[Bugs] [Bug 1179208] Since 3.6; ssl without auth.ssl-allow broken
bugzilla at redhat.com
bugzilla at redhat.com
Fri Jan 9 18:04:16 UTC 2015
https://bugzilla.redhat.com/show_bug.cgi?id=1179208
--- Comment #7 from Anand Avati <aavati at redhat.com> ---
COMMIT: http://review.gluster.org/9397 committed in master by Vijay Bellur
(vbellur at redhat.com)
------
commit 548547b2e41c8e2cf79b929405cf18aecbdedebc
Author: Jeff Darcy <jdarcy at redhat.com>
Date: Tue Jan 6 10:03:49 2015 -0500
transport: fix default behavior for SSL authorization
Previously, enabling SSL authentication/encryption but not authorization
required explicitly setting ssl-allow=*. Now that same behavior is the
default (i.e. when ssl-allow is not set).
Also, there's no reason that a name used for *login* auth (typically a
UUID for internal purposes or a human name when using SSL) should
validate as an RFC-compliant host name or IP address. Therefore the
validation only occurs when the auth type is "addr" (not "login" or
anything else).
Change-Id: I01485ff4f0ab37de4b182858235a5fb0cf4c3c7d
BUG: 1179208
Signed-off-by: Jeff Darcy <jdarcy at redhat.com>
Reviewed-on: http://review.gluster.org/9397
Reviewed-by: Krishnan Parthasarathi <kparthas at redhat.com>
Tested-by: Gluster Build System <jenkins at build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur at redhat.com>
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=dA6qACe5FP&a=cc_unsubscribe
More information about the Bugs
mailing list