kafka-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rsiva...@apache.org
Subject [kafka] branch trunk updated: MINOR: kafkatest - adding whitelist for interbroker sasl configs (#7093)
Date Mon, 22 Jul 2019 08:39:06 GMT
This is an automated email from the ASF dual-hosted git repository.

rsivaram pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/kafka.git


The following commit(s) were added to refs/heads/trunk by this push:
     new e5f7220  MINOR: kafkatest - adding whitelist for interbroker sasl configs (#7093)
e5f7220 is described below

commit e5f7220b23ba556352d80a0575fcb6cbfe2d576d
Author: Brian Bushree <bbushree@confluent.io>
AuthorDate: Mon Jul 22 01:38:28 2019 -0700

    MINOR: kafkatest - adding whitelist for interbroker sasl configs (#7093)
---
 tests/kafkatest/services/kafka/templates/kafka.properties     | 4 ++--
 tests/kafkatest/services/security/listener_security_config.py | 9 ++++++++-
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/tests/kafkatest/services/kafka/templates/kafka.properties b/tests/kafkatest/services/kafka/templates/kafka.properties
index 25e4dcc..8b61322 100644
--- a/tests/kafkatest/services/kafka/templates/kafka.properties
+++ b/tests/kafkatest/services/kafka/templates/kafka.properties
@@ -28,7 +28,7 @@ security.inter.broker.protocol={{ interbroker_listener.security_protocol
}}
 {% endif %}
 
 {% for k, v in listener_security_config.client_listener_overrides.iteritems() %}
-{% if k in ["connections.max.reauth.ms", "sasl.jaas.config", "sasl.login.callback.handler.class",
"sasl.login.class", "sasl.server.callback.handler.class"] %}
+{% if listener_security_config.requires_sasl_mechanism_prefix(k) %}
 listener.name.{{ security_protocol.lower() }}.{{ security_config.client_sasl_mechanism.lower()
}}.{{ k }}={{ v }}
 {% else %}
 listener.name.{{ security_protocol.lower() }}.{{ k }}={{ v }}
@@ -37,7 +37,7 @@ listener.name.{{ security_protocol.lower() }}.{{ k }}={{ v }}
 
 {% if interbroker_listener.name != security_protocol %}
 {% for k, v in listener_security_config.interbroker_listener_overrides.iteritems() %}
-{% if k.startswith('sasl.') %}
+{% if listener_security_config.requires_sasl_mechanism_prefix(k) %}
 listener.name.{{ interbroker_listener.name.lower() }}.{{ security_config.interbroker_sasl_mechanism.lower()
}}.{{ k }}={{ v }}
 {% else %}
 listener.name.{{ interbroker_listener.name.lower() }}.{{ k }}={{ v }}
diff --git a/tests/kafkatest/services/security/listener_security_config.py b/tests/kafkatest/services/security/listener_security_config.py
index 74e9e39..119e9f3 100644
--- a/tests/kafkatest/services/security/listener_security_config.py
+++ b/tests/kafkatest/services/security/listener_security_config.py
@@ -15,6 +15,10 @@
 
 class ListenerSecurityConfig:
 
+    SASL_MECHANISM_PREFIXED_CONFIGS = ["connections.max.reauth.ms", "sasl.jaas.config",
+                                       "sasl.login.callback.handler.class", "sasl.login.class",
+                                       "sasl.server.callback.handler.class"]
+
     def __init__(self, use_separate_interbroker_listener=False,
                  client_listener_overrides={}, interbroker_listener_overrides={}):
         """
@@ -33,4 +37,7 @@ class ListenerSecurityConfig:
         """
         self.use_separate_interbroker_listener = use_separate_interbroker_listener
         self.client_listener_overrides = client_listener_overrides
-        self.interbroker_listener_overrides = interbroker_listener_overrides
\ No newline at end of file
+        self.interbroker_listener_overrides = interbroker_listener_overrides
+
+    def requires_sasl_mechanism_prefix(self, config):
+        return config in ListenerSecurityConfig.SASL_MECHANISM_PREFIXED_CONFIGS


Mime
View raw message