scylla-5.2.17+criteo2

Full Changelog: scylla-5.2.17+criteo1...scylla-5.2.17+criteo2

scylla-5.2.17+criteo1

Full Changelog: scylla-5.2.14+criteo1...scylla-5.2.17+criteo1

scylla-5.2.14+criteo1

readers/multishard: evictable_reader::fast_forward_to(): close reader…

scylla-5.2.12+criteo1

auth: add support for authc/authz via external api (#10)

Squash a series of commits related to authentication found on
v5.0.1-criteo branch:
* 34fe8d4ef11962a5f56772641193886bbbf07c9e Add attributes support
* bf5cf176fb8deaee04e70f9c7f24eb18e4ccd496 Implement List Roles
* fe21809bc5d7288545ea9aa21ef05a0d29f07336 Add alter user implementation to the rest role manager
* 69fd387e7103245cce998216af706b70c9c242b3 Update ssl cert
* 6a32079f6d6e3e2b7809b021f32c433b67e76c4d Add authorization support with rest_auth
* 2f92f8b8d182aa23992c9ac6d7de5775de16498a deprecate internal_distributed_timeout_config
* a39e509b4fa3df5da84300d75d444aa4c92e3f8c Add rest_authenticator to manage authentication with a rest endpoint validating credentials

Few changes introduced compared to 5.0.1 version:
* fixed runtime assertion related to pending flush when scylla
fails to communicate with rest auth api
* picojson replaced by rapidjson (used by scylla)
* rest_http_client replaced by seastar::http::experimental::connection
* unit tests fixed and enriched
* formatting aligned with rest of scylla code base
* tools/rest_authenticator_server updated to match actual
implementation (usage of TLS and of GET http verb instead
of POST)
* 73d02b12e5708cf9bd28609edd1c34255c78664f make our rest_authenticator accepted by some clients

make our rest_authenticator accepted by some clients

authenticator_name is checked by some clients (go, rust) and connections
are rejected if not in an allowed list on client side.
We spoof cassandra authenticator name as scylla is doing for
password authenticator.

scylla-5.2.7+criteo1

What's Changed

• Rebase onto upcoming 5.2.7 version by @eappere in #13
• make our rest_authenticator accepted by some clients by @pgoron in #14

Full Changelog: scylla-5.2.4+criteo4...scylla-5.2.7+criteo1

scylla-5.2.4+criteo4

Full Changelog: scylla-5.2.4+criteo3...scylla-5.2.4+criteo4

scylla-5.2.4+criteo3

What's Changed

• Update seastar submodule (fix wrong url) by @eappere in #12

New Contributors

• @eappere made their first contribution in #12

Full Changelog: scylla-5.2.4+criteo2...scylla-5.2.4+criteo3

scylla-5.2.4+criteo2

What's Changed

• rest_authenticator: fix two issues with seastar http client by @pgoron in #11

Full Changelog: scylla-5.2.4-criteo1...scylla-5.2.4+criteo2

scylla-5.2.4+criteo1

auth: add support for authc/authz via external api (#10)

Squash a serie of commits related to authentication found on
v5.0.1-criteo branch:
* 34fe8d4ef11962a5f56772641193886bbbf07c9e Add attributes support
* bf5cf176fb8deaee04e70f9c7f24eb18e4ccd496 Implement List Roles
* fe21809bc5d7288545ea9aa21ef05a0d29f07336 Add alter user implementation to the rest role manager
* 69fd387e7103245cce998216af706b70c9c242b3 Update ssl cert
* 6a32079f6d6e3e2b7809b021f32c433b67e76c4d Add authorization support with rest_auth
* 2f92f8b8d182aa23992c9ac6d7de5775de16498a deprecate internal_distributed_timeout_config
* a39e509b4fa3df5da84300d75d444aa4c92e3f8c Add rest_authenticator to manage authentication with a rest endpoint validating credentials

Few changes introduced compared to 5.0.1 version:
* fixed runtime assertion related to pending flush when scylla
fails to communicate with rest auth api
* picojson replaced by rapidjson (used by scylla)
* rest_http_client replaced by seastar::http::experimental::connection
* unit tests fixed and enriched
* formatting aligned with rest of scylla code base
* tools/rest_authenticator_server updated to match actual
implementation (usage of TLS and of GET http verb instead
of POST)

scylla-5.0.13+criteo1

Merge tokens for everywhere_topology

With everywhere_topology, we know that all tokens will be on the same node