Philip O'Toole
3e84139290
Default to mutual TLS off for node-to-node
2 years ago
Philip O'Toole
cb1b398f76
ABL
2 years ago
Philip O'Toole
68c7bc41b9
Remove deprecated functions
2 years ago
Philip O'Toole
3d31d22de6
Implement -http-verify-client
2 years ago
Philip O'Toole
d8982d044e
Consolidate TLS config creation
2 years ago
Philip O'Toole
de0d0f63ad
Fix HTTP no-verify of client certs
2 years ago
Philip O'Toole
c8231596ac
Use central TLS config creation
2 years ago
Philip O'Toole
9e1f6c0a76
tls -> rtls
2 years ago
Philip O'Toole
8225ff838c
Fix mutual TLS testing
...
All certs in chain needed to have ExtKeyUsageClientAuth set.
2 years ago
Philip O'Toole
6dbe180bff
Confirm everything works when verify=false
...
But this isn't affecting the HTTP server, so fails client verification.
HTTP TLS config getting complicated, feels like it needs a dedicated
config object now.
2 years ago
Philip O'Toole
7852b27dcb
mTLS unit tests
...
Client cert not trusted yet.
2 years ago
Philip O'Toole
05a7663a93
Actually enable HTTP client cert verification
2 years ago
Philip O'Toole
39259bca8a
Start mutual TLS testing
...
Lots of boilerplate moving from PEMs, to certs, to bytes. Factor it out.
2 years ago
Philip O'Toole
eab0fc60ee
Fix test
2 years ago
Philip O'Toole
5a7a2f3102
Start testing with on-the-fly certs
2 years ago
Philip O'Toole
828acadb0c
Move HTTP TLS testing to own file
2 years ago
Philip O'Toole
08fe787c0a
More queued write counters
2 years ago
Philip O'Toole
f6eefd1690
Close HTTP service on shutdown
2 years ago
Philip O'Toole
70ea78fd6c
More Queued Writes instrumentation
2 years ago
Philip O'Toole
8fd877b1d6
Fix typo in expvar variable name
2 years ago
Philip O'Toole
0702e39ace
Add ResetStats
2 years ago
Philip O'Toole
0b8fde1dfb
Log node address
2 years ago
Philip O'Toole
4b5987a085
Fix logic
2 years ago
Philip O'Toole
cf3fa8eedb
Clearer runQueue logic
2 years ago
Philip O'Toole
1877bcc7ff
Support keyed fetches of expvar information
2 years ago
Philip O'Toole
98575d727b
Start adding remote remove node
...
More testing, including unit testing, required.
2 years ago
Philip O'Toole
f9b46165f9
Comments
2 years ago
Philip O'Toole
038812b4cb
Use standard library redaction functionality
2 years ago
Philip O'Toole
9c68b13868
Better error from /nodes when Store is not open
2 years ago
Eng Zer Jun
5141eff5fc
test: use `T.TempDir` to create temporary test directory
...
This commit replaces `ioutil.TempDir` with `t.TempDir` in tests. The
directory created by `t.TempDir` is automatically removed when the test
and all its subtests complete.
Prior to this commit, temporary directory created using `ioutil.TempDir`
needs to be removed manually by calling `os.RemoveAll`, which is omitted
in some tests. The error handling boilerplate e.g.
defer func() {
if err := os.RemoveAll(dir); err != nil {
t.Fatal(err)
}
}
is also tedious, but `t.TempDir` handles this for us nicely.
Reference: https://pkg.go.dev/testing#T.TempDir
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2 years ago
Philip O'Toole
3a261ce16e
Unit test remote load error handling
2 years ago
Philip O'Toole
d6b8390658
Handle remote backup errors correctly
2 years ago
Philip O'Toole
65cd556549
Fix remote-load error handling
...
Error from remote node was being dropped.
2 years ago
Philip O'Toole
5a3c639164
Fix HTTP unit tests
2 years ago
Philip O'Toole
5f33bffa0f
More logging and resolution checks
2 years ago
Philip O'Toole
06e098e41a
Mostly better logging
2 years ago
Philip O'Toole
eee9541545
Merge remote-tracking branch 'origin' into resolve-notifier
2 years ago
Philip O'Toole
b0f17b86c7
Notified node checks address resolution
...
If a non-resolvable address is passed to the Store, and then Store then
adds that to the config, it can result in a cluster that seems to have
insufficient members (since the remote node can't be contacted). This
may trigger a new leader election.
2 years ago
Philip O'Toole
9d9ffba7e2
Restoring via follower should have same response
2 years ago
Philip O'Toole
b978e3857d
More HTTP-level testing of Load
2 years ago
Philip O'Toole
27587634c6
Hook in HTTP layer
2 years ago
Philip O'Toole
8a69aa53aa
HTTP-level unit testing of remote backup
2 years ago
Philip O'Toole
31bba4c577
Move to Backup proto model
2 years ago
Philip O'Toole
2d762202b3
Flatten some if blocks
2 years ago
Philip O'Toole
221907f8a9
Support nil as paramterized values
2 years ago
Philip O'Toole
95dfead226
Integrate SQL rewrite with rqlite for RANDOM ( #1046 )
2 years ago
Philip O'Toole
7ccfbd93b2
Move to top-level use of cluster.Credentials
2 years ago
Philip O'Toole
01c78ea8d0
Better remote auth fail HTTP messages
2 years ago
Philip O'Toole
3afa2ce80a
Stick with simple proto
...
The proto was not well designed in the first place, but it's better to
deal with it as-is, and wait until another major release to fix it.
2 years ago
Neal Harrington
e4a810d7ea
Treat error from rpc response as a first class object, delineate error types a bit, use this data to check auth when forward from http
2 years ago