Uploaded image for project: 'Couchbase Gateway'
  1. Couchbase Gateway
  2. CBG-502

x.509 broken due to deprecated CertificateAuthenticator

    XMLWordPrintable

Details

    • CBG Sprint 30
    • 1

    Description

      Background

      GoCB deprecated CertificateAuthenticator in GOCBC-304 - which should've been backwards compatible. However, another commit causes a runtime error when the old struct is used.

      // CertificateAuthenticator is included for backwards compatibility only.
      		 
      // Deprecated: Use CertAuthenticator instead.
      		 
      type CertificateAuthenticator struct {
      		 
         CertAuthenticator
      		 
      }
      		 

      _, ok := auth.(CertAuthenticator)
      		 
      if !ok {
      		 
         return nil, ErrMixedCertAuthentication
      		 
      }

      Fix

      • We should update our cluster.Authenticate(gocb.CertificateAuthenticator{}) call to use the new struct instead to fix this.

      Testing

      • We should also try to get some sort of test coverage that would've caught this runtime error, even if we can't easily get a full end-to-end x.509 integration test.
        Perhaps an untrusted client cert would be sufficient enough to test that we can attempt to authenticate with the cluster.

      Attachments

        1. 192.168.0.145_node.zip
          3.42 MB
        2. certs.zip
          21 kB
        3. sgcollect_info_with_use_views.zip
          12.52 MB
        4. sgcollect_info.zip
          12.46 MB

        Issue Links

          is caused by

          Bug - A problem which impairs or prevents the functions of the product. GOCBC-592 CertificateAuthenticator is not backwards compatible

          • Major - Major loss of function.
          • Closed
          relates to

          Task - A task that needs to be done. CBG-503 X.509 integration test

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. DOC-3944 Mobile 2.1 Docs Review : x.509 Certs

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. CM-259 Test: x.509 broken due to deprecated CertificateAuthenticator

          • Major - Major loss of function.
          • Done
          mentioned in

          Page Loading...

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              ben.brooks Ben Brooks
              ben.brooks Ben Brooks
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty