vitalif
/
etcd
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

*: add a new API and command for checking auth status (#11536) 

This changes have started at etcdctl under auth.go, and make changes to stub out everything down into the internal raft.  Made changes to the .proto files and regenerated them so that the local version would build successfully.
release-3.5
Vern Burton 2020-02-05 21:27:42 -06:00 committed by GitHub
parent 74d5ba5777
commit 071e70cdc4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
21 changed files with 1013 additions and 465 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGELOG-3.5.md
View File

@ -100,6 +100,7 @@ Note that any `etcd_debugging_*` metrics are experimental and subject to change.
- Fix [`etcdctl member add`](https://github.com/etcd-io/etcd/pull/11194) command to prevent potential timeout.
- Add [`etcdctl watch --progress-notify`](https://github.com/etcd-io/etcd/pull/11462) flag.
- Add [`etcdctl auth status`](https://github.com/etcd-io/etcd/pull/11536) command to check if authentication is enabled
### gRPC gateway
@ -112,6 +113,10 @@ Note that any `etcd_debugging_*` metrics are experimental and subject to change.
- Fix [NoPassword check when adding user through GRPC gateway](https://github.com/etcd-io/etcd/pull/11418) ([issue#11414](https://github.com/etcd-io/etcd/issues/11414))
- Fix bug where [some auth related messages are logged at wrong level](https://github.com/etcd-io/etcd/pull/11586)
### API
- Add [`/v3/auth/status`](https://github.com/etcd-io/etcd/pull/11536) endpoint to check if authentication is enabled
### Dependency
- Upgrade [`google.golang.org/grpc`](https://github.com/grpc/grpc-go/releases) from [**`v1.23.0`**](https://github.com/grpc/grpc-go/releases/tag/v1.23.0) to [**`v1.26.0`**](https://github.com/grpc/grpc-go/releases/tag/v1.26.0).

16
Documentation/dev-guide/api_reference_v3.md
View File

@ -10,6 +10,7 @@ This is a generated documentation. Please read the proto files for more.
| ------ | ------------ | ------------- | ----------- |
| AuthEnable | AuthEnableRequest | AuthEnableResponse | AuthEnable enables authentication. |
| AuthDisable | AuthDisableRequest | AuthDisableResponse | AuthDisable disables authentication. |
| AuthStatus | AuthStatusRequest | AuthStatusResponse | AuthStatus displays authentication status. |
| Authenticate | AuthenticateRequest | AuthenticateResponse | Authenticate processes an authenticate request. |
| UserAdd | AuthUserAddRequest | AuthUserAddResponse | UserAdd adds a new user. User name cannot be empty. |
| UserGet | AuthUserGetRequest | AuthUserGetResponse | UserGet gets detailed user information. |
@ -240,6 +241,21 @@ Empty field.
##### message `AuthStatusRequest` (etcdserver/etcdserverpb/rpc.proto)
Empty field.
##### message `AuthStatusResponse` (etcdserver/etcdserverpb/rpc.proto)
| Field | Description | Type |
| ----- | ----------- | ---- |
| header | | ResponseHeader |
| enabled | | bool |
##### message `AuthUserAddRequest` (etcdserver/etcdserverpb/rpc.proto)
| Field | Description | Type |

119
Documentation/dev-guide/apispec/swagger/rpc.swagger.json
View File

@ -5,10 +5,6 @@
"produces": [
"application/json"
],
"schemes": [
"http",
"https"
],
"swagger": "2.0",
"info": {
"title": "etcdserver/etcdserverpb/rpc.proto",
@ -258,6 +254,33 @@
}
}
},
"/v3/auth/status": {
"post": {
"tags": [
"Auth"
],
"summary": "AuthStatus displays authentication status.",
"operationId": "AuthStatus",
"parameters": [
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/etcdserverpbAuthStatusRequest"
}
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/etcdserverpbAuthStatusResponse"
}
}
}
}
},
"/v3/auth/user/add": {
"post": {
"tags": [
@ -847,7 +870,16 @@
"200": {
"description": "A successful response.(streaming responses)",
"schema": {
"$ref": "#/x-stream-definitions/etcdserverpbLeaseKeepAliveResponse"
"type": "object",
"title": "Stream result of etcdserverpbLeaseKeepAliveResponse",
"properties": {
"error": {
"$ref": "#/definitions/runtimeStreamError"
},
"result": {
"$ref": "#/definitions/etcdserverpbLeaseKeepAliveResponse"
}
}
}
}
}
@ -1036,7 +1068,16 @@
"200": {
"description": "A successful response.(streaming responses)",
"schema": {
"$ref": "#/x-stream-definitions/etcdserverpbSnapshotResponse"
"type": "object",
"title": "Stream result of etcdserverpbSnapshotResponse",
"properties": {
"error": {
"$ref": "#/definitions/runtimeStreamError"
},
"result": {
"$ref": "#/definitions/etcdserverpbSnapshotResponse"
}
}
}
}
}
@ -1118,7 +1159,16 @@
"200": {
"description": "A successful response.(streaming responses)",
"schema": {
"$ref": "#/x-stream-definitions/etcdserverpbWatchResponse"
"type": "object",
"title": "Stream result of etcdserverpbWatchResponse",
"properties": {
"error": {
"$ref": "#/definitions/runtimeStreamError"
},
"result": {
"$ref": "#/definitions/etcdserverpbWatchResponse"
}
}
}
}
}
@ -1423,6 +1473,21 @@
}
}
},
"etcdserverpbAuthStatusRequest": {
"type": "object"
},
"etcdserverpbAuthStatusResponse": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"format": "boolean"
},
"header": {
"$ref": "#/definitions/etcdserverpbResponseHeader"
}
}
},
"etcdserverpbAuthUserAddRequest": {
"type": "object",
"properties": {
@ -2637,43 +2702,5 @@
{
"ApiKey": []
}
],
"x-stream-definitions": {
"etcdserverpbLeaseKeepAliveResponse": {
"properties": {
"error": {
"$ref": "#/definitions/runtimeStreamError"
},
"result": {
"$ref": "#/definitions/etcdserverpbLeaseKeepAliveResponse"
}
},
"title": "Stream result of etcdserverpbLeaseKeepAliveResponse",
"type": "object"
},
"etcdserverpbSnapshotResponse": {
"properties": {
"error": {
"$ref": "#/definitions/runtimeStreamError"
},
"result": {
"$ref": "#/definitions/etcdserverpbSnapshotResponse"
}
},
"title": "Stream result of etcdserverpbSnapshotResponse",
"type": "object"
},
"etcdserverpbWatchResponse": {
"properties": {
"error": {
"$ref": "#/definitions/runtimeStreamError"
},
"result": {
"$ref": "#/definitions/etcdserverpbWatchResponse"
}
},
"title": "Stream result of etcdserverpbWatchResponse",
"type": "object"
}
}
]
}

29
Documentation/dev-guide/apispec/swagger/v3election.swagger.json
View File

@ -4,10 +4,6 @@
"title": "etcdserver/api/v3election/v3electionpb/v3election.proto",
"version": "version not set"
},
"schemes": [
"http",
"https"
],
"consumes": [
"application/json"
],
@ -77,7 +73,16 @@
"200": {
"description": "A successful response.(streaming responses)",
"schema": {
"$ref": "#/x-stream-definitions/v3electionpbLeaderResponse"
"type": "object",
"properties": {
"result": {
"$ref": "#/definitions/v3electionpbLeaderResponse"
},
"error": {
"$ref": "#/definitions/runtimeStreamError"
}
},
"title": "Stream result of v3electionpbLeaderResponse"
}
}
},
@ -367,19 +372,5 @@
}
}
}
},
"x-stream-definitions": {
"v3electionpbLeaderResponse": {
"type": "object",
"properties": {
"result": {
"$ref": "#/definitions/v3electionpbLeaderResponse"
},
"error": {
"$ref": "#/definitions/runtimeStreamError"
}
},
"title": "Stream result of v3electionpbLeaderResponse"
}
}
}

