache.org/r/67722
Project: http
Repository: mesos
Updated Branches:
refs/heads/1.5.x 19f65537f -> 2440c7310
Fixed unproperly guarded future.
This patch fixes a bug where the code path could cause a crash because
of calling `Fture::get()` on a future which is failed.
Review: https://reviews.apache.org/r/67722
Project: http
Repository: mesos
Updated Branches:
refs/heads/1.4.x 1830c0538 -> ee18cf95f
Fixed unproperly guarded future.
This patch fixes a bug where the code path could cause a crash because
of calling `Fture::get()` on a future which is failed.
Review: https://reviews.apache.org/r/67722
Project: http
Repository: mesos
Updated Branches:
refs/heads/master b4e08210d -> 81a7b5f68
Fixed unproperly guarded future.
This patch fixes a bug where the code path could cause a crash because
of calling `Fture::get()` on a future which is failed.
Review: https://reviews.apache.org/r/67722
Project: htt
Repository: mesos
Updated Branches:
refs/heads/1.3.x 7f993379f -> b7c89a082
Added constant time comparison of JWT signatures.
A vulnerability in our JWT implementation allows an unauthenticated
remote attacker to execute to execute timing attacks [1].
This patch removes the vulnerability by a
Repository: mesos
Updated Branches:
refs/heads/1.4.x 509443ecc -> f6b2a0433
Added constant time comparison of JWT signatures.
A vulnerability in our JWT implementation allows an unauthenticated
remote attacker to execute to execute timing attacks [1].
This patch removes the vulnerability by a
Repository: mesos
Updated Branches:
refs/heads/1.5.x 197c9105c -> cf695f065
Added constant time comparison of JWT signatures.
A vulnerability in our JWT implementation allows an unauthenticated
remote attacker to execute to execute timing attacks [1].
This patch removes the vulnerability by a
Repository: mesos
Updated Branches:
refs/heads/1.6.x c32ef4fdf -> 0b9c863ed
Added constant time comparison of JWT signatures.
A vulnerability in our JWT implementation allows an unauthenticated
remote attacker to execute to execute timing attacks [1].
This patch removes the vulnerability by a
Repository: mesos
Updated Branches:
refs/heads/master fd362da76 -> 2c282f197
Added constant time comparison of JWT signatures.
A vulnerability in our JWT implementation allows an unauthenticated
remote attacker to execute to execute timing attacks [1].
This patch removes the vulnerability by
Repository: mesos
Updated Branches:
refs/heads/master 285d82080 -> a83a25203
Modified launch.cpp to writes its logs into cerr.
`containerizer/mesos/launch.cpp` wrote some of its output into
`cout` and some into `cerr` without a clear distinction as to
why it was done in some cases.
Moreover,
Repository: mesos
Updated Branches:
refs/heads/master 53b25f7a0 -> 2cf3e6dd4
Fixed crash on macOS during certain authorization calls.
The method in charge of creating `ObjectApprovers` was relying that
iterating over equivalent hashset's would yield the same order of
results.
While that seeme
Repository: mesos
Updated Branches:
refs/heads/master 70d63d951 -> 53b25f7a0
Removes redundant call of get() on smart pointer.
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/53b25f7a
Tree: http://git-wip-us.apache.org/rep
sk& task,
-const FrameworkInfo& frameworkInfo);
-
-
-bool approveViewFlags(const process::Owned& flagsApprover);
-
-
// Authorizes access to an HTTP endpoint. The `method` parameter
// determines which ACL action will be used in the authorization.
// It is expected that the caller has vali
vers_;
const Framework* framework_;
};
@@ -393,8 +402,8 @@ struct SlaveWriter
{
SlaveWriter(
const Slave& slave,
- const Owned& authorizeRole)
-: slave_(slave), authorizeRole_(authorizeRole) {}
+ const Owned& approvers)
+: slave_(slave), approvers_(approvers)
n_info().role())) {
+return false;
+ }
+
+ return true;
+}
+
+
// Determines which objects will be accepted based on authorization.
class AuthorizationAcceptor
{
@@ -273,6 +375,7 @@ bool approveViewRole(
const process::Owned& rolesApprover,
const std::string& role);
+
// Authorizes resources in either the pre- or the post-reservation-refinement
// formats.
// TODO(arojas): Update this helper to only accept the
+24,7 @@
#include
#include
+#include
#include
namespace lambda {
@@ -163,6 +164,78 @@ std::vector map(F&& f, std::initializer_list input)
}
+// TODO(arojas): Make this generic enough such that an arbitrary
+// number of inputs can be used.
+// It would be nice to be able to c
http://git-wip-us.apache.org/repos/asf/mesos/blob/83dd7f87/src/slave/http.hpp
--
diff --git a/src/slave/http.hpp b/src/slave/http.hpp
index c33adeb..dcfd0d9 100644
--- a/src/slave/http.hpp
+++ b/src/slave/http.hpp
@@ -116,8 +116,7
Refactored authorization logic in the master.
This patch makes uses of the new `ObjectApprovers` class which greatly
simplifies the logic for constructing and using authorization.
Review: https://reviews.apache.org/r/65312
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http:
http://git-wip-us.apache.org/repos/asf/mesos/blob/dc1e188a/src/master/master.cpp
--
diff --git a/src/master/master.cpp b/src/master/master.cpp
index 8df7ad5..f0affa0 100644
--- a/src/master/master.cpp
+++ b/src/master/master.cpp
@@
Refactored authorization logic in the agent.
This patch makes uses of the new `ObjectApprovers` class which greatly
simplifies the logic for constructing and using authorization.
Review: https://reviews.apache.org/r/65313
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http:/
Repository: mesos
Updated Branches:
refs/heads/1.5.x e6269bea5 -> b9b626c9b
Added MESOS-8413 to CHANGELOG.
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/b9b626c9
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/b9
Mesos flags related to ZooKeeper use SecurePathOrValue.
Up until now the Mesos master flag `--zk` as well as the Mesos agent
flag `--master` would leak ZooKeeper authentication credentials in
both logs and results for the `/flags` endpoint, if the credentials
were part of the configuration url.
T
Repository: mesos
Updated Branches:
refs/heads/1.5.x 8759242b6 -> e6269bea5
Added SecurePathOrValue for file flags which need not to leak contents.
The default behavior when serializing a flag, if its value comes from
a file (by using the prefix `file://`) is to show the contents of
the file i
Mesos flags related to ZooKeeper use SecurePathOrValue.
Up until now the Mesos master flag `--zk` as well as the Mesos agent
flag `--master` would leak ZooKeeper authentication credentials in
both logs and results for the `/flags` endpoint, if the credentials
were part of the configuration url.
T
Repository: mesos
Updated Branches:
refs/heads/master 32b85a2b0 -> ddde32525
Added SecurePathOrValue for file flags which need not to leak contents.
The default behavior when serializing a flag, if its value comes from
a file (by using the prefix `file://`) is to show the contents of
the file
Repository: mesos
Updated Branches:
refs/heads/master 5995bd1bd -> c5c1debb1
Updated pailer to work with jquery 3.2.1.
jQuery 3 changed the itnerface of `$.getJSON()` such that the
equivalent function of `success()` is now `then` while `error()`
should now be used as `fail()`.
Project: http:
Repository: mesos
Updated Branches:
refs/heads/master 1b5a4e77e -> a7de1bccd
Updated jQuery and Angular versions used in Makefile.am.
`Makefile.am` needs to be updated for the distribution packages to be
successfully built.
Review: https://reviews.apache.org/r/63114/
Project: http://git-wip
http://git-wip-us.apache.org/repos/asf/mesos/blob/1b5a4e77/src/webui/master/static/js/angular-1.2.32.js
--
diff --git a/src/webui/master/static/js/angular-1.2.32.js
b/src/webui/master/static/js/angular-1.2.32.js
new file mode 1006
http://git-wip-us.apache.org/repos/asf/mesos/blob/b0a660bb/src/webui/master/static/js/jquery-1.7.1.js
--
diff --git a/src/webui/master/static/js/jquery-1.7.1.js
b/src/webui/master/static/js/jquery-1.7.1.js
deleted file mode 100644
http://git-wip-us.apache.org/repos/asf/mesos/blob/1b5a4e77/src/webui/master/static/js/angular-route-1.2.3.js
--
diff --git a/src/webui/master/static/js/angular-route-1.2.3.js
b/src/webui/master/static/js/angular-route-1.2.3.js
del
http://git-wip-us.apache.org/repos/asf/mesos/blob/b0a660bb/src/webui/master/static/js/jquery-3.2.1.js
--
diff --git a/src/webui/master/static/js/jquery-3.2.1.js
b/src/webui/master/static/js/jquery-3.2.1.js
new file mode 100644
ind
Upgrades AngularJS used by Mesos WebUI to version 1.2.32.
The version of AngularJS distributed with Mesos (1.2.3) was found to
have security issues which have been addressed in latter versions.
Review: https://reviews.apache.org/r/63102
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
http://git-wip-us.apache.org/repos/asf/mesos/blob/1b5a4e77/src/webui/master/static/js/angular-1.2.3.min.js
--
diff --git a/src/webui/master/static/js/angular-1.2.3.min.js
b/src/webui/master/static/js/angular-1.2.3.min.js
deleted f
Upgrades jQuery used by Mesos WebUI to version 3.2.1.
The version of jQuery distributed with Mesos (1.7.1) was found to have
security issues which have been addressed in latter versions.
Review: https://reviews.apache.org/r/63101
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit
Repository: mesos
Updated Branches:
refs/heads/master b361801f2 -> 1b5a4e77e
http://git-wip-us.apache.org/repos/asf/mesos/blob/b0a660bb/src/webui/master/static/js/jquery-3.2.1.min.js
--
diff --git a/src/webui/master/static/js/j
http://git-wip-us.apache.org/repos/asf/mesos/blob/1b5a4e77/src/webui/master/static/js/angular-1.2.32.min.js
--
diff --git a/src/webui/master/static/js/angular-1.2.32.min.js
b/src/webui/master/static/js/angular-1.2.32.min.js
new fi
http://git-wip-us.apache.org/repos/asf/mesos/blob/1b5a4e77/src/webui/master/static/js/angular-1.2.3.js
--
diff --git a/src/webui/master/static/js/angular-1.2.3.js
b/src/webui/master/static/js/angular-1.2.3.js
deleted file mode 100
http://git-wip-us.apache.org/repos/asf/mesos/blob/b0a660bb/src/webui/master/static/js/jquery-1.7.1.min.js
--
diff --git a/src/webui/master/static/js/jquery-1.7.1.min.js
b/src/webui/master/static/js/jquery-1.7.1.min.js
deleted file
Added test to verify filtering of resource reservations & allocations.
This patch extends `SlaveAuthorizerTest.FilterStateEndpoint` test to
check that agent's `/state` endpoint shows resource reservations and
allocations based on the `VIEW_ROLE` permissions of the principal
doing the request.
Rev
Repository: mesos
Updated Branches:
refs/heads/master dfe4fc84e -> b9aebbbca
Enabled filtering of resource allocations and reservations in agent.
Adds support of the `VIEW_ROLE` ACL to the results generated by the
`/state` endpoint in the agent for fields `reserved_resources_full`,
`reserved_r
Repository: mesos
Updated Branches:
refs/heads/master 40aa0d9f7 -> dfe4fc84e
Fixed unnecessary non-constness.
Const `Owned` doesn't make the underlying pointer const.
Review: https://reviews.apache.org/r/62016/
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wi
Repository: mesos
Updated Branches:
refs/heads/master 8127bae34 -> 3dc041d55
Updated website for 1.2.2 release.
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/3dc041d5
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tr
Repository: mesos
Updated Branches:
refs/heads/master 188109b63 -> 72ebb5e5b
Replaced `abort()` with `_exit()` in `ChildHook::SUPERVISOR`.
Previously, `abort()` was called in `SUPERVISOR` hook when child
process exited with an error code, or `waitpid()` failed, or parent
process exited. All th
ld("used_resources", Resources::sum(slave_.usedResources));
+writer->field("offered_resources", slave_.offeredResources);
+writer->field(
+"reserved_resources",
+[&totalResources, this](JSON::ObjectWriter* writer) {
+
Repository: mesos
Updated Branches:
refs/heads/master bff703639 -> 46f97991c
Adding Alexander Rojas in the committer list.
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/46f97991
Tree: http://git-wip-us.apache.org/repos/a
47 matches
Mail list logo
