Commit Graph

165 Commits (a90695fd5f91ea61edfea35c8961fed2d44e1765)

Author SHA1 Message Date
dvonthenen 25cdf4ed92 *: expose Raft Applied Index through to "etcdctl endpoint status"
Fixed based on feedback

Fixed spacing

Fix gofmt
2018-01-22 07:37:21 -08:00
Gyuho Lee 652841c411 *: regenerate proto
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2017-12-31 13:20:40 -08:00
Gyuho Lee 9bbfa23183 etcdserverpb: add "watch_id" to "WatchCreateRequest"
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2017-12-31 13:20:40 -08:00
Sam Batschelet eb65f26182 Documentation/dev-guide: Update TimeToLive documentation. 2017-12-20 15:39:37 -05:00
Gyuho Lee bcd5390b35 *: regenerate protobuf, grpc-gateway
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2017-12-07 21:31:13 -08:00
Gyu-Ho Lee ab526e8814 *: regenerate proto, swagger specs
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-11-15 01:22:09 -08:00
Gyu-Ho Lee ce6bb4f1c9 etcdserver: replace /v3alpha with /v3beta in proto definitions
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-11-15 01:19:53 -08:00
tamal c0c19465fc *: upgrade grpc-gateway to v1.3 2017-11-08 18:38:41 -08:00
Anthony Romano b8bcc891a6 *: regenerate gRPC assets 2017-08-22 09:59:59 -07:00
Anthony Romano 6be5f9a841 etcdserverpb: add corrupt alarm 2017-08-22 09:59:59 -07:00
Gyu-Ho Lee 8005f00bcf *: regenerate proto
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-08-14 14:18:56 -07:00
Gyu-Ho Lee a7413bbf28 etcdserverpb: define LeaseLeases API
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-08-14 14:18:56 -07:00
Anthony Romano 71e56a44b7 *: regenerate protobuf assets 2017-07-31 13:00:04 -07:00
Anthony Romano d8ca2bbffb etcdserverpb: add lease to txn comparison targets
Also shifts down fields following target_union in case there's any more
reason to expand. OK since range_end is still pre-release.
2017-07-31 13:00:04 -07:00
fanmin shi ed052ce9a3 proto: add HashKV grpc
HashKV rpc hash of all MVCC keys up to a given revision for a given node.
2017-07-14 16:41:23 -07:00
Gyu-Ho Lee 265303c19a *: regenerate proto with 'MoveLeader' RPC
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-06-23 12:45:53 -07:00
Gyu-Ho Lee d82f2572a4 etcdserver/etcdserverpb: define 'MoveLeader' RPC
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-06-23 12:43:29 -07:00
Anthony Romano 822473bc31 etcdserverpb: add txns to requestop/responseop 2017-06-21 14:33:15 -07:00
Anthony Romano 8d7c29c732 etcdserver, etcdserverpb: Txn.Compare range_end support 2017-06-16 12:13:27 -07:00
Anthony Romano 4ebeba0e18 *: regen protofiles with latest protobuf tools 2017-06-12 15:14:43 -07:00
Hitoshi Mitake 939912c425 clientv3, etcdserver: support auth in Watch() 2017-05-20 11:34:45 +09:00
Anthony Romano 393e4335b7 *: put gateway stubs into their own packages
Fixes #7773
2017-04-19 13:09:06 -07:00
Anthony Romano d9ec6b4d22 *: return updated member list in v3 rpcs
Now it's possible to atomically know the new member configuration from
issuing a membership change RPC.
2017-04-12 16:24:51 -07:00
Anthony Romano 78a5eb79b5 *: add swagger and grpc-gateway assets for v3lock and v3election 2017-04-10 15:21:07 -07:00
Anthony Romano 1ff0b71b30 *: use protoc 3.2.0
Fixes #7631
2017-03-30 13:43:10 -07:00
Asko Kauppi dae2755253 Documentation: fix typos 2017-03-30 11:41:50 +03:00
Anthony Romano fb7dd0f688 etcdserverpb, clientv3: clarify WithLimit documentation
Fixes #7316
2017-02-13 12:37:44 -08:00
sharat 508c9dfe5c *: regenrate proto files with 'ignore_lease' 2017-01-25 03:01:47 +05:30
sharat a9bf593bdc *: 'ignore_lease' to detach value with PutRequest 2017-01-25 02:59:30 +05:30
Anthony Romano 7e31ddd32a etcdserverpb: rework documentation for range request 2017-01-20 16:12:09 -08:00
Gyu-Ho Lee 7f8b5774a4 *: regenerate proto files with 'ignore_value' 2017-01-13 15:13:18 -08:00
Gyu-Ho Lee 8eea93942d *: 'ignore_value' to detach lease with PutRequest 2017-01-13 15:13:18 -08:00
Gyu-Ho Lee b8b72f80f9 *: revendor, update proto files 2016-11-10 12:02:00 -08:00
fanmin shi c2fd42b556 etcdserver, clientv3: add "!=" to txn
adding != to compare is a requested functionality from a etcd user

FIX #6719
2016-11-09 14:28:36 -08:00
Xiang Li 698a789644 Merge pull request #6655 from kragniz/range_end-docs
etcdserver: document DeleteRangeRequest prefixes
2016-10-14 15:00:24 -07:00
Louis Taylor ce6276a2e8
etcdserver: document DeleteRangeRequest prefixes
There was missing info about deleting prefixes in the proto docs for
DeleteRangeRequest.

Closes #6641.
2016-10-14 21:39:03 +01:00
Gyu-Ho Lee 9b56e51ca7 *: regenerate proto + gofmt change 2016-10-03 15:34:34 -07:00
ychen11 69f5b4ba79 Documentation:made watch request doc more clear 2016-09-23 23:13:55 +08:00
Anthony Romano c0981a90f7 etcdserver, etcdserverpb: range min_create_revision and max_create_revision 2016-09-14 15:31:45 -07:00
Anthony Romano af0264d2e6 etcdserver, etcdserverpb: add MinModRevision and MaxModRevision options to Range 2016-09-12 15:17:57 -07:00
Gyu-Ho Lee 3132e36bf3 etcdserverpb: add 'LeaseTimeToLive' RPC 2016-09-09 08:08:14 +09:00
Gyu-Ho Lee 982e18d80b *: regenerate proto with latest grpc-gateway 2016-07-27 13:21:03 -07:00
Xiang Li 020a24f1c3 *: regenerate proto for handling eof error 2016-07-23 16:21:44 -07:00
Xiang Li fffa484a9f *: regenerate proto for adding deleterange 2016-07-23 16:17:44 -07:00
Xiang Li b4ce427d45 etcdserverpb: add missing deleterange annotation 2016-07-23 15:59:53 -07:00
Hitoshi Mitake ef6b74411c auth, etcdserver: introduce revision of authStore for avoiding TOCTOU problem
This commit introduces revision of authStore. The revision number
represents a version of authStore that is incremented by updating auth
related information.

The revision is required for avoiding TOCTOU problems. Currently there
are two types of the TOCTOU problems in v3 auth.

The first one is in ordinal linearizable requests with a sequence like
below ():
1. Request from client CA is processed in follower FA. FA looks up the
   username (let it U) for the request from a token of the request. At
   this time, the request is authorized correctly.
2. Another request from client CB is processed in follower FB. CB
   is for changing U's password.
3. FB forwards the request from CB to the leader before FA. Now U's
   password is updated and the request from CA should be rejected.
4. However, the request from CA is processed by the leader because
   authentication is already done in FA.

For avoiding the above sequence, this commit lets
etcdserverpb.RequestHeader have a member revision. The member is
initialized during authentication by followers and checked in a
leader. If the revision in RequestHeader is lower than the leader's
authStore revision, it means a sequence like above happened. In such a
case, the state machine returns auth.ErrAuthRevisionObsolete. The
error code lets nodes retry their requests.

The second one, a case of serializable range and txn, is more
subtle. Because these requests are processed in follower directly. The
TOCTOU problem can be caused by a sequence like below:
1. Serializable request from client CA is processed in follower FA. At
   first, FA looks up the username (let it U) and its permission
   before actual access to KV.
2. Another request from client CB is processed in follower FB and
   forwarded to the leader. The cluster including FA now commits a log
   entry of the request from CB. Assume the request changed the
   permission or password of U.
3. Now the serializable request from CA is accessing to KV. Even if
   the access is allowed at the point of 1, now it can be invalid
   because of the change introduced in 2.

For avoiding the above sequence, this commit lets the functions of
serializable requests (EtcdServer.Range() and EtcdServer.Txn())
compare the revision in the request header with the latest revision of
authStore after the actual access. If the saved revision is lower than
the latest one, it means the permission can be changed. Although it
would introduce false positives (e.g. changing other user's password),
it prevents the TOCTOU problem. This idea is an implementation of
Anthony's comment:
https://github.com/coreos/etcd/pull/5739#issuecomment-228128254
2016-07-20 14:39:04 +09:00
Gyu-Ho Lee 50be793f09 *: regenerate proto 2016-07-18 09:33:32 -07:00
Gyu-Ho Lee 5b92e17e86 *: regenerate proto files 2016-07-15 13:24:19 -07:00
Xiang Li 12bf1a3382 *: rename preserveKVs to prevKv 2016-07-05 20:45:01 -07:00
Xiang Li c853704ac9 *: support get-old-kv in watch 2016-07-05 16:17:09 -07:00