4
Documentation/dev-guide/apispec/swagger/v3lock.swagger.json
View File

@ -4,10 +4,6 @@
"title": "etcdserver/api/v3lock/v3lockpb/v3lock.proto",
"version": "version not set"
},
"schemes": [
"http",
"https"
],
"consumes": [
"application/json"
],

24
auth/store_test.go
View File

@ -621,6 +621,30 @@ func TestAuthDisable(t *testing.T) {
}
}
func TestIsAuthEnabled(t *testing.T) {
as, tearDown := setupAuthStore(t)
defer tearDown(t)
// enable authentication to test the first possible condition
as.AuthEnable()
status := as.IsAuthEnabled()
ctx := context.WithValue(context.WithValue(context.TODO(), AuthenticateParamIndex{}, uint64(2)), AuthenticateParamSimpleTokenPrefix{}, "dummy")
_, _ = as.Authenticate(ctx, "foo", "bar")
if status != true {
t.Errorf("expected %v, got %v", true, false)
}
// Disabling disabled auth to test the other condition that can be return
as.AuthDisable()
status = as.IsAuthEnabled()
_, _ = as.Authenticate(ctx, "foo", "bar")
if status != false {
t.Errorf("expected %v, got %v", false, true)
}
}
// TestAuthRevisionRace ensures that access to authStore.revision is thread-safe.
func TestAuthInfoFromCtxRace(t *testing.T) {
b, tPath := backend.NewDefaultTmpBackend()

9
clientv3/auth.go
View File

@ -27,6 +27,7 @@ import (
type (
AuthEnableResponse pb.AuthEnableResponse
AuthDisableResponse pb.AuthDisableResponse
AuthStatusResponse pb.AuthStatusResponse
AuthenticateResponse pb.AuthenticateResponse
AuthUserAddResponse pb.AuthUserAddResponse
AuthUserDeleteResponse pb.AuthUserDeleteResponse
@ -61,6 +62,9 @@ type Auth interface {
// AuthDisable disables auth of an etcd cluster.
AuthDisable(ctx context.Context) (*AuthDisableResponse, error)
// AuthStatus returns the status of auth of an etcd cluster.
AuthStatus(ctx context.Context) (*AuthStatusResponse, error)
// UserAdd adds a new user to an etcd cluster.
UserAdd(ctx context.Context, name string, password string) (*AuthUserAddResponse, error)
@ -127,6 +131,11 @@ func (auth *authClient) AuthDisable(ctx context.Context) (*AuthDisableResponse,
return (*AuthDisableResponse)(resp), toErr(ctx, err)
}
func (auth *authClient) AuthStatus(ctx context.Context) (*AuthStatusResponse, error) {
resp, err := auth.remote.AuthStatus(ctx, &pb.AuthStatusRequest{}, auth.callOpts...)
return (*AuthStatusResponse)(resp), toErr(ctx, err)
}
func (auth *authClient) UserAdd(ctx context.Context, name string, password string) (*AuthUserAddResponse, error) {
resp, err := auth.remote.UserAdd(ctx, &pb.AuthUserAddRequest{Name: name, Password: password, Options: &authpb.UserAddOptions{NoPassword: false}}, auth.callOpts...)
return (*AuthUserAddResponse)(resp), toErr(ctx, err)

4
clientv3/retry.go
View File

@ -257,6 +257,10 @@ func (rac *retryAuthClient) AuthDisable(ctx context.Context, in *pb.AuthDisableR
return rac.ac.AuthDisable(ctx, in, opts...)
}
func (rac *retryAuthClient) AuthStatus(ctx context.Context, in *pb.AuthStatusRequest, opts ...grpc.CallOption) (resp *pb.AuthStatusResponse, err error) {
return rac.ac.AuthStatus(ctx, in, opts...)
}
func (rac *retryAuthClient) UserAdd(ctx context.Context, in *pb.AuthUserAddRequest, opts ...grpc.CallOption) (resp *pb.AuthUserAddResponse, err error) {
return rac.ac.UserAdd(ctx, in, opts...)
}

25
etcdctl/ctlv3/command/auth_command.go
View File

@ -30,10 +30,35 @@ func NewAuthCommand() *cobra.Command {
ac.AddCommand(newAuthEnableCommand())
ac.AddCommand(newAuthDisableCommand())
ac.AddCommand(newAuthStatusCommand())
return ac
}
func newAuthStatusCommand() *cobra.Command {
return &cobra.Command{
Use: "status",
Short: "Returns authentication status",
Run: authStatusCommandFunc,
}
}
// authStatusCommandFunc executes the "auth status" command.
func authStatusCommandFunc(cmd *cobra.Command, args []string) {
if len(args) != 0 {
ExitWithError(ExitBadArgs, fmt.Errorf("auth status command does not accept any arguments"))
}
ctx, cancel := commandCtx(cmd)
result, err := mustClientFromCmd(cmd).Auth.AuthStatus(ctx)
cancel()
if err != nil {
ExitWithError(ExitError, err)
}
fmt.Println("Authentication Status:", result.Enabled)
}
func newAuthEnableCommand() *cobra.Command {
return &cobra.Command{
Use: "enable",

8
etcdserver/api/v3rpc/auth.go
View File

@ -45,6 +45,14 @@ func (as *AuthServer) AuthDisable(ctx context.Context, r *pb.AuthDisableRequest)
return resp, nil
}
func (as *AuthServer) AuthStatus(ctx context.Context, r *pb.AuthStatusRequest) (*pb.AuthStatusResponse, error) {
resp, err := as.authenticator.AuthStatus(ctx, r)
if err != nil {
return nil, togRPCError(err)
}
return resp, nil
}
func (as *AuthServer) Authenticate(ctx context.Context, r *pb.AuthenticateRequest) (*pb.AuthenticateResponse, error) {
resp, err := as.authenticator.Authenticate(ctx, r)
if err != nil {

8
etcdserver/apply.go
View File

@ -78,6 +78,7 @@ type applierV3 interface {
AuthEnable() (*pb.AuthEnableResponse, error)
AuthDisable() (*pb.AuthDisableResponse, error)
AuthStatus() (*pb.AuthStatusResponse, error)
UserAdd(ua *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, error)
UserDelete(ua *pb.AuthUserDeleteRequest) (*pb.AuthUserDeleteResponse, error)
@ -159,6 +160,8 @@ func (a *applierV3backend) Apply(r *pb.InternalRaftRequest) *applyResult {
ar.resp, ar.err = a.s.applyV3.AuthEnable()
case r.AuthDisable != nil:
ar.resp, ar.err = a.s.applyV3.AuthDisable()
case r.AuthStatus != nil:
ar.resp, ar.err = a.s.applyV3.AuthStatus()
case r.AuthUserAdd != nil:
ar.resp, ar.err = a.s.applyV3.UserAdd(r.AuthUserAdd)
case r.AuthUserDelete != nil:
@ -739,6 +742,11 @@ func (a *applierV3backend) AuthDisable() (*pb.AuthDisableResponse, error) {
return &pb.AuthDisableResponse{Header: newHeader(a.s)}, nil
}
func (a *applierV3backend) AuthStatus() (*pb.AuthStatusResponse, error) {
enabled := a.s.AuthStore().IsAuthEnabled()
return &pb.AuthStatusResponse{Header: newHeader(a.s), Enabled: enabled}, nil
}
func (a *applierV3backend) Authenticate(r *pb.InternalAuthenticateRequest) (*pb.AuthenticateResponse, error) {
ctx := context.WithValue(context.WithValue(a.s.ctx, auth.AuthenticateParamIndex{}, a.s.consistIndex.ConsistentIndex()), auth.AuthenticateParamSimpleTokenPrefix{}, r.SimpleToken)
resp, err := a.s.AuthStore().Authenticate(ctx, r.Name, r.Password)

2
etcdserver/apply_auth.go
View File

@ -216,6 +216,8 @@ func needAdminPermission(r *pb.InternalRaftRequest) bool {
return true
case r.AuthDisable != nil:
return true
case r.AuthStatus != nil:
return true
case r.AuthUserAdd != nil:
return true
case r.AuthUserDelete != nil:

2
etcdserver/etcdserverpb/etcdserver.pb.go
View File

@ -77,6 +77,7 @@
StatusResponse
AuthEnableRequest
AuthDisableRequest
AuthStatusRequest
AuthenticateRequest
AuthUserAddRequest
AuthUserGetRequest
@ -93,6 +94,7 @@
AuthRoleRevokePermissionRequest
AuthEnableResponse
AuthDisableResponse
AuthStatusResponse
AuthenticateResponse
AuthUserAddResponse
AuthUserGetResponse

46
etcdserver/etcdserverpb/gw/rpc.pb.gw.go
View File

@ -479,6 +479,19 @@ func request_Auth_AuthDisable_0(ctx context.Context, marshaler runtime.Marshaler
}
func request_Auth_AuthStatus_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
var protoReq etcdserverpb.AuthStatusRequest
var metadata runtime.ServerMetadata
if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil && err != io.EOF {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
msg, err := client.AuthStatus(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
return msg, metadata, err
}
func request_Auth_Authenticate_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
var protoReq etcdserverpb.AuthenticateRequest
var metadata runtime.ServerMetadata
@ -1840,6 +1853,35 @@ func RegisterAuthHandlerClient(ctx context.Context, mux *runtime.ServeMux, clien
})
mux.Handle("POST", pattern_Auth_AuthStatus_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
ctx, cancel := context.WithCancel(req.Context())
defer cancel()
if cn, ok := w.(http.CloseNotifier); ok {
go func(done <-chan struct{}, closed <-chan bool) {
select {
case <-done:
case <-closed:
cancel()
}
}(ctx.Done(), cn.CloseNotify())
}
inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
rctx, err := runtime.AnnotateContext(ctx, mux, req)
if err != nil {
runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
return
}
resp, md, err := request_Auth_AuthStatus_0(rctx, inboundMarshaler, client, req, pathParams)
ctx = runtime.NewServerMetadataContext(ctx, md)
if err != nil {
runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
return
}
forward_Auth_AuthStatus_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
})
mux.Handle("POST", pattern_Auth_Authenticate_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
ctx, cancel := context.WithCancel(req.Context())
defer cancel()
@ -2254,6 +2296,8 @@ var (
pattern_Auth_AuthDisable_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"v3", "auth", "disable"}, ""))
pattern_Auth_AuthStatus_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"v3", "auth", "status"}, ""))
pattern_Auth_Authenticate_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"v3", "auth", "authenticate"}, ""))
pattern_Auth_UserAdd_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2, 2, 3}, []string{"v3", "auth", "user", "add"}, ""))
@ -2288,6 +2332,8 @@ var (
forward_Auth_AuthDisable_0 = runtime.ForwardResponseMessage
forward_Auth_AuthStatus_0 = runtime.ForwardResponseMessage
forward_Auth_Authenticate_0 = runtime.ForwardResponseMessage
forward_Auth_UserAdd_0 = runtime.ForwardResponseMessage

233
etcdserver/etcdserverpb/raft_internal.pb.go
View File

@ -52,6 +52,7 @@ type InternalRaftRequest struct {
LeaseCheckpoint *LeaseCheckpointRequest `protobuf:"bytes,11,opt,name=lease_checkpoint,json=leaseCheckpoint" json:"lease_checkpoint,omitempty"`
AuthEnable *AuthEnableRequest `protobuf:"bytes,1000,opt,name=auth_enable,json=authEnable" json:"auth_enable,omitempty"`
AuthDisable *AuthDisableRequest `protobuf:"bytes,1011,opt,name=auth_disable,json=authDisable" json:"auth_disable,omitempty"`
AuthStatus *AuthStatusRequest `protobuf:"bytes,1013,opt,name=auth_status,json=authStatus" json:"auth_status,omitempty"`
Authenticate *InternalAuthenticateRequest `protobuf:"bytes,1012,opt,name=authenticate" json:"authenticate,omitempty"`
AuthUserAdd *AuthUserAddRequest `protobuf:"bytes,1100,opt,name=auth_user_add,json=authUserAdd" json:"auth_user_add,omitempty"`
AuthUserDelete *AuthUserDeleteRequest `protobuf:"bytes,1101,opt,name=auth_user_delete,json=authUserDelete" json:"auth_user_delete,omitempty"`
@ -308,17 +309,29 @@ func (m *InternalRaftRequest) MarshalTo(dAtA []byte) (int, error) {
}
i += n14
}
if m.AuthStatus != nil {
dAtA[i] = 0xaa
i++
dAtA[i] = 0x3f
i++
i = encodeVarintRaftInternal(dAtA, i, uint64(m.AuthStatus.Size()))
n15, err := m.AuthStatus.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n15
}
if m.AuthUserAdd != nil {
dAtA[i] = 0xe2
i++
dAtA[i] = 0x44
i++
i = encodeVarintRaftInternal(dAtA, i, uint64(m.AuthUserAdd.Size()))
n15, err := m.AuthUserAdd.MarshalTo(dAtA[i:])
n16, err := m.AuthUserAdd.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n15
i += n16
}
if m.AuthUserDelete != nil {
dAtA[i] = 0xea
@ -326,11 +339,11 @@ func (m *InternalRaftRequest) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0x44
i++
i = encodeVarintRaftInternal(dAtA, i, uint64(m.AuthUserDelete.Size()))
n16, err := m.AuthUserDelete.MarshalTo(dAtA[i:])
n17, err := m.AuthUserDelete.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n16
i += n17
}
if m.AuthUserGet != nil {
dAtA[i] = 0xf2
@ -338,11 +351,11 @@ func (m *InternalRaftRequest) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0x44
i++
i = encodeVarintRaftInternal(dAtA, i, uint64(m.AuthUserGet.Size()))
n17, err := m.AuthUserGet.MarshalTo(dAtA[i:])
n18, err := m.AuthUserGet.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n17
i += n18
}
if m.AuthUserChangePassword != nil {
dAtA[i] = 0xfa
@ -350,11 +363,11 @@ func (m *InternalRaftRequest) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0x44
i++
i = encodeVarintRaftInternal(dAtA, i, uint64(m.AuthUserChangePassword.Size()))
n18, err := m.AuthUserChangePassword.MarshalTo(dAtA[i:])
n19, err := m.AuthUserChangePassword.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n18
i += n19
}
if m.AuthUserGrantRole != nil {
dAtA[i] = 0x82
@ -362,11 +375,11 @@ func (m *InternalRaftRequest) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0x45
i++
i = encodeVarintRaftInternal(dAtA, i, uint64(m.AuthUserGrantRole.Size()))
n19, err := m.AuthUserGrantRole.MarshalTo(dAtA[i:])
n20, err := m.AuthUserGrantRole.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n19
i += n20
}
if m.AuthUserRevokeRole != nil {
dAtA[i] = 0x8a
@ -374,11 +387,11 @@ func (m *InternalRaftRequest) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0x45
i++
i = encodeVarintRaftInternal(dAtA, i, uint64(m.AuthUserRevokeRole.Size()))
n20, err := m.AuthUserRevokeRole.MarshalTo(dAtA[i:])
n21, err := m.AuthUserRevokeRole.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n20
i += n21
}
if m.AuthUserList != nil {
dAtA[i] = 0x92
@ -386,11 +399,11 @@ func (m *InternalRaftRequest) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0x45
i++
i = encodeVarintRaftInternal(dAtA, i, uint64(m.AuthUserList.Size()))
n21, err := m.AuthUserList.MarshalTo(dAtA[i:])
n22, err := m.AuthUserList.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n21
i += n22
}
if m.AuthRoleList != nil {
dAtA[i] = 0x9a
@ -398,11 +411,11 @@ func (m *InternalRaftRequest) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0x45
i++
i = encodeVarintRaftInternal(dAtA, i, uint64(m.AuthRoleList.Size()))
n22, err := m.AuthRoleList.MarshalTo(dAtA[i:])
n23, err := m.AuthRoleList.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n22
i += n23
}
if m.AuthRoleAdd != nil {
dAtA[i] = 0x82
@ -410,11 +423,11 @@ func (m *InternalRaftRequest) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0x4b
i++
i = encodeVarintRaftInternal(dAtA, i, uint64(m.AuthRoleAdd.Size()))
n23, err := m.AuthRoleAdd.MarshalTo(dAtA[i:])
n24, err := m.AuthRoleAdd.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n23
i += n24
}
if m.AuthRoleDelete != nil {
dAtA[i] = 0x8a
@ -422,11 +435,11 @@ func (m *InternalRaftRequest) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0x4b
i++
i = encodeVarintRaftInternal(dAtA, i, uint64(m.AuthRoleDelete.Size()))
n24, err := m.AuthRoleDelete.MarshalTo(dAtA[i:])
n25, err := m.AuthRoleDelete.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n24
i += n25
}
if m.AuthRoleGet != nil {
dAtA[i] = 0x92
@ -434,11 +447,11 @@ func (m *InternalRaftRequest) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0x4b
i++
i = encodeVarintRaftInternal(dAtA, i, uint64(m.AuthRoleGet.Size()))
n25, err := m.AuthRoleGet.MarshalTo(dAtA[i:])
n26, err := m.AuthRoleGet.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n25
i += n26
}
if m.AuthRoleGrantPermission != nil {
dAtA[i] = 0x9a
@ -446,11 +459,11 @@ func (m *InternalRaftRequest) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0x4b
i++
i = encodeVarintRaftInternal(dAtA, i, uint64(m.AuthRoleGrantPermission.Size()))
n26, err := m.AuthRoleGrantPermission.MarshalTo(dAtA[i:])
n27, err := m.AuthRoleGrantPermission.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n26
i += n27
}
if m.AuthRoleRevokePermission != nil {
dAtA[i] = 0xa2
@ -458,11 +471,11 @@ func (m *InternalRaftRequest) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0x4b
i++
i = encodeVarintRaftInternal(dAtA, i, uint64(m.AuthRoleRevokePermission.Size()))
n27, err := m.AuthRoleRevokePermission.MarshalTo(dAtA[i:])
n28, err := m.AuthRoleRevokePermission.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n27
i += n28
}
if m.ClusterVersionSet != nil {
dAtA[i] = 0xa2
@ -470,11 +483,11 @@ func (m *InternalRaftRequest) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0x51
i++
i = encodeVarintRaftInternal(dAtA, i, uint64(m.ClusterVersionSet.Size()))
n28, err := m.ClusterVersionSet.MarshalTo(dAtA[i:])
n29, err := m.ClusterVersionSet.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n28
i += n29
}
if m.ClusterMemberAttrSet != nil {
dAtA[i] = 0xaa
@ -482,11 +495,11 @@ func (m *InternalRaftRequest) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0x51
i++
i = encodeVarintRaftInternal(dAtA, i, uint64(m.ClusterMemberAttrSet.Size()))
n29, err := m.ClusterMemberAttrSet.MarshalTo(dAtA[i:])
n30, err := m.ClusterMemberAttrSet.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n29
i += n30
}
return i, nil
}
@ -632,6 +645,10 @@ func (m *InternalRaftRequest) Size() (n int) {
l = m.Authenticate.Size()
n += 2 + l + sovRaftInternal(uint64(l))
}
if m.AuthStatus != nil {
l = m.AuthStatus.Size()
n += 2 + l + sovRaftInternal(uint64(l))
}
if m.AuthUserAdd != nil {
l = m.AuthUserAdd.Size()
n += 2 + l + sovRaftInternal(uint64(l))
@ -1359,6 +1376,39 @@ func (m *InternalRaftRequest) Unmarshal(dAtA []byte) error {
return err
}
iNdEx = postIndex
case 1013:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field AuthStatus", wireType)
}
var msglen int
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowRaftInternal
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
msglen |= (int(b) & 0x7F) << shift
if b < 0x80 {
break
}
}
if msglen < 0 {
return ErrInvalidLengthRaftInternal
}
postIndex := iNdEx + msglen
if postIndex > l {
return io.ErrUnexpectedEOF
}
if m.AuthStatus == nil {
m.AuthStatus = &AuthStatusRequest{}
}
if err := m.AuthStatus.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
return err
}
iNdEx = postIndex
case 1100:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field AuthUserAdd", wireType)
@ -2170,66 +2220,67 @@ var (
func init() { proto.RegisterFile("raft_internal.proto", fileDescriptorRaftInternal) }
var fileDescriptorRaftInternal = []byte{
// 961 bytes of a gzipped FileDescriptorProto
// 978 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x7c, 0x96, 0x49, 0x73, 0x1b, 0x45,
0x14, 0xc7, 0x23, 0xc5, 0x71, 0xac, 0x96, 0xed, 0x38, 0x6d, 0x87, 0x34, 0x72, 0x95, 0x70, 0x1c,
0x96, 0xb0, 0xd9, 0x94, 0x73, 0xa5, 0x0a, 0x84, 0xe4, 0x72, 0x5c, 0x15, 0x82, 0x6b, 0x08, 0x4b,
0x15, 0x87, 0xa1, 0x35, 0xf3, 0x22, 0x0d, 0x9e, 0x8d, 0xee, 0x96, 0x30, 0xdf, 0x03, 0xaa, 0xf8,
0x18, 0x6c, 0x1f, 0x22, 0x07, 0x96, 0x00, 0x5f, 0x00, 0xcc, 0x85, 0x3b, 0xdc, 0xb8, 0xa4, 0x7a,
0x99, 0x9e, 0x19, 0xa9, 0xe5, 0xdb, 0xe8, 0xff, 0xfe, 0xef, 0xf7, 0xde, 0x74, 0xbf, 0x1e, 0x35,
0xda, 0x64, 0xf4, 0x91, 0xf0, 0xa3, 0x54, 0x00, 0x4b, 0x69, 0xbc, 0x97, 0xb3, 0x4c, 0x64, 0x78,
0x15, 0x44, 0x10, 0x72, 0x60, 0x53, 0x60, 0xf9, 0xb0, 0xb3, 0x35, 0xca, 0x46, 0x99, 0x0a, 0xec,
0xcb, 0x27, 0xed, 0xe9, 0x6c, 0x94, 0x1e, 0xa3, 0xb4, 0x58, 0x1e, 0x98, 0xc7, 0x37, 0x65, 0x70,
0xbf, 0x74, 0xec, 0xd3, 0x3c, 0xda, 0x4f, 0x20, 0x19, 0x02, 0xe3, 0xe3, 0x28, 0xaf, 0x3c, 0xe6,
0xc3, 0xca, 0x0f, 0x9d, 0xbd, 0xfb, 0x29, 0x5a, 0xf3, 0xe0, 0xf3, 0x09, 0x70, 0x71, 0x0f, 0x68,
0x08, 0x0c, 0xaf, 0xa3, 0xe6, 0xf1, 0x80, 0x34, 0x76, 0x1a, 0x77, 0x96, 0xbc, 0xe6, 0xf1, 0x00,
0x77, 0xd0, 0xca, 0x84, 0xcb, 0x86, 0x13, 0x20, 0xcd, 0x9d, 0xc6, 0x9d, 0x96, 0x67, 0x7f, 0xe3,
0xdb, 0x68, 0x8d, 0x4e, 0xc4, 0xd8, 0x67, 0x30, 0x8d, 0x78, 0x94, 0xa5, 0xe4, 0xb2, 0x4a, 0x5b,
0x95, 0xa2, 0x67, 0xb4, 0xdd, 0xff, 0x37, 0xd0, 0xe6, 0xb1, 0x79, 0x67, 0x8f, 0x3e, 0x12, 0xa6,
0xdc, 0x5c, 0xa1, 0x17, 0x50, 0x73, 0x7a, 0xa0, 0x4a, 0xb4, 0x0f, 0x6e, 0xec, 0x55, 0x57, 0x65,
0xcf, 0xa4, 0x78, 0xcd, 0xe9, 0x01, 0x7e, 0x03, 0x5d, 0x61, 0x34, 0x1d, 0x81, 0xaa, 0xd5, 0x3e,
