The cache provides a get method with a callable to load the value into the cache. Our callable
performs authentication and then returns a value. The issue with this is that the cache will queue
concurrent calls if a value is already being loaded and return the result to all callers. This is
problematic since the key is only the username and we do not validate the credentials as part of
the get call. This means it is possible for valid credentials to be returned a null user and authentication
fails.
Additionally, another variant exists where it is possible for invalid credentials to be returned a valid
user, which allows an attacker to gain access by only knowing a username and issuing a large number
of concurrent requests.
Closeselastic/elasticsearch#860
Original commit: elastic/x-pack-elasticsearch@3d122d3bbb
The additional setting to specify the configuration path is no longer needed with elasticsearch 2.0, so
we should remove it from the documentation. Also cleans up the installation commands to be in line
with what 2.0 requires.
Original commit: elastic/x-pack-elasticsearch@b269568a67
Currently, Licensee#onChange is called with a license and its status, It would be
cleaner if it accepted the license's operationMode and status as parameters instead.
This hides the license responsible for the notification from the consumer plugins and only
provides the license information used by the commercial plugins to turn features on via
operationMode and status to act on whether the current license is enabled, in
grace_period or disabled.
Original commit: elastic/x-pack-elasticsearch@b0ea7ec32b
In the test we always create at least one type_ factory but the test incorrectly used type_1
as the first, when it should have been type_0
Original commit: elastic/x-pack-elasticsearch@e4128cbc26
This change allows for messages to be signed when message signing is enabled and a system
key is not present. This is accomplished by generating a random key on startup and then using
HKDF with HmacSHA1 to generate the keying material to be used to sign the messages. The random
key from the originating node is added to the signed message so that the signing key can be
derived on the receiving node.
When a system key is present, the system key is used for signing and the preexisting behavior
is maintained.
Closeselastic/elasticsearch#711
Original commit: elastic/x-pack-elasticsearch@c41fdc0ac3
This change removes obsolete forbidden API usage, cuts over
from an interface to an abstract class for IndexSearcherWrapper and
delegates all core cache keys to the wrapped reader.
Relates to elastic/elasticsearch#774
Original commit: elastic/x-pack-elasticsearch@3799bab0d9
Shield now supports the ability to disable or enable individual features based on the type of
license that is currently installed. The change replaces the LicenseService in shield with a
ShieldLicensee that is notified on changes to the license. The ShieldLicensee then updates
a ShieldLicenseState object, which contains the logic and methods to check for features being
enabled or disabled. The ShieldLicenseState object is used by consumers to check the status
of a feature. The decoupling of the feature enablement from the ShieldLicensee class was done
to work around circular dependency issues.
Closeselastic/elasticsearch#689
Original commit: elastic/x-pack-elasticsearch@442514496d
This commit removes Guava as a dependency. Note that Guava will remain
as a test-only dependency (transitively through Elasticsearch through
Jimfs).
Relates elastic/elasticsearchelastic/elasticsearch#13224
Original commit: elastic/x-pack-elasticsearch@fe23d5f25f
Martijn van Groningen
javanna
Lee Hinman
Ryan Ernst
debadair
jaymode
Suyog Rao
Simon Willnauer
Nik Everett
Steve Kearns
Jay Modi
Colin Goodheart-Smithe
Tanguy Leroux
uboness
Areek Zillur
PhaedrusTheGreek
Jason Tedor
Alexander Reelsen