-
Notifications
You must be signed in to change notification settings - Fork 27
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sig4v release 0.1 #273
Sig4v release 0.1 #273
Commits on Aug 11, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 4040fd6 - Browse repository at this point
Copy the full SHA 4040fd6View commit details -
Signed-off-by: Omar Khasawneh <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for a6b5d47 - Browse repository at this point
Copy the full SHA a6b5d47View commit details
Commits on Aug 12, 2023
-
Signed-off-by: Omar Khasawneh <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 9ffbe09 - Browse repository at this point
Copy the full SHA 9ffbe09View commit details -
Add test related files from PR opensearch-project#257
Signed-off-by: Omar Khasawneh <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 455aff8 - Browse repository at this point
Copy the full SHA 455aff8View commit details
Commits on Aug 13, 2023
-
Adding sigv4 headers related changes
Signed-off-by: Omar Khasawneh <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for b601346 - Browse repository at this point
Copy the full SHA b601346View commit details -
GET and POST w/ bodies work now
Signed-off-by: Omar Khasawneh <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 1e2f05b - Browse repository at this point
Copy the full SHA 1e2f05bView commit details
Commits on Aug 16, 2023
-
Refactoring to make way for various auth transformation handlers.
These patches introduce some new interfaces and rename some existing JSON transformers to make new transformation types more distinguishable. I've also moved around some fields between classes as thinking about how to handle auth headers has started to create some new types of patterns. Signed-off-by: Greg Schohn <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 3f14d2c - Browse repository at this point
Copy the full SHA 3f14d2cView commit details
Commits on Aug 17, 2023
-
Further changes to unify the replayer's auth story and to tie sigv4 s…
…igning all the way back to the command line. The command line now takes a service and region as opposed to just a zero arity boolean flag as both are required for SigV4 calculations. These values should refer to the region and service that the replayer is making calls to (e.g., the 'target' server). Notice that an AuthTransformerFactory is passed around that returns an AuthTransformer for a specific http message. There could be different strategies dependent upon the original message. For example, unauthorized users might simply be mapped to no transformation, meaning that we don't need to go through the added effort of buffering and signing the messages. The old style http header transformation via jolt is also gone and has been replaced with an (HeaderOnly)AuthTransformer class that manipulates headers. I'm not happy with the care that I had to put into the NettyDecodedHttpRequestHandler class (now NettyDecodedHttpRequestPreliminaryConvertHandler) to do the auth transformation in two spots while also passing more complicated auth transformations into the pipeline construction helper methods. I've also converted the SigV4Signer to be an AuthTransformer and have tied it into the netty handler to host it, though none of that has been tested in this commit. Unrelated changes include converting the packets of an HttpMessage(AndTimestamp) from an ArrayList to a named extension (ie. typedef). I've never been comfortable with the vagueness of the ArrayList. I had also been working on edits to take the response into the AuthTransformer so that 403s could be ignored - but decided that would be a bad idea. 1) Not every request will have a response and 2) it will allow future requests that should have been blocked to never be tested and the time to test them will be within the target server. Signed-off-by: Greg Schohn <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for e43a691 - Browse repository at this point
Copy the full SHA e43a691View commit details
Commits on Aug 18, 2023
-
Cleanup and bugfixes to get SigV4 more correctly wired with the rest …
…of the replayer. I've got a unit test to verify that the contents of the signature match a mock key and mock date. To put that together, I've extracted another helper function from a similar test and placed it into TestUtils. There was one other bugfix to remove a spurious "toString()" that followed a headers.put call for the content-length. The string wasn't used and put() will return null when the header wasn't previously present, creating an NPE situation. Signed-off-by: Greg Schohn <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 4f689e9 - Browse repository at this point
Copy the full SHA 4f689e9View commit details -
Cleanup after reviewing the changes on the branch in aggregate.
Signed-off-by: Greg Schohn <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for a1fd51b - Browse repository at this point
Copy the full SHA a1fd51bView commit details
Commits on Aug 19, 2023
-
Bugfixes to get SigV4 working in at least simple cases w/ and w/out p…
…ayload streams. A couple other minor improvements and cleanups were thrown in here too, most notably, tracking the shadow request packets that are sent, which is very helpful to debug signing problems. Signed-off-by: Greg Schohn <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for c8fac55 - Browse repository at this point
Copy the full SHA c8fac55View commit details -
Merge branch 'main' into sigv4excision_andsigner
* main: (27 commits) Switch to size-based rollover policy MIGRATIONS-1200 - Update python test cluster_migration_core path MIGRATIONS-1200 - Fix github workflow actions MIGRATIONS-1200 - Fix python requirement paths MIGRATIONS-1200 - Fix flake8 line too long error MIGRATIONS-1200 update python requirements files with new path MIGRATIONS-1200 - Move cluster_traffic_capture to experimental MIGRATIONS-1200 - Move cluster_migration_core to experimental MIGRATIONS-1200 - Move knowledge_base to experimental MIGRATIONS-1200 - Create experimental subdirectory and place upgrades within experimental Revert "MIGRATIONS-1200 - Remove historical capture CDK stack" Update to hourly, fix filename Add logging config so output tuples go to shared filesystem Add option to use AWS secret in auth header for Replayer requests (opensearch-project#265) [Fetch Migration] Added total document count to report (opensearch-project#261) MIGRATIONS-1200 - Rename 'upgrades' directory to 'experimental' and replace references MIGRATIONS-1200 - Remove deprecated docker files MIGRATIONS-1200 - Remove historical capture CDK stack MIGRATIONS-1200 - Remove unused TrafficReplayer directory Soften assertions for aspects of the test that are independent of the strict contract that the ExpiringSubstitutableItemPool defines. ... Signed-off-by: Greg Schohn <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 8f6edb2 - Browse repository at this point
Copy the full SHA 8f6edb2View commit details -
Bugfix to apply the default signer class's content checksum when ther…
…e isn't already one present. This pushes the success rate for signatures to 100% in the first 120 messages from the opensearch benchmark workload when rerun against a cluster that uses sigv4. Signed-off-by: Greg Schohn <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 6b238d5 - Browse repository at this point
Copy the full SHA 6b238d5View commit details -
Merge branch 'capture-and-replay-v0.1.0' into sig4v_release
* capture-and-replay-v0.1.0: Update runTestBenchmarks with params and default values Update README.md MIGRATIONS-1200 - Remove plugins MIGRATIONS-1200 - Remove FetchMigration MIGRATIONS-1200 - Remove datastash MIGRATIONS-1200 - Capture and Replay v.0.1.0 branch Signed-off-by: Greg Schohn <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 8a6f689 - Browse repository at this point
Copy the full SHA 8a6f689View commit details
Commits on Aug 21, 2023
-
PR feedback around command line arguments
Signed-off-by: Greg Schohn <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 49ae169 - Browse repository at this point
Copy the full SHA 49ae169View commit details -
Merge branch 'sigv4excision_andsigner' into sig4v_release_0.1
* sigv4excision_andsigner: PR feedback around command line arguments Signed-off-by: Greg Schohn <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for e6e2f67 - Browse repository at this point
Copy the full SHA e6e2f67View commit details -
Merge branch 'capture-and-replay-v0.1.0' into sig4v_release_0.1
* capture-and-replay-v0.1.0: Add script to transform tuples to human readable format Signed-off-by: Greg Schohn <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 4a04f48 - Browse repository at this point
Copy the full SHA 4a04f48View commit details -
Configuration menu - View commit details
-
Copy full SHA for 1be6a9d - Browse repository at this point
Copy the full SHA 1be6a9dView commit details -
Configuration menu - View commit details
-
Copy full SHA for 2b6ba46 - Browse repository at this point
Copy the full SHA 2b6ba46View commit details