Skip to content
This repository has been archived by the owner on Jun 23, 2022. It is now read-only.

feat(security): client_negotiation handle mechanism selected response #612

Merged
merged 22 commits into from
Sep 4, 2020
Merged

feat(security): client_negotiation handle mechanism selected response #612

merged 22 commits into from
Sep 4, 2020

Conversation

levy5307
Copy link
Contributor

@levy5307 levy5307 commented Sep 2, 2020
edited
Loading

client_negotiation handle mechanism selected response

@levy5307 levy5307 marked this pull request as draft September 2, 2020 10:09
@levy5307 levy5307 marked this pull request as ready for review September 3, 2020 08:17
neverchanje
neverchanje reviewed Sep 3, 2020
View reviewed changes
include/dsn/utility/error_code.h Outdated Show resolved Hide resolved
src/runtime/security/sasl_client_wrapper.cpp Outdated Show resolved Hide resolved
acelyc111
acelyc111 reviewed Sep 4, 2020
View reviewed changes
include/dsn/utility/error_code.h Outdated Show resolved Hide resolved
src/runtime/security/client_negotiation.cpp Outdated Show resolved Hide resolved
src/runtime/security/server_negotiation.cpp
Comment on lines +77 to +100
if (!check_status(rpc.request().status, negotiation_status::type::SASL_SELECT_MECHANISMS)) {
fail_negotiation();
return;
}

error_s err_s = _sasl->init();
if (!err_s.is_ok()) {
dwarn_f("{}: server initialize sasl failed, error = {}, msg = {}",
_name,
err_s.code().to_string(),
err_s.description());
fail_negotiation();
return;
}
_selected_mechanism = request.msg;
if (supported_mechanisms.find(_selected_mechanism) == supported_mechanisms.end()) {
dwarn_f("the mechanism of {} is not supported", _selected_mechanism);
fail_negotiation();
return;
}

negotiation_response &response = rpc.response();
_status = response.status = negotiation_status::type::SASL_SELECT_MECHANISMS_RESP;
} else {
dwarn_f("{}: got message({}) while expect({})",
error_s err_s = _sasl->init();
if (!err_s.is_ok()) {
dwarn_f("{}: server initialize sasl failed, error = {}, msg = {}",
_name,
enum_to_string(request.status),
negotiation_status::type::SASL_SELECT_MECHANISMS);
err_s.code().to_string(),
err_s.description());
fail_negotiation();
return;
}

negotiation_response &response = rpc.response();
_status = response.status = negotiation_status::type::SASL_SELECT_MECHANISMS_RESP;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good refactor!

hycdong
hycdong reviewed Sep 4, 2020
View reviewed changes
src/runtime/security/negotiation.cpp Outdated
@@ -48,5 +50,18 @@ void negotiation::fail_negotiation()
_session->on_failure(true);
}

bool negotiation::check_status(negotiation_status::type status,
negotiation_status::type expect_status)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

expected_status may be better.

@levy5307 levy5307 merged commit fafbd59 into XiaoMi:master Sep 4, 2020
@levy5307 levy5307 deleted the on_mechanism_selected branch September 4, 2020 06:57
levy5307 added a commit to levy5307/rdsn that referenced this pull request Dec 21, 2020
@levy5307
feat(security): client_negotiation handle mechanism selected response (
f3eb772 
…XiaoMi#612)
@neverchanje neverchanje mentioned this pull request Mar 1, 2021
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@hycdong hycdong hycdong left review comments

@acelyc111 acelyc111 acelyc111 approved these changes

@neverchanje neverchanje neverchanje approved these changes

Assignees
No one assigned
Labels
component/security
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@levy5307 @neverchanje @acelyc111 @hycdong