0xe8, 0xcc, 0x38, 0x65, 0xa8, 0xb0, 0x6b, 0x23, 0x7e, 0x05, 0x5d, 0xce, 0x27, 0x82, 0x2c, 0x29,
0x3f, 0xa9, 0xfb, 0x4f, 0x26, 0x45, 0x3f, 0x9e, 0x34, 0xe1, 0x3e, 0x5a, 0x0d, 0x21, 0x06, 0x01,
0xbe, 0x2e, 0x72, 0x45, 0x25, 0xed, 0xd4, 0x93, 0x06, 0xca, 0x51, 0x2b, 0xd5, 0x0e, 0x4b, 0x4d,
0x16, 0x14, 0x67, 0x29, 0x59, 0x76, 0x15, 0x7c, 0x78, 0x96, 0xda, 0x82, 0xe2, 0x2c, 0xc5, 0x6f,
0x21, 0x14, 0x64, 0x49, 0x4e, 0x03, 0x21, 0xd7, 0xef, 0xaa, 0x4a, 0x79, 0xae, 0x9e, 0xd2, 0xb7,
0xf1, 0x22, 0xb3, 0x92, 0x82, 0xdf, 0x46, 0xed, 0x18, 0x28, 0x07, 0x7f, 0xc4, 0x68, 0x2a, 0xc8,
0x8a, 0x8b, 0x70, 0x5f, 0x1a, 0x8e, 0x64, 0xdc, 0x12, 0x62, 0x2b, 0xc9, 0x77, 0xd6, 0x04, 0x06,
0xd3, 0xec, 0x14, 0x48, 0xcb, 0xf5, 0xce, 0x0a, 0xe1, 0x29, 0x83, 0x7d, 0xe7, 0xb8, 0xd4, 0xe4,
0xb6, 0xd0, 0x98, 0xb2, 0x84, 0x20, 0xd7, 0xb6, 0xf4, 0x64, 0xc8, 0x6e, 0x8b, 0x32, 0xe2, 0xf7,
0xd0, 0x86, 0x2e, 0x1b, 0x8c, 0x21, 0x38, 0xcd, 0xb3, 0x28, 0x15, 0xa4, 0xad, 0x92, 0x9f, 0x77,
0x94, 0xee, 0x5b, 0x53, 0x81, 0xb9, 0x16, 0xd7, 0x75, 0x7c, 0x17, 0x2d, 0x8f, 0xd5, 0x0c, 0x93,
0x50, 0x61, 0xb6, 0x9d, 0x43, 0xa4, 0xc7, 0xdc, 0x33, 0x56, 0xdc, 0x43, 0x6d, 0x35, 0xc2, 0x90,
0xd2, 0x61, 0x0c, 0xe4, 0x1f, 0xe7, 0x0e, 0xf4, 0x26, 0x62, 0x7c, 0xa8, 0x0c, 0x76, 0xfd, 0xa8,
0x95, 0xf0, 0x00, 0xa9, 0x81, 0xf7, 0xc3, 0x88, 0x2b, 0xc6, 0xbf, 0x57, 0x5d, 0x0b, 0x28, 0x19,
0x03, 0xed, 0xb0, 0x0b, 0x48, 0x4b, 0x0d, 0x3f, 0xd0, 0x14, 0x48, 0x45, 0x14, 0x50, 0x01, 0xe4,
0x3f, 0x4d, 0x79, 0xb9, 0x4e, 0x29, 0x0e, 0x52, 0xaf, 0x62, 0x2d, 0x70, 0xb5, 0x7c, 0x7c, 0x68,
0xce, 0xa6, 0x3c, 0xac, 0x3e, 0x0d, 0x43, 0xf2, 0xd3, 0xca, 0xa2, 0xb6, 0x3e, 0xe0, 0xc0, 0x7a,
0x61, 0x58, 0x6b, 0xcb, 0x68, 0xf8, 0x01, 0xda, 0x28, 0x31, 0x7a, 0xc8, 0xc9, 0xcf, 0x9a, 0x74,
0xdb, 0x4d, 0x32, 0xa7, 0xc3, 0xc0, 0xd6, 0x69, 0x4d, 0xae, 0xb7, 0x35, 0x02, 0x41, 0x7e, 0xb9,
0xb0, 0xad, 0x23, 0x10, 0x73, 0x6d, 0x1d, 0x81, 0xc0, 0x23, 0xf4, 0x6c, 0x89, 0x09, 0xc6, 0xf2,
0xd8, 0xf9, 0x39, 0xe5, 0xfc, 0x8b, 0x8c, 0x85, 0xe4, 0x57, 0x8d, 0x7c, 0xd5, 0x8d, 0xec, 0x2b,
0xf7, 0x89, 0x31, 0x17, 0xf4, 0x67, 0xa8, 0x33, 0x8c, 0x3f, 0x46, 0x5b, 0x95, 0x7e, 0xe5, 0x79,
0xf1, 0x59, 0x16, 0x03, 0x79, 0xa2, 0x6b, 0xbc, 0xb8, 0xa0, 0x6d, 0x75, 0xd6, 0xb2, 0x72, 0xab,
0xaf, 0xd3, 0xd9, 0x08, 0xfe, 0x04, 0xdd, 0x28, 0xc9, 0xfa, 0xe8, 0x69, 0xf4, 0x6f, 0x1a, 0xfd,
0x92, 0x1b, 0x6d, 0xce, 0x60, 0x85, 0x8d, 0xe9, 0x5c, 0x08, 0xdf, 0x43, 0xeb, 0x25, 0x3c, 0x8e,
0xb8, 0x20, 0xbf, 0x6b, 0xea, 0x2d, 0x37, 0xf5, 0x7e, 0xc4, 0x45, 0x6d, 0x8e, 0x0a, 0xd1, 0x92,
0x64, 0x6b, 0x9a, 0xf4, 0xc7, 0x42, 0x92, 0x2c, 0x3d, 0x47, 0x2a, 0x44, 0xbb, 0xf5, 0x8a, 0x24,
0x27, 0xf2, 0xdb, 0xd6, 0xa2, 0xad, 0x97, 0x39, 0xb3, 0x13, 0x69, 0x34, 0x3b, 0x91, 0x0a, 0x63,
0x26, 0xf2, 0xbb, 0xd6, 0xa2, 0x89, 0x94, 0x59, 0x8e, 0x89, 0x2c, 0xe5, 0x7a, 0x5b, 0x72, 0x22,
0xbf, 0xbf, 0xb0, 0xad, 0xd9, 0x89, 0x34, 0x1a, 0xfe, 0x0c, 0x75, 0x2a, 0x18, 0x35, 0x28, 0x39,
0xb0, 0x24, 0xe2, 0xea, 0x8f, 0xf1, 0x07, 0xcd, 0x7c, 0x6d, 0x01, 0x53, 0xda, 0x4f, 0xac, 0xbb,
0xe0, 0xdf, 0xa4, 0xee, 0x38, 0x4e, 0xd0, 0x76, 0x59, 0xcb, 0x8c, 0x4e, 0xa5, 0xd8, 0x8f, 0xba,
0xd8, 0xeb, 0xee, 0x62, 0x7a, 0x4a, 0xe6, 0xab, 0x11, 0xba, 0xc0, 0x80, 0x3f, 0x42, 0x9b, 0x41,
0x3c, 0xe1, 0x02, 0x98, 0x3f, 0x05, 0x26, 0x25, 0x9f, 0x83, 0x20, 0x5f, 0x21, 0x73, 0x04, 0xaa,
0x37, 0x8c, 0xbd, 0xbe, 0x76, 0x7e, 0xa8, 0x8d, 0xef, 0x97, 0xab, 0x75, 0x3d, 0x98, 0x8d, 0x60,
0x8a, 0x6e, 0x16, 0x60, 0xcd, 0xf0, 0xa9, 0x10, 0x4c, 0xc1, 0xbf, 0x46, 0xe6, 0xf3, 0xe7, 0x82,
0xbf, 0xab, 0xb4, 0x9e, 0x10, 0xac, 0xc2, 0xdf, 0x0a, 0x1c, 0xc1, 0xdd, 0x6b, 0x68, 0xed, 0x30,
0xc9, 0xc5, 0x97, 0x1e, 0xf0, 0x3c, 0x4b, 0x39, 0xec, 0xe6, 0x68, 0xfb, 0x82, 0x8f, 0x28, 0xc6,
0x68, 0x49, 0x5d, 0x75, 0x1a, 0xea, 0xaa, 0xa3, 0x9e, 0xe5, 0x15, 0xc8, 0x7e, 0x5b, 0xcc, 0x15,
0xa8, 0xf8, 0x8d, 0x6f, 0xa1, 0x55, 0x1e, 0x25, 0x79, 0x0c, 0xbe, 0xc8, 0x4e, 0x41, 0xdf, 0x80,
0x5a, 0x5e, 0x5b, 0x6b, 0x0f, 0xa5, 0xf4, 0xce, 0xd6, 0xe3, 0xbf, 0xba, 0x97, 0x1e, 0x9f, 0x77,
0x1b, 0x4f, 0xce, 0xbb, 0x8d, 0x3f, 0xcf, 0xbb, 0x8d, 0x6f, 0xfe, 0xee, 0x5e, 0x1a, 0x2e, 0xab,
0xfb, 0xd7, 0xdd, 0xa7, 0x01, 0x00, 0x00, 0xff, 0xff, 0x39, 0xbf, 0x15, 0x6f, 0x15, 0x0a, 0x00,
0x00,
0x14, 0xc7, 0x23, 0xc7, 0x71, 0xac, 0x96, 0xed, 0xd8, 0x6d, 0x87, 0x34, 0x72, 0x95, 0x70, 0x1c,
0x96, 0xb0, 0xd9, 0x94, 0x73, 0xa5, 0x0a, 0x84, 0xe4, 0x72, 0x5c, 0x15, 0x82, 0x6b, 0x12, 0x96,
0x2a, 0x0e, 0x43, 0x6b, 0xe6, 0x45, 0x1a, 0x3c, 0x1b, 0xdd, 0x2d, 0x61, 0xbe, 0x07, 0x54, 0xf1,
0x31, 0xd8, 0xce, 0x9c, 0x73, 0x60, 0x09, 0xf0, 0x05, 0xc0, 0x5c, 0xb8, 0x03, 0xf7, 0x54, 0x2f,
0xd3, 0x33, 0x23, 0xb5, 0x7c, 0x1b, 0xfd, 0xdf, 0xff, 0xfd, 0x5e, 0xf7, 0xf4, 0x7b, 0xa3, 0x46,
0x9b, 0x8c, 0x3e, 0x12, 0x7e, 0x94, 0x0a, 0x60, 0x29, 0x8d, 0xf7, 0x72, 0x96, 0x89, 0x0c, 0xaf,
0x80, 0x08, 0x42, 0x0e, 0x6c, 0x02, 0x2c, 0x1f, 0xb4, 0xb7, 0x86, 0xd9, 0x30, 0x53, 0x81, 0x7d,
0xf9, 0xa4, 0x3d, 0xed, 0xf5, 0xd2, 0x63, 0x94, 0x26, 0xcb, 0x03, 0xf3, 0xf8, 0xa6, 0x0c, 0xee,
0x97, 0x8e, 0x7d, 0x9a, 0x47, 0xfb, 0x09, 0x24, 0x03, 0x60, 0x7c, 0x14, 0xe5, 0x95, 0xc7, 0x7c,
