Uploaded image for project: 'Continuum'
  1. Continuum
  2. CONTINUUM-2044

Build agent should only accept requests from its master

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.3.1 (Alpha)
    • 1.4.1
    • Distributed Builds
    • None

    Description

      In the current implementation, a build agent will accept a request from anyone who knows the url, although it will only send responses to the master url in its config file.

      The agent should only accept requests from its master, and should send an error response to any other requests.

      On the dev list, Christian suggested using a shared secret as the simplest way for the agent to be sure the master making the request is who it says it is. See: http://www.nabble.com/How-can-an-agent-be-sure-that-a-request-comes-from-its-master--td21546892.html

      Related to CONTINUUM-2041 (Master should be able to detect an incorrect master url in a build agent's config file)

      Attachments

        Issue Links

          relates to

          New Feature - A new feature of the product, which has yet to be developed. CONTINUUM-2632 Secure working copies of Continuum build agents

          • Major - Major loss of function.
          • Closed

          Activity

            People

              ctan Maria Catherine R. Tan
              wsmoak Wendy Smoak
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: