vitalif
/
etcd
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
11,286 Commits
21 Branches
406 Tags
79 MiB
Commit Graph

387 Commits (b0e9d24fb6f20685253d339dce018daf1de54d9f)

Author SHA1 Message Date
Gyu-Ho Lee 747993de08 Merge pull request #7829 from gyuho/certs 
pkg/transport: reload TLS certificates for every client requests
 2017-04-27 14:36:53 -07:00
Xiang Li d818ef2c76 pkg/wait: add comment and make List private 2017-04-27 13:25:02 -07:00
Tony Grosinger 4e21f87e3d pkg/transport: reload TLS certificates for every client requests 
This changes the baseConfig used when creating tls Configs to utilize
the GetCertificate and GetClientCertificate functions to always reload
the certificates from disk whenever they are needed.

Always reloading the certificates allows changing the certificates via
an external process without interrupting etcd.

Fixes #7576

Cherry-picked by Gyu-Ho Lee <gyuhox@gmail.com>
Original commit can be found at https://github.com/coreos/etcd/pull/7784
 2017-04-27 11:22:03 -07:00
Anthony Romano 6f06e1cb47 testutil: add assert functions 2017-04-22 20:29:58 -07:00
Anthony Romano 91039bef7c Merge pull request #7799 from heyitsanthony/ctxize-resolve 
netutil: use "context" and ctx-ize TCP addr resolution
 2017-04-21 16:30:32 -07:00
Anthony Romano 14d6ed9e5f *: clear redundant return statement warnings (S1027) 2017-04-21 14:01:00 -07:00
Anthony Romano 85e87e8f6b netutil: use "context" and ctx-ize TCP addr resolution 2017-04-21 10:01:53 -07:00
Anthony Romano 8fa4b8da6e Merge pull request #7767 from heyitsanthony/transport-resolve-dnsnames 
transport: resolve DNSNames when SAN checking
 2017-04-18 17:28:01 -07:00
Anthony Romano 05582ad5b2 transport: resolve DNSNames when SAN checking 
The current transport client TLS checking will pass an IP address into
VerifyHostnames if there is DNSNames SAN. However, the go runtime will
not resolve the DNS names to match the client IP. Intead, resolve the
names when checking.
 2017-04-18 13:21:26 -07:00
Gyu-Ho Lee 5161b74799 pkg/debugutil: add 'mutex' profiler (Go 1.8+) 
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
 2017-04-18 10:56:06 -07:00
Gyu-Ho Lee 8aaa1ed911 *: use '*tls.Config.Clone' in Go 1.8 
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
 2017-04-17 20:08:27 -07:00
Anthony Romano 1153e1e7d9 Merge pull request #7687 from heyitsanthony/deny-tls-ipsan 
transport: deny incoming peer certs with wrong IP SAN
 2017-04-13 15:03:25 -07:00
Gyu-Ho Lee 8ce579aac9 pkg/transport: add 'IsClosedConnError' 
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
 2017-04-13 11:55:18 -07:00
Anthony Romano 33a0496b5e report: add test for Report interface 2017-04-12 16:41:32 -07:00
Anthony Romano 70a9929b5d transport: use actual certs for listener tests 2017-04-12 13:41:33 -07:00
Anthony Romano cad1215b18 *: deny incoming peer certs with wrong IP SAN 2017-04-12 13:41:33 -07:00
Anthony Romano 88d4e7ebeb netutil: fix unused err staticcheck failure 
Clears SA4006
 2017-04-07 10:52:54 -07:00
Anthony Romano d42c1f5131 Merge pull request #7646 from andelf/fix-unix-socket-url 
*: fix a bug in handling unix socket urls
 2017-04-05 09:24:38 -07:00
Gyu-Ho Lee 43f795a485 Merge pull request #7659 from gyuho/aaa 
pkg/transport: remove port in Certificate.IPAddresses
 2017-04-05 04:29:44 -07:00
andelf 4f27981c46 *: fix a bug in handling unix socket urls 
Now use url.Host + url.Path as unix socket path

Fixes #7644
 2017-04-05 14:33:13 +08:00
Hitoshi Mitake c4a45c5713 auth, adt: introduce a new type BytesAffineComparable 
It will be useful for avoiding a cost of casting from string to
[]byte. The permission checker is the first user of the type.
 2017-04-05 13:17:24 +09:00
Gyu-Ho Lee 8a7a548a6d pkg/transport: remove port in Certificate.IPAddresses 
etcd passes 'url.URL.Host' to 'SelfCert' which contains
client, peer port. 'net.ParseIP("127.0.0.1:2379")' returns
'nil', and the client on this self-cert will see errors
of '127.0.0.1 because it doesn't contain any IP SANs'

Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
 2017-04-04 09:44:59 -07:00
Xiang Li 972d8c55ab Merge pull request #7653 from xiang90/pprof 
*: add pprof flag to grpc proxy
 2017-04-04 09:22:50 -07:00
Xiang fd5984af56 *: add pprof flag to grpc proxy 2017-04-03 22:07:17 -07:00
Anthony Romano f67bdc2eed *: support checking that an interval tree's keys cover an entire interval 2017-04-03 15:38:07 -07:00
Peng Gao d204b6c3b7 idgen: correct comments for id generator 
Comments for id generator format is out of
date, correct it.

Fixes #7636

Signed-off-by: Peng Gao <peng.gao.dut@gmail.com>
 2017-04-02 20:56:10 +08:00
Anthony Romano 997e83f8ea testutil: check for grpc resources in AfterTest 
gRPC leaks only show up at the final leak check, making it difficult to
determine which test is causing the leak.
 2017-03-24 16:09:38 -07:00
Anthony Romano 25e3ce1feb adt: Visit() interval trees in sorted order and terminate early 
For all intervals [x, y), Visit will visit intervals in ascending order
sorted by x. Also fixes a bug where Visit would not terminate the search
when requested by the visitor function.
 2017-03-23 00:02:29 -07:00
Gyu-Ho Lee 27550b229a Merge pull request #7545 from gyuho/go1.7-go1.8 
*: use 'io.Seek*' for go1.7+
 2017-03-20 16:31:21 -07:00
Gyu-Ho Lee aca2abd8fe *: use 'io.Seek*' for go1.7+ 
For https://github.com/coreos/etcd/issues/6174.

Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
 2017-03-20 15:15:24 -07:00
Anthony Romano ae7b4ee8ed *: fix gosimple warning for fmt.Sprintf("%s") 2017-03-20 13:26:39 -07:00
Anthony Romano 2f1542c06d *: use filepath.Join for files 2017-03-16 07:46:06 -07:00
Anthony Romano eb6a47f87e testutil: add CheckAfterTest for calling AfterTest without a testing.T 2017-03-10 12:18:24 -08:00
Gyu-Ho Lee beb58c434c *: fix minor typos 
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
 2017-03-08 16:21:52 -08:00
Gyu-Ho Lee 3d75395875 *: remove never-unused vars, minor lint fix 
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
 2017-03-06 14:59:12 -08:00
Anthony Romano f97a077257 netutil: use ipv4 host by default 
Was non-deterministic.
 2017-02-21 20:11:35 -08:00
David Cheney 9b84127739 pkg/transport: remove dependency on pkg/fileutils 
4a0f922 changed SelfCert to use a helper from pkg/fileutils which
introduced a transitive dependency on coreos/pkg/capnslog. This means
anyone who imports pkg/transport to use TLS with the clientv3 library
has the default stdlib logger hijacked by capnslog.

This PR reverts 4a0f922. There are no tests because 4a0f922 contained no
test and was not attached to a PR.

Fixes #7350
 2017-02-20 12:32:04 +11:00
fanmin shi 07129a6370 *: add and expose StopSignal field in ExpectProcess 
add and expose StopSignal to ExpectProcess allows user
to define what signal to send on ExpectProcess.close()

coverage testing code sets StopSignal to SIGTERM allowing
the test binary to shutdown gracefully so that it can generate
a coverage report.
 2017-02-17 14:47:06 -08:00
fanmin shi 1d521556ae e2e: modify e2e to run code coverage 2017-02-15 09:51:50 -08:00
Gyu-Ho Lee 950a9da9d9 pkg/report: add min/max latency per second 
For https://github.com/coreos/dbtester/issues/221.
 2017-02-04 12:46:54 -08:00
Gyu-Ho Lee 01a1dae7ae
pkg/netutil: name GetDefaultInterfaces consistent 2017-02-03 00:37:31 -08:00
sharat 9def4cb9fe *: Use http.Request.WithContext instead of Cancel 2017-02-02 22:50:07 +05:30
felixoid 0f53ad0b84 netutil: add dualstack to linux_route 
in v3.1.0 netutil couldn't get default interface for ipv6only hosts

Fixes #7219
 2017-01-31 22:19:47 +03:00
Anthony Romano 5aab92414f Merge pull request #7199 from heyitsanthony/netutil-test-arch 
pkg/netutil: use native byte ordering
 2017-01-23 09:41:20 -08:00
Anthony Romano 1ada4f939f pkg/netutil: use native byte ordering for route information 
Fixes #7199
 2017-01-20 10:44:05 -08:00
Anthony Romano e446c2c2c7 pkg/cpuutil: add cpuutil 
A package for unsafe cpu-ish things.
 2017-01-20 01:47:56 -08:00
Vimal Kumar e4b8c874d2 pkg/flags: fixed prefix checking of the env variables 2017-01-20 13:13:40 +05:30
Gyu-Ho Lee 307e14028c Merge pull request #7175 from gyuho/report 
pkg/report: add nil checking for getTimeSeries
 2017-01-17 13:22:20 -08:00
Gyu-Ho Lee 69606bb95f
pkg/report: add nil checking for getTimeSeries 2017-01-17 12:51:47 -08:00
Laurie Clark-Michalek eba41cd7b3
pkg/transport: Obey the usual laws of ssl when using a private PKI 2017-01-15 21:27:53 +00:00