0x50, 0xf9, 0xa1, 0xb3, 0x77, 0x3f, 0x41, 0xab, 0x1e, 0x7c, 0x36, 0x06, 0x2e, 0xee, 0x02, 0x0d,
0x81, 0xe1, 0x35, 0xb4, 0x70, 0xdc, 0x27, 0x8d, 0x9d, 0xc6, 0xed, 0x45, 0x6f, 0xe1, 0xb8, 0x8f,
0xdb, 0x68, 0x79, 0xcc, 0xe5, 0x82, 0x13, 0x20, 0x0b, 0x3b, 0x8d, 0xdb, 0x4d, 0xcf, 0xfe, 0xc6,
0xb7, 0xd0, 0x2a, 0x1d, 0x8b, 0x91, 0xcf, 0x60, 0x12, 0xf1, 0x28, 0x4b, 0xc9, 0x65, 0x95, 0xb6,
0x22, 0x45, 0xcf, 0x68, 0xbb, 0x3f, 0x6e, 0xa0, 0xcd, 0x63, 0xb3, 0x67, 0x8f, 0x3e, 0x12, 0xa6,
0xdc, 0x4c, 0xa1, 0x17, 0xd0, 0xc2, 0xe4, 0x40, 0x95, 0x68, 0x1d, 0x5c, 0xdf, 0xab, 0xbe, 0x95,
0x3d, 0x93, 0xe2, 0x2d, 0x4c, 0x0e, 0xf0, 0x1b, 0xe8, 0x0a, 0xa3, 0xe9, 0x10, 0x54, 0xad, 0xd6,
0x41, 0x7b, 0xca, 0x29, 0x43, 0x85, 0x5d, 0x1b, 0xf1, 0x2b, 0xe8, 0x72, 0x3e, 0x16, 0x64, 0x51,
0xf9, 0x49, 0xdd, 0x7f, 0x32, 0x2e, 0xd6, 0xe3, 0x49, 0x13, 0xee, 0xa1, 0x95, 0x10, 0x62, 0x10,
0xe0, 0xeb, 0x22, 0x57, 0x54, 0xd2, 0x4e, 0x3d, 0xa9, 0xaf, 0x1c, 0xb5, 0x52, 0xad, 0xb0, 0xd4,
0x64, 0x41, 0x71, 0x96, 0x92, 0x25, 0x57, 0xc1, 0x87, 0x67, 0xa9, 0x2d, 0x28, 0xce, 0x52, 0xfc,
0x16, 0x42, 0x41, 0x96, 0xe4, 0x34, 0x10, 0xf2, 0xfd, 0x5d, 0x55, 0x29, 0xcf, 0xd5, 0x53, 0x7a,
0x36, 0x5e, 0x64, 0x56, 0x52, 0xf0, 0xdb, 0xa8, 0x15, 0x03, 0xe5, 0xe0, 0x0f, 0x19, 0x4d, 0x05,
0x59, 0x76, 0x11, 0xee, 0x49, 0xc3, 0x91, 0x8c, 0x5b, 0x42, 0x6c, 0x25, 0xb9, 0x67, 0x4d, 0x60,
0x30, 0xc9, 0x4e, 0x81, 0x34, 0x5d, 0x7b, 0x56, 0x08, 0x4f, 0x19, 0xec, 0x9e, 0xe3, 0x52, 0x93,
0xc7, 0x42, 0x63, 0xca, 0x12, 0x82, 0x5c, 0xc7, 0xd2, 0x95, 0x21, 0x7b, 0x2c, 0xca, 0x88, 0xdf,
0x43, 0xeb, 0xba, 0x6c, 0x30, 0x82, 0xe0, 0x34, 0xcf, 0xa2, 0x54, 0x90, 0x96, 0x4a, 0x7e, 0xde,
0x51, 0xba, 0x67, 0x4d, 0x05, 0xe6, 0x5a, 0x5c, 0xd7, 0xf1, 0x1d, 0xb4, 0x34, 0x52, 0x3d, 0x4c,
0x42, 0x85, 0xd9, 0x76, 0x36, 0x91, 0x6e, 0x73, 0xcf, 0x58, 0x71, 0x17, 0xb5, 0x54, 0x0b, 0x43,
0x4a, 0x07, 0x31, 0x90, 0x7f, 0x9c, 0x27, 0xd0, 0x1d, 0x8b, 0xd1, 0xa1, 0x32, 0xd8, 0xf7, 0x47,
0xad, 0x84, 0xfb, 0x48, 0x35, 0xbc, 0x1f, 0x46, 0x5c, 0x31, 0xfe, 0xbd, 0xea, 0x7a, 0x81, 0x92,
0xd1, 0xd7, 0x0e, 0xfb, 0x02, 0x69, 0xa9, 0xe1, 0xfb, 0x9a, 0x02, 0xa9, 0x88, 0x02, 0x2a, 0x80,
0xfc, 0xa7, 0x29, 0x2f, 0xd7, 0x29, 0xc5, 0x20, 0x75, 0x2b, 0xd6, 0x02, 0x57, 0xcb, 0xb7, 0x1b,
0xe3, 0x82, 0x8a, 0x31, 0x27, 0xff, 0xcf, 0xdd, 0xd8, 0x03, 0x65, 0xa8, 0x6d, 0x4c, 0x4b, 0xf8,
0xd0, 0x8c, 0xb7, 0x9c, 0x77, 0x9f, 0x86, 0x21, 0xf9, 0x69, 0x79, 0xde, 0xce, 0xde, 0xe7, 0xc0,
0xba, 0x61, 0x58, 0xdb, 0x99, 0xd1, 0xf0, 0x7d, 0xb4, 0x5e, 0x62, 0xf4, 0x9c, 0x90, 0x9f, 0x35,
0xe9, 0x96, 0x9b, 0x64, 0x06, 0xcc, 0xc0, 0xd6, 0x68, 0x4d, 0xae, 0x2f, 0x6b, 0x08, 0x82, 0xfc,
0x72, 0xe1, 0xb2, 0x8e, 0x40, 0xcc, 0x2c, 0xeb, 0x08, 0x04, 0x1e, 0xa2, 0x67, 0x4b, 0x4c, 0x30,
0x92, 0x93, 0xeb, 0xe7, 0x94, 0xf3, 0xcf, 0x33, 0x16, 0x92, 0x5f, 0x35, 0xf2, 0x55, 0x37, 0xb2,
0xa7, 0xdc, 0x27, 0xc6, 0x5c, 0xd0, 0x9f, 0xa1, 0xce, 0x30, 0xfe, 0x08, 0x6d, 0x55, 0xd6, 0x2b,
0x47, 0xce, 0x67, 0x59, 0x0c, 0xe4, 0x89, 0xae, 0xf1, 0xe2, 0x9c, 0x65, 0xab, 0x71, 0xcd, 0xca,
0x6e, 0xd9, 0xa0, 0xd3, 0x11, 0xfc, 0x31, 0xba, 0x5e, 0x92, 0xf5, 0xf4, 0x6a, 0xf4, 0x6f, 0x1a,
0xfd, 0x92, 0x1b, 0x6d, 0xc6, 0xb8, 0xc2, 0xc6, 0x74, 0x26, 0x84, 0xef, 0xa2, 0xb5, 0x12, 0x1e,
0x47, 0x5c, 0x90, 0xdf, 0x35, 0xf5, 0xa6, 0x9b, 0x7a, 0x2f, 0xe2, 0xa2, 0xd6, 0x8a, 0x85, 0x68,
0x49, 0x72, 0x69, 0x9a, 0xf4, 0xc7, 0x5c, 0x92, 0x2c, 0x3d, 0x43, 0x2a, 0x44, 0x7b, 0xf4, 0x8a,
0x24, 0x3b, 0xf2, 0x9b, 0xe6, 0xbc, 0xa3, 0x97, 0x39, 0xd3, 0x1d, 0x69, 0x34, 0xdb, 0x91, 0x0a,
0x63, 0x3a, 0xf2, 0xdb, 0xe6, 0xbc, 0x8e, 0x94, 0x59, 0x8e, 0x8e, 0x2c, 0xe5, 0xfa, 0xb2, 0x64,
0x47, 0x7e, 0x77, 0xe1, 0xb2, 0xa6, 0x3b, 0xd2, 0x68, 0xf8, 0x53, 0xd4, 0xae, 0x60, 0x54, 0xa3,
0xe4, 0xc0, 0x92, 0x88, 0xab, 0xff, 0xd6, 0xef, 0x35, 0xf3, 0xb5, 0x39, 0x4c, 0x69, 0x3f, 0xb1,
0xee, 0x82, 0x7f, 0x83, 0xba, 0xe3, 0x38, 0x41, 0xdb, 0x65, 0x2d, 0xd3, 0x3a, 0x95, 0x62, 0x3f,
0xe8, 0x62, 0xaf, 0xbb, 0x8b, 0xe9, 0x2e, 0x99, 0xad, 0x46, 0xe8, 0x1c, 0x03, 0xfe, 0x10, 0x6d,
0x06, 0xf1, 0x98, 0x0b, 0x60, 0xfe, 0x04, 0x98, 0x94, 0x7c, 0x0e, 0x82, 0x7c, 0x89, 0xcc, 0x08,
0x54, 0x2f, 0x29, 0x7b, 0x3d, 0xed, 0xfc, 0x40, 0x1b, 0x1f, 0x94, 0x6f, 0x6b, 0x23, 0x98, 0x8e,
0x60, 0x8a, 0x6e, 0x14, 0x60, 0xcd, 0xf0, 0xa9, 0x10, 0x4c, 0xc1, 0xbf, 0x42, 0xe6, 0x0b, 0xea,
0x82, 0xbf, 0xab, 0xb4, 0xae, 0x10, 0xac, 0xc2, 0xdf, 0x0a, 0x1c, 0xc1, 0xdd, 0x6b, 0x68, 0xf5,
0x30, 0xc9, 0xc5, 0x17, 0x1e, 0xf0, 0x3c, 0x4b, 0x39, 0xec, 0xe6, 0x68, 0xfb, 0x82, 0xef, 0x30,
0xc6, 0x68, 0x51, 0xdd, 0x96, 0x1a, 0xea, 0xb6, 0xa4, 0x9e, 0xe5, 0x2d, 0xca, 0x7e, 0x5b, 0xcc,
0x2d, 0xaa, 0xf8, 0x8d, 0x6f, 0xa2, 0x15, 0x1e, 0x25, 0x79, 0x0c, 0xbe, 0xc8, 0x4e, 0x41, 0x5f,
0xa2, 0x9a, 0x5e, 0x4b, 0x6b, 0x0f, 0xa5, 0xf4, 0xce, 0xd6, 0xe3, 0xbf, 0x3a, 0x97, 0x1e, 0x9f,
0x77, 0x1a, 0x4f, 0xce, 0x3b, 0x8d, 0x3f, 0xcf, 0x3b, 0x8d, 0xaf, 0xff, 0xee, 0x5c, 0x1a, 0x2c,
0xa9, 0x2b, 0xdc, 0x9d, 0xa7, 0x01, 0x00, 0x00, 0xff, 0xff, 0x82, 0x70, 0x91, 0x6b, 0x58, 0x0a,
0x00, 0x00,
}

1
etcdserver/etcdserverpb/raft_internal.proto
View File

@ -42,6 +42,7 @@ message InternalRaftRequest {
AuthEnableRequest auth_enable = 1000;
AuthDisableRequest auth_disable = 1011;
AuthStatusRequest auth_status = 1013;
InternalAuthenticateRequest authenticate = 1012;

909
etcdserver/etcdserverpb/rpc.pb.go
View File

File diff suppressed because it is too large Load Diff

16
etcdserver/etcdserverpb/rpc.proto
View File

@ -256,6 +256,14 @@ service Auth {
};
}
// AuthStatus displays authentication status.
rpc AuthStatus(AuthStatusRequest) returns (AuthStatusResponse) {
option (google.api.http) = {
post: "/v3/auth/status"
body: "*"
};
}
// Authenticate processes an authenticate request.
rpc Authenticate(AuthenticateRequest) returns (AuthenticateResponse) {
option (google.api.http) = {
@ -1000,6 +1008,9 @@ message AuthEnableRequest {
message AuthDisableRequest {
}
message AuthStatusRequest {
}
message AuthenticateRequest {
string name = 1;
string password = 2;
@ -1079,6 +1090,11 @@ message AuthDisableResponse {
ResponseHeader header = 1;
}
message AuthStatusResponse {
ResponseHeader header = 1;
bool enabled = 2;
}
message AuthenticateResponse {
ResponseHeader header = 1;
// token is an authorized token that can be used in succeeding RPCs

9
etcdserver/v3_server.go
View File

@ -70,6 +70,7 @@ type Lessor interface {
type Authenticator interface {
AuthEnable(ctx context.Context, r *pb.AuthEnableRequest) (*pb.AuthEnableResponse, error)
AuthDisable(ctx context.Context, r *pb.AuthDisableRequest) (*pb.AuthDisableResponse, error)
AuthStatus(ctx context.Context, r *pb.AuthStatusRequest) (*pb.AuthStatusResponse, error)
Authenticate(ctx context.Context, r *pb.AuthenticateRequest) (*pb.AuthenticateResponse, error)
UserAdd(ctx context.Context, r *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, error)
UserDelete(ctx context.Context, r *pb.AuthUserDeleteRequest) (*pb.AuthUserDeleteResponse, error)
@ -398,6 +399,14 @@ func (s *EtcdServer) AuthDisable(ctx context.Context, r *pb.AuthDisableRequest)
return resp.(*pb.AuthDisableResponse), nil
}
func (s *EtcdServer) AuthStatus(ctx context.Context, r *pb.AuthStatusRequest) (*pb.AuthStatusResponse, error) {
resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{AuthStatus: r})
if err != nil {
return nil, err
}
return resp.(*pb.AuthStatusResponse), nil
}
func (s *EtcdServer) Authenticate(ctx context.Context, r *pb.AuthenticateRequest) (*pb.AuthenticateResponse, error) {
if err := s.linearizableReadNotify(ctx); err != nil {
return nil, err

4
proxy/grpcproxy/adapter/auth_client_adapter.go
View File

@ -36,6 +36,10 @@ func (s *as2ac) AuthDisable(ctx context.Context, in *pb.AuthDisableRequest, opts
return s.as.AuthDisable(ctx, in)
}
func (s *as2ac) AuthStatus(ctx context.Context, in *pb.AuthStatusRequest, opts ...grpc.CallOption) (*pb.AuthStatusResponse, error) {
return s.as.AuthStatus(ctx, in)
}
func (s *as2ac) Authenticate(ctx context.Context, in *pb.AuthenticateRequest, opts ...grpc.CallOption) (*pb.AuthenticateResponse, error) {
return s.as.Authenticate(ctx, in)
}

5
proxy/grpcproxy/auth.go
View File

@ -39,6 +39,11 @@ func (ap *AuthProxy) AuthDisable(ctx context.Context, r *pb.AuthDisableRequest)
return pb.NewAuthClient(conn).AuthDisable(ctx, r)
}
func (ap *AuthProxy) AuthStatus(ctx context.Context, r *pb.AuthStatusRequest) (*pb.AuthStatusResponse, error) {
conn := ap.client.ActiveConnection()
return pb.NewAuthClient(conn).AuthStatus(ctx, r)
}
func (ap *AuthProxy) Authenticate(ctx context.Context, r *pb.AuthenticateRequest) (*pb.AuthenticateResponse, error) {
conn := ap.client.ActiveConnection()
return pb.NewAuthClient(conn).Authenticate(ctx, r)