mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Till Toenshoff <>
Subject Re: Review Request 49401: Updated certificate validation to check 'IP Address' SAN.
Date Thu, 30 Jun 2016 13:40:21 GMT

This is an automatically generated e-mail. To reply, visit:

(Updated June 30, 2016