Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

core: Don't leak CallCredentials into OOB channels #7712

Merged
merged 2 commits into from Dec 10, 2020
Merged

core: Don't leak CallCredentials into OOB channels #7712

merged 2 commits into from Dec 10, 2020

Conversation

ejona86
Copy link
Member

@ejona86 ejona86 commented Dec 9, 2020
edited

The addition of CompositeChannelCredentials allowed CallCredentials to
be passed to the ManagedChannel itself. But the implementation was buggy
and used the call creds for out-of-band channels as well, which is
inappropriate since they have a different authority.

This also fixes a bug where resolving OOB channels would have CallCreds
duplicated; that wasn't noticed or important because we don't use
CallCreds in OOB channels.

Fixes #7643

Note that the originalTransportFactory usage vs oobTransportFactory usage is
subtle. If you use the wrong one then CallCreds are duplicated. That's not great,
but also not the worst thing that could happen.

@ejona86
core: Don't leak CallCredentials into OOB channels
d3419ff 
The addition of CompositeChannelCredentials allowed CallCredentials to
be passed to the ManagedChannel itself. But the implementation was buggy
and used the call creds for out-of-band channels as well, which is
inappropriate since they have a different authority.

This also fixes a bug where resolving OOB channels would have CallCreds
duplicated; that wasn't noticed or important because we don't use
CallCreds in OOB channels.

Fixes grpc#7643
@ejona86
Copy link
Member Author

ejona86 commented Dec 9, 2020

@veblush, could you do one more test with this and post the log? I search for :path: /grpc.lb.v1.LoadBalancer/BalanceLoad in the log and then check to see if it has an authorization header.

@veblush
Copy link
Contributor

veblush commented Dec 9, 2020
edited

@ejona86 Sure. Would running my client with this PR be enough?

@ejona86
Copy link
Member Author

ejona86 commented Dec 9, 2020

@veblush, yeah. Patch this PR in and see if it resolves things. Any commit after the ChannelCredentials stuff was added would be fine. That means the commit you originally produced the issue should be fine to patch this into.

@veblush
Copy link
Contributor

veblush commented Dec 9, 2020

I got 1.34.1.log by running gRPC Java 1.34.x with this PR cherry-picked.

@ejona86
Copy link
Member Author

ejona86 commented Dec 10, 2020

@veblush, excellent! That log shows this PR did successfully avoid including the call creds. So this PR should fix the original issue you experienced (even if we can't reproduce it now).

@ejona86 ejona86 added the TODO:backport PR needs to be backported. Removed after backport complete label Dec 10, 2020
sanjaypujare
sanjaypujare approved these changes Dec 10, 2020
View reviewed changes
Copy link
Contributor

@sanjaypujare sanjaypujare left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. 2 comments added

dapengzhang0
dapengzhang0 approved these changes Dec 10, 2020
View reviewed changes
Copy link
Member

@dapengzhang0 dapengzhang0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ejona86 ejona86 merged commit 4be68f3 into grpc:master Dec 10, 2020
@ejona86 ejona86 deleted the callcreds-dont-leak-to-oob branch December 10, 2020 19:49
@ejona86 ejona86 mentioned this pull request Dec 10, 2020
Merged
@ejona86 ejona86 removed the TODO:backport PR needs to be backported. Removed after backport complete label Dec 11, 2020
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 3, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@sanjaypujare sanjaypujare sanjaypujare approved these changes

@dapengzhang0 dapengzhang0 dapengzhang0 approved these changes

Assignees

@dapengzhang0 dapengzhang0

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

ALTS: GRPCLB LoadBalancer had an error
4 participants
@ejona86 @veblush @dapengzhang0 @sanjaypujare