Skip to content

Prevent cluster internal ClusterState.Custom impls to leak to a client #26232

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Aug 16, 2017
Merged

Prevent cluster internal ClusterState.Custom impls to leak to a client #26232

merged 2 commits into from
Aug 16, 2017

Conversation

@s1monw
Copy link
Contributor

@s1monw s1monw commented Aug 16, 2017

Today a ClusterState.Custom can be fetched by a transport client and
leaks to the user even if the classes are private etc since the serialized
bytes can be reconstructed. This change adds an option to customs to mark
them as private such that our clusterstate action will never leak it.

@s1monw
Prevent cluster internal ClusterState.Custom impls to leak to a client
3e39aa5 
Today a `ClusterState.Custom` can be fetched by a transport client and
leaks to the user even if the classes are private etc since the serialized
bytes can be reconstructed. This change adds an option to customs to mark
them as private such that our clusterstate action will never leak it.
@s1monw s1monw requested a review from imotov August 16, 2017 08:31
jasontedor
jasontedor approved these changes Aug 16, 2017
View reviewed changes
Copy link
Member

@jasontedor jasontedor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

core/src/test/java/org/elasticsearch/cluster/SimpleClusterStateIT.java Outdated
assertTrue(state.customs().containsKey("test"));
}

private static class TestCustom extends AbstractNamedDiffable<ClusterState.Custom> implements ClusterState.Custom {
Copy link
Member

@jasontedor jasontedor Aug 16, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Extra space:

TestCustom  extends
          ^^

@s1monw s1monw merged commit 54bf7d7 into elastic:master Aug 16, 2017
@s1monw s1monw deleted the allow_customs_to_be_private branch August 16, 2017 10:54
@s1monw s1monw removed the v5.6.1 label Aug 16, 2017
s1monw added a commit that referenced this pull request Aug 16, 2017
@s1monw
Prevent cluster internal ClusterState.Custom impls to leak to a cli…
d3c8bd0 
…ent (#26232)

Today a `ClusterState.Custom` can be fetched by a transport client and
leaks to the user even if the classes are private etc since the serialized
bytes can be reconstructed. This change adds an option to customs to mark
them as private such that our clusterstate action will never leak it.
s1monw added a commit that referenced this pull request Aug 16, 2017
@s1monw
Prevent cluster internal ClusterState.Custom impls to leak to a cli…
50e4e79 
…ent (#26232)

Today a `ClusterState.Custom` can be fetched by a transport client and
leaks to the user even if the classes are private etc since the serialized
bytes can be reconstructed. This change adds an option to customs to mark
them as private such that our clusterstate action will never leak it.
jasontedor added a commit to glefloch/elasticsearch that referenced this pull request Aug 16, 2017
@jasontedor
Merge branch 'master' into fix/24969
e1bc2ef 
* master: (458 commits)
  Prevent cluster internal `ClusterState.Custom` impls to leak to a client (elastic#26232)
  Add packaging test for systemd runtime directive
  [TEST] Reenable RareClusterStateIt#testDeleteCreateInOneBulk
  Serialize and expose timeout of acknowledged requests in REST layer (elastic#26189)
  (refactor) some opportunities to use diamond operator (elastic#25585)
  [DOCS] Clarified readme for testing a single page
  Settings: Add keystore.seed auto generated secure setting (elastic#26149)
  Update version information (elastic#25226)
  "result" : created -> "result" : "created" (elastic#25446)
  Set RuntimeDirectory (elastic#23526)
  Drop upgrade from full cluster restart tests (elastic#26224)
  Further improve docs for requests_per_second
  Docs disambiguate reindex's requests_per_second (elastic#26185)
  [DOCS] Cleanup link for ec2 discovery (elastic#26222)
  Fix document field equals and hash code test
  Use holder pattern for lazy deprecation loggers
  Settings: Add keystore creation to add commands (elastic#26126)
  Docs: Cleanup docs for ec2 discovery (elastic#26065)
  Fix NPE when `values` is omitted on percentile_ranks agg (elastic#26046)
  Several internal improvements to internal test cluster infra (elastic#26214)
  ...
imotov
imotov reviewed Aug 16, 2017
View reviewed changes
Copy link
Contributor

@imotov imotov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should extend this functionality for MetaData.Custom as well, otherwise they will start to diverge and will be confusing.

@lcawl lcawl removed the v6.1.0 label Dec 12, 2017
@jpountz jpountz added the :Distributed Indexing/Distributed A catch all label for anything in the Distributed Indexing Area. Please avoid if you can. label Jan 29, 2019
@elasticmachine
Copy link
Collaborator

elasticmachine commented Jan 29, 2019

Pinging @elastic/es-distributed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jasontedor jasontedor jasontedor approved these changes

+1 more reviewer

@imotov imotov imotov left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

:Distributed Indexing/Distributed A catch all label for anything in the Distributed Indexing Area. Please avoid if you can. >enhancement v6.0.0-beta2 v7.0.0-beta1

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@s1monw @elasticmachine @imotov @jasontedor @colings86 @jpountz @lcawl