Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RFC: etcdserver: swap priority of cert CN and username + password #8594

Merged
merged 2 commits into from
Sep 26, 2017

Conversation

mitake
Copy link
Contributor

@mitake mitake commented Sep 22, 2017

/cc @raoofm

I'd like to hear comments about we should add an option for controlling the priority or not.

Fix #8584

@xiang90
Copy link
Contributor

xiang90 commented Sep 22, 2017

we probably should add a test?

@mitake
Copy link
Contributor Author

mitake commented Sep 22, 2017

@xiang90 sure, I'll add the test later. How do you think about the option? I'm feeling that just mentioning on release not would be enough, but not sure yet.

@raoofm
Copy link
Contributor

raoofm commented Sep 22, 2017

@mmerrill3 imo a flag is an overkill. What's your take? Please read #8584

@mmerrill3
Copy link

@raoofm, yeah, its more natural to use the presented username if it is there.

@xiang90
Copy link
Contributor

xiang90 commented Sep 22, 2017

If we have not documented the previous behavior explicitly, I think we should just fix this and start to document it. This behavior is more natural, and the previous behavior seems buggy.

@xiang90
Copy link
Contributor

xiang90 commented Sep 24, 2017

@mitake can you add a test and let us get this merged.

@mitake
Copy link
Contributor Author

mitake commented Sep 25, 2017

@xiang90 added a commit for the test case, could you take a look? The second commit also fixes a silly bug in the existing TestCtlV3AuthCertCN (it didn't work as a test...).

@gyuho
Copy link
Contributor

gyuho commented Sep 25, 2017

lgtm. /cc @xiang90

@@ -960,3 +964,55 @@ func authTestEndpointHealth(cx ctlCtx) {
cx.t.Fatalf("endpointStatusTest ctlV3EndpointHealth error (%v)", err)
}
}

func authTestCertCNAndUsername(cx ctlCtx) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we should not use t.fatal all over the place.

fatal should be used for the pre-condition check, errorf should be used for the actual correctness checking.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see, thanks for pointing out. I'll update soon.

@xiang90
Copy link
Contributor

xiang90 commented Sep 25, 2017

LGTM after fixing the test nits.

@mitake
Copy link
Contributor Author

mitake commented Sep 26, 2017

@xiang90 updated for the test nits, could you take a look?

@xiang90
Copy link
Contributor

xiang90 commented Sep 26, 2017

lgtm

@xiang90 xiang90 merged commit 554298d into etcd-io:master Sep 26, 2017
@mitake mitake deleted the auth-priority branch September 27, 2017 01:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

5 participants