Tarantool development patches archive
 help / color / mirror / Atom feed
From: Vladislav Shpilevoy <v.shpilevoy@tarantool.org>
To: Konstantin Osipov <kostja.osipov@gmail.com>,
	tarantool-patches@dev.tarantool.org
Subject: Re: [Tarantool-patches] [PATCH 1/1] replication: use empty password by default
Date: Tue, 5 Nov 2019 12:45:37 +0300	[thread overview]
Message-ID: <6b26cb8e-ae6e-50f5-8b1a-3318cedec69a@tarantool.org> (raw)
In-Reply-To: <20191104154007.GA29244@atlas>



On 04/11/2019 18:40, Konstantin Osipov wrote:
> * Vladislav Shpilevoy <v.shpilevoy@tarantool.org> [19/11/04 18:21]:
>> Replication's applier encoded an auth request with exactly the
>> same parameters as extracted by the URI parser. I.e. when no
>> password was specified, the parser returned it as NULL, and it was
>> not encoded. The relay, received such an auth request, complained
>> that IPROTO_TUPLE field is not specified (this is password).
>>
>> Such an error confuses - a user didn't do anything illegal, he
>> just used URI like 'login@host:port', without a password after the
>> login.
>>
>> The patch makes the applier use an empty string as a default
>> password.
>>
>> An alternative was to force a user always set a password even if
>> it is an empty string, like that: 'login:@host:port'. And if a
>> password was not found in an auth request, then reject it with a
>> password mismatch error. But in that case a URI of kind
>> 'login@host:port' becomes useless - it can never pass. In
>> addition, netbox already uses an empty string as a default
>> password. So the only way to make it consistent, and don't break
>> anything - repeat netbox logic for replication URIs.
> 
> LGTM.
> 
> Obviously this is a crutch, but let's see if it is a useful one.
> 
> 

I agree, I am on your side that we should not set an implicit
empty string password by default. But what is more important,
our API should be consistent. Netbox already sets default empty
string password. And we can't break it. So the only solution -
do the same for replication.

  reply	other threads:[~2019-11-05  9:39 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-11-04 15:10 Vladislav Shpilevoy
2019-11-04 15:40 ` Konstantin Osipov
2019-11-05  9:45   ` Vladislav Shpilevoy [this message]
2019-11-05 12:42 ` Vladislav Shpilevoy
2019-11-05 12:51 ` Vladislav Shpilevoy
2019-11-05 18:13   ` Konstantin Osipov
2019-11-21 18:40 ` Kirill Yukhin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=6b26cb8e-ae6e-50f5-8b1a-3318cedec69a@tarantool.org \
    --to=v.shpilevoy@tarantool.org \
    --cc=kostja.osipov@gmail.com \
    --cc=tarantool-patches@dev.tarantool.org \
    --subject='Re: [Tarantool-patches] [PATCH 1/1] replication: use empty password by default' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox