1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-28 16:30:59 +01:00
phorge-phorge/src/applications/people
epriestley fa7bb8ff7a Add cluster.addresses and require membership before accepting cluster authentication tokens
Summary:
Ref T2783. Ref T6706.

  - Add `cluster.addresses`. This is a whitelist of CIDR blocks which define cluster hosts.
  - When we recieve a request that has a cluster-based authentication token, require the cluster to be configured and require the remote address to be a cluster member before we accept it.
    - This provides a general layer of security for these mechanisms.
    - In particular, it means they do not work by default on unconfigured hosts.
  - When cluster addresses are configured, and we receive a request //to// an address not on the list, reject it.
    - This provides a general layer of security for getting the Ops side of cluster configuration correct.
    - If cluster nodes have public IPs and are listening on them, we'll reject requests.
    - Basically, this means that any requests which bypass the LB get rejected.

Test Plan:
  - With addresses not configured, tried to make requests; rejected for using a cluster auth mechanism.
  - With addresses configred wrong, tried to make requests; rejected for sending from (or to) an address outside of the cluster.
  - With addresses configured correctly, made valid requests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6706, T2783

Differential Revision: https://secure.phabricator.com/D11159
2015-01-02 15:13:41 -08:00
..
application Home - limit "status" queries to 100 and show 99+ if we hit that 2014-12-12 12:02:25 -08:00
capability Simplify the implementation of PhabricatorPolicyCapability subclasses 2014-07-25 08:25:42 +10:00
conduit Minor formatting changes 2014-10-08 08:39:49 +11:00
config Change double quotes to single quotes. 2014-06-09 11:36:50 -07:00
controller Fix typo in people controller 2014-12-19 09:48:55 -08:00
customfield Don't show meme Remarkup hint button if Macro application is not usable 2014-11-24 15:25:25 -08:00
editor Modularize mail tags 2014-08-12 12:28:41 -07:00
event phutil_utf8_shorten => PhutilUTF8StringTruncator 2014-08-29 15:15:13 -07:00
garbagecollector Add a GC for user logs 2014-02-03 10:51:41 -08:00
lipsum Minor linter fixes 2014-12-09 18:37:32 +11:00
markup Do not CC users without permissions to view an object 2015-01-01 08:05:52 -08:00
phid Rename PHIDType classes 2014-07-24 08:05:46 +10:00
query Rename policy capabilities 2014-07-25 08:20:39 +10:00
search Rename PHIDType classes 2014-07-24 08:05:46 +10:00
storage Add cluster.addresses and require membership before accepting cluster authentication tokens 2015-01-02 15:13:41 -08:00
typeahead Rename PhabricatorApplication subclasses 2014-07-23 10:03:09 +10:00
view Let users review their own account activity logs 2014-04-27 17:32:09 -07:00