Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent cluster internal ClusterState.Custom impls to leak to a client #26232

Merged
merged 2 commits into from
Aug 16, 2017
Merged

Prevent cluster internal ClusterState.Custom impls to leak to a client #26232

merged 2 commits into from
Aug 16, 2017

Conversation

s1monw
Copy link
Contributor

@s1monw s1monw commented Aug 16, 2017

Today a ClusterState.Custom can be fetched by a transport client and
leaks to the user even if the classes are private etc since the serialized
bytes can be reconstructed. This change adds an option to customs to mark
them as private such that our clusterstate action will never leak it.

@s1monw
Prevent cluster internal ClusterState.Custom impls to leak to a client
3e39aa5 
Today a `ClusterState.Custom` can be fetched by a transport client and
leaks to the user even if the classes are private etc since the serialized
bytes can be reconstructed. This change adds an option to customs to mark
them as private such that our clusterstate action will never leak it.
@s1monw s1monw requested a review from imotov August 16, 2017 08:31
jasontedor
jasontedor approved these changes Aug 16, 2017
View reviewed changes
Copy link
Member

@jasontedor jasontedor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

core/src/test/java/org/elasticsearch/cluster/SimpleClusterStateIT.java Outdated
assertTrue(state.customs().containsKey("test"));
}

private static class TestCustom extends AbstractNamedDiffable<ClusterState.Custom> implements ClusterState.Custom {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Extra space:

TestCustom  extends
          ^^

@s1monw s1monw merged commit 54bf7d7 into elastic:master Aug 16, 2017
@s1monw s1monw deleted the allow_customs_to_be_private branch August 16, 2017 10:54
@s1monw s1monw removed the v5.6.1 label Aug 16, 2017
s1monw added a commit that referenced this pull request Aug 16, 2017
@s1monw
Prevent cluster internal ClusterState.Custom impls to leak to a cli…
d3c8bd0 
…ent (#26232)

Today a `ClusterState.Custom` can be fetched by a transport client and
leaks to the user even if the classes are private etc since the serialized
bytes can be reconstructed. This change adds an option to customs to mark
them as private such that our clusterstate action will never leak it.
s1monw added a commit that referenced this pull request Aug 16, 2017
@s1monw
Prevent cluster internal ClusterState.Custom impls to leak to a cli…
50e4e79 
…ent (#26232)

Today a `ClusterState.Custom` can be fetched by a transport client and
leaks to the user even if the classes are private etc since the serialized
bytes can be reconstructed. This change adds an option to customs to mark
them as private such that our clusterstate action will never leak it.
jasontedor added a commit to glefloch/elasticsearch that referenced this pull request Aug 16, 2017
@jasontedor
Merge branch 'master' into fix/24969
e1bc2ef 
* master: (458 commits)
  Prevent cluster internal `ClusterState.Custom` impls to leak to a client (elastic#26232)
  Add packaging test for systemd runtime directive
  [TEST] Reenable RareClusterStateIt#testDeleteCreateInOneBulk
  Serialize and expose timeout of acknowledged requests in REST layer (elastic#26189)
  (refactor) some opportunities to use diamond operator (elastic#25585)
  [DOCS] Clarified readme for testing a single page
  Settings: Add keystore.seed auto generated secure setting (elastic#26149)
  Update version information (elastic#25226)
  "result" : created -> "result" : "created" (elastic#25446)
  Set RuntimeDirectory (elastic#23526)
  Drop upgrade from full cluster restart tests (elastic#26224)
  Further improve docs for requests_per_second
  Docs disambiguate reindex's requests_per_second (elastic#26185)
  [DOCS] Cleanup link for ec2 discovery (elastic#26222)
  Fix document field equals and hash code test
  Use holder pattern for lazy deprecation loggers
  Settings: Add keystore creation to add commands (elastic#26126)
  Docs: Cleanup docs for ec2 discovery (elastic#26065)
  Fix NPE when `values` is omitted on percentile_ranks agg (elastic#26046)
  Several internal improvements to internal test cluster infra (elastic#26214)
  ...
imotov
imotov reviewed Aug 16, 2017
View reviewed changes
Copy link
Contributor

@imotov imotov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should extend this functionality for MetaData.Custom as well, otherwise they will start to diverge and will be confusing.

@lcawl lcawl removed the v6.1.0 label Dec 12, 2017
@jpountz jpountz added the :Distributed Indexing/Distributed A catch all label for anything in the Distributed Area. Please avoid if you can. label Jan 29, 2019
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-distributed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@imotov imotov imotov left review comments

@jasontedor jasontedor jasontedor approved these changes

Assignees
No one assigned
Labels
:Distributed Indexing/Distributed A catch all label for anything in the Distributed Area. Please avoid if you can. >enhancement v6.0.0-beta2 v7.0.0-beta1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@s1monw @elasticmachine @imotov @jasontedor @colings86 @jpountz @lcawl