This adds back the shield qa rest tests module with gradle. There is
also a small fix in ShieldPlugin for a bug that was discovered around
checking for a custom query cache (which was using the node settings
instead of index settings).
Original commit: elastic/x-pack-elasticsearch@28c6d58f37
Although the build passes on the command line the Eclipse compiler complains that the client.execute() call on line 216 does not have correct arguments because of the lack of generics. This changes adds the generics to the action variable to solve the error in Eclipse. The change is very low risk and should not adversely affect the build on the command line nor in intelliJ IDEA
Original commit: elastic/x-pack-elasticsearch@08f3548556
A number of unused files still exist for maven assemblies and ant
integration test overrides. This change removes them. There are still
some files left which need to be examined more, for instance, the shield
overrides ant file.
Original commit: elastic/x-pack-elasticsearch@1d9b277ff0
Followup to https://github.com/elastic/elasticsearch/pull/14914
Shield has to request read-write access to all system properties
due to silliness in UnboundID sdk (556a203094/src/com/unboundid/util/Debug.java (L166))
We should followup with a pull request to them, to not use System.getProperties() here which
returns a mutable map (hence: read-write to "*").
Furthermore, the hack has to be wrapped in another hack because gradle doesn't add
shield's plugin metadata to the classpath. Of course, if we weren't testing with two
plugins in the classpath (which is not very realistic) this would be a non-issue.
Original commit: elastic/x-pack-elasticsearch@612cacde6a
This change disables document and field level security by default so that we are able to maintain
bulk update functionality. Users that enable DLS/FLS will not have this functionality. Additionally,
if a user tries to configure DLS/FLS in a role without enabling it, the role will be skipped during
parsing and a log message will be logged at the error level.
See elastic/elasticsearch#938
Original commit: elastic/x-pack-elasticsearch@60c7519092
This commit reverts a previous change where searcher were not wrapped when the RequestContext
could not be found. If DLS/FLS is enabled, which is the default, any bulk request that contains an
update request will not be permitted. This change also exposes the ability to completely disable DLS
and FLS so that users who are not using these features can still use bulk updates.
See elastic/elasticsearch#938
Original commit: elastic/x-pack-elasticsearch@513782db1c
Previously, when the RequestContext could not be located a FieldSubsetReader was returned that only
allowed meta fields to be read. This was done for safety in case there was an API missed so we did not
leak data. However, this causes issues because some requests in elasticsearch execute on a different
thread than the one with the RequestContext so we effectively lose this context and prevent access to
the fields in the document. This is especially problematic with update requests, because that means that
fields that aren't included in the updated document will be lost.
This commit removes the wrapping of the readers in this case and adds tests for bulk updates.
Closeselastic/elasticsearch#938
Original commit: elastic/x-pack-elasticsearch@74c8059da0
This commit adds SuppressForbidden annotations to command line tools to
still allow to call System#exit() (see also issue 12596 in ES core).
Original commit: elastic/x-pack-elasticsearch@1dd3f1dcb1
The cache provides a get method with a callable to load the value into the cache. Our callable
performs authentication and then returns a value. The issue with this is that the cache will queue
concurrent calls if a value is already being loaded and return the result to all callers. This is
problematic since the key is only the username and we do not validate the credentials as part of
the get call. This means it is possible for valid credentials to be returned a null user and authentication
fails.
Additionally, another variant exists where it is possible for invalid credentials to be returned a valid
user, which allows an attacker to gain access by only knowing a username and issuing a large number
of concurrent requests.
Closeselastic/elasticsearch#860
Original commit: elastic/x-pack-elasticsearch@3d122d3bbb
Currently, Licensee#onChange is called with a license and its status, It would be
cleaner if it accepted the license's operationMode and status as parameters instead.
This hides the license responsible for the notification from the consumer plugins and only
provides the license information used by the commercial plugins to turn features on via
operationMode and status to act on whether the current license is enabled, in
grace_period or disabled.
Original commit: elastic/x-pack-elasticsearch@b0ea7ec32b
In the test we always create at least one type_ factory but the test incorrectly used type_1
as the first, when it should have been type_0
Original commit: elastic/x-pack-elasticsearch@e4128cbc26
This change allows for messages to be signed when message signing is enabled and a system
key is not present. This is accomplished by generating a random key on startup and then using
HKDF with HmacSHA1 to generate the keying material to be used to sign the messages. The random
key from the originating node is added to the signed message so that the signing key can be
derived on the receiving node.
When a system key is present, the system key is used for signing and the preexisting behavior
is maintained.
Closeselastic/elasticsearch#711
Original commit: elastic/x-pack-elasticsearch@c41fdc0ac3
This change removes obsolete forbidden API usage, cuts over
from an interface to an abstract class for IndexSearcherWrapper and
delegates all core cache keys to the wrapped reader.
Relates to elastic/elasticsearch#774
Original commit: elastic/x-pack-elasticsearch@3799bab0d9
Shield now supports the ability to disable or enable individual features based on the type of
license that is currently installed. The change replaces the LicenseService in shield with a
ShieldLicensee that is notified on changes to the license. The ShieldLicensee then updates
a ShieldLicenseState object, which contains the logic and methods to check for features being
enabled or disabled. The ShieldLicenseState object is used by consumers to check the status
of a feature. The decoupling of the feature enablement from the ShieldLicensee class was done
to work around circular dependency issues.
Closeselastic/elasticsearch#689
Original commit: elastic/x-pack-elasticsearch@442514496d
