honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make calls to CloudBlobContainer#exists privileged (#25937) 

This is related to #25931. In CloudBlobContainer#exists it is possible
that a socket connection will be opened. This commit ensures that those
calls have the proper socket privileges.
This commit is contained in:
Tim Brooks 2017-07-27 22:29:24 -05:00 committed by GitHub
parent 71f58e6f26
commit 7d2d6bd752
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
plugins/repository-azure/src/main/java/org/elasticsearch/cloud/azure/storage/AzureStorageServiceImpl.java
View File

@ -234,7 +234,7 @@ public class AzureStorageServiceImpl extends AbstractComponent implements AzureS
// Container name must be lower case.
CloudBlobClient client = this.getSelectedClient(account, mode);
CloudBlobContainer blobContainer = client.getContainerReference(container);
if (blobContainer.exists()) {
if (SocketAccess.doPrivilegedException(blobContainer::exists)) {
CloudBlockBlob azureBlob = blobContainer.getBlockBlobReference(blob);
return SocketAccess.doPrivilegedException(azureBlob::exists);
}
@ -249,7 +249,7 @@ public class AzureStorageServiceImpl extends AbstractComponent implements AzureS
// Container name must be lower case.
CloudBlobClient client = this.getSelectedClient(account, mode);
CloudBlobContainer blobContainer = client.getContainerReference(container);
if (blobContainer.exists()) {
if (SocketAccess.doPrivilegedException(blobContainer::exists)) {
logger.trace("container [{}]: blob [{}] found. removing.", container, blob);
CloudBlockBlob azureBlob = blobContainer.getBlockBlobReference(blob);
SocketAccess.doPrivilegedVoidException(azureBlob::delete);
@ -317,7 +317,7 @@ public class AzureStorageServiceImpl extends AbstractComponent implements AzureS
CloudBlobClient client = this.getSelectedClient(account, mode);
CloudBlobContainer blobContainer = client.getContainerReference(container);
CloudBlockBlob blobSource = blobContainer.getBlockBlobReference(sourceBlob);
if (blobSource.exists()) {
if (SocketAccess.doPrivilegedException(blobSource::exists)) {
CloudBlockBlob blobTarget = blobContainer.getBlockBlobReference(targetBlob);
SocketAccess.doPrivilegedVoidException(() -> {
blobTarget.startCopy(blobSource);