mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Benno Evers <bev...@mesosphere.com>
Subject Re: Review Request 70748: Changed semantics of TLS certificate verification flags.
Date Tue, 02 Jul 2019 18:05:28 GMT


> On May 31, 2019, 3:05 p.m., Alexander Rukletsov wrote:
> > 3rdparty/libprocess/src/tests/ssl_tests.cpp
> > Lines 287-290 (patched)
> > <https://reviews.apache.org/r/70748/diff/1/?file=2147040#file2147040line287>
> >
> >     Can we also test that a client must *not* present a cert? I believe the answer
is _no_, but a TODO or a NOTE could be helpful.
> 
> Benno Evers wrote:
>     I guess we could let `curl` make a request against a server with `verify_cert=true`,
but that seems unrelated to the change in this review, so it should probably become a separate
review later in the chain.

Created https://issues.apache.org/jira/browse/MESOS-9879 for tracking this.


- Benno


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70748/#review215616
-----------------------------------------------------------


On July 2, 2019, 5:28 p.m., Benno Evers wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/70748/
> -----------------------------------------------------------
> 
> (Updated July 2, 2019, 5:28 p.m.)
> 
> 
> Review request for mesos, Alexander Rukletsov, Benjamin Mahler, Jan-Philip Gehrcke, Joseph
Wu, and Till Toenshoff.
> 
> 
> Bugs: MESOS-9810
>     https://issues.apache.org/jira/browse/MESOS-9810
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> This commit slightly updates the semants of the
> `LIBPROCESS_SSL_VERIFY_CERT` and `LIBPROCESS_SSL_REQUIRE_CERT`
> environment variables. The former now only applies to connections
> in client mode and the latter now only applies to connections in
> server mode.
> 
> In particular, in TLS server mode we now *only* verify client
> certificates when `LIBPROCESS_SSL_REQUIRE_CERT` is set to `true`,
> regardless of the value of `LIBPROCESS_SSL_VERIFY_CERT`.
> 
> In addtion, when in SSL client mode and  `LIBPROCESS_SSL_VERIFY_CERT`
> has been set to `true`, enforce that the server actually presents a
> certificate that can be verified. Note that this is expected to be
> not a behavioural change in practice, since the TLS specification
> already states that a server MUST always send a certificate unless an
> anonymous cipher is used, and most TLS ciphersuites are configured to
> exclude anonymous ciphers.
> 
> 
> Diffs
> -----
> 
>   3rdparty/libprocess/src/openssl.hpp 17bec246e516261f8d772f1647c17f092fae82d1 
>   3rdparty/libprocess/src/openssl.cpp 19d25a89f7dda1f6c66dd1ffc5051e35457d26b0 
>   3rdparty/libprocess/src/posix/libevent/libevent_ssl_socket.cpp 7e2229a9ed815727500bd457356e5531607fa6cf

>   3rdparty/libprocess/src/tests/ssl_tests.cpp 5d360221937e68da185754f0633fa41a217c7107

> 
> 
> Diff: https://reviews.apache.org/r/70748/diff/9/
> 
> 
> Testing
> -------
> 
> See end of this chain.
> 
> 
> Thanks,
> 
> Benno Evers
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message