github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
k3s/pkg/kubelet
History
Kubernetes Submit Queue 4ac5f278c5 Merge pull request #38742 from timstclair/cri-exec-long 
Automatic merge from submit-queue

[CRI] Don't include user data in CRI streaming redirect URLs

Fixes: https://github.com/kubernetes/kubernetes/issues/36187

Avoid userdata in the redirect URLs by caching the {Exec,Attach,PortForward}Requests with a unique token. When the redirect URL is created, the token is substituted for the request params. When the streaming server receives the token request, the token is used to fetch the actual request parameters out of the cache.

For additional security, the token is generated using the secure random function, is single use (i.e. the first request with the token consumes it), and has a short expiration time.

/cc @kubernetes/sig-node
 		2017-01-11 17:16:07 -08:00
..
api start the apimachinery repo 2017-01-11 09:09:48 -05:00
cadvisor start the apimachinery repo 2017-01-11 09:09:48 -05:00
client start the apimachinery repo 2017-01-11 09:09:48 -05:00
cm start the apimachinery repo 2017-01-11 09:09:48 -05:00
config start the apimachinery repo 2017-01-11 09:09:48 -05:00
container start the apimachinery repo 2017-01-11 09:09:48 -05:00
custommetrics Enable auto-generating sources rules 2017-01-05 14:14:13 -08:00
dockershim start the apimachinery repo 2017-01-11 09:09:48 -05:00
dockertools Merge pull request #39731 from apprenda/dockertools_fix 2017-01-11 10:53:27 -08:00
envvars Enable auto-generating sources rules 2017-01-05 14:14:13 -08:00
events Enable auto-generating sources rules 2017-01-05 14:14:13 -08:00
eviction start the apimachinery repo 2017-01-11 09:09:48 -05:00
images start the apimachinery repo 2017-01-11 09:09:48 -05:00
kuberuntime start the apimachinery repo 2017-01-11 09:09:48 -05:00
leaky Enable auto-generating sources rules 2017-01-05 14:14:13 -08:00
lifecycle start the apimachinery repo 2017-01-11 09:09:48 -05:00
metrics Enable auto-generating sources rules 2017-01-05 14:14:13 -08:00
network start the apimachinery repo 2017-01-11 09:09:48 -05:00
pleg start the apimachinery repo 2017-01-11 09:09:48 -05:00
pod start the apimachinery repo 2017-01-11 09:09:48 -05:00
prober start the apimachinery repo 2017-01-11 09:09:48 -05:00
qos start the apimachinery repo 2017-01-11 09:09:48 -05:00
remote Enable auto-generating sources rules 2017-01-05 14:14:13 -08:00
rkt start the apimachinery repo 2017-01-11 09:09:48 -05:00
rktshim Enable auto-generating sources rules 2017-01-05 14:14:13 -08:00
server Merge pull request #38742 from timstclair/cri-exec-long 2017-01-11 17:16:07 -08:00
status start the apimachinery repo 2017-01-11 09:09:48 -05:00
sysctl Enable auto-generating sources rules 2017-01-05 14:14:13 -08:00
types Enable auto-generating sources rules 2017-01-05 14:14:13 -08:00
util start the apimachinery repo 2017-01-11 09:09:48 -05:00
volumemanager start the apimachinery repo 2017-01-11 09:09:48 -05:00
BUILD start the apimachinery repo 2017-01-11 09:09:48 -05:00
OWNERS
active_deadline.go cmd/kubelet 2016-11-23 15:53:09 -08:00
active_deadline_test.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
disk_manager.go
disk_manager_test.go
doc.go
kubelet.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
kubelet_cadvisor.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
kubelet_cadvisor_test.go
kubelet_getters.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
kubelet_getters_test.go
kubelet_network.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
kubelet_network_test.go Merge pull request #36785 from wlan0/kubelet 2016-12-01 04:52:11 -08:00
kubelet_node_status.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
kubelet_node_status_test.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
kubelet_pods.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
kubelet_pods_test.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
kubelet_resources.go cmd/kubelet 2016-11-23 15:53:09 -08:00
kubelet_resources_test.go remove v1.Semantics 2016-11-23 15:53:09 -08:00
kubelet_test.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
kubelet_volumes.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
kubelet_volumes_test.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
networks.go rename /release_1_5 to /clientset 2016-12-14 12:39:48 -08:00
oom_watcher.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
oom_watcher_test.go cmd/kubelet 2016-11-23 15:53:09 -08:00
pod_container_deletor.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
pod_container_deletor_test.go
pod_workers.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
pod_workers_test.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
reason_cache.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
reason_cache_test.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
runonce.go cmd/kubelet 2016-11-23 15:53:09 -08:00
runonce_test.go start the apimachinery repo 2017-01-11 09:09:48 -05:00
runtime.go Create hostNetwork pods even if network plugin not ready 2016-11-04 00:11:55 -04:00
util.go cmd/kubelet 2016-11-23 15:53:09 -08:00
volume_host.go start the apimachinery repo 2017-01-11 09:09:48 -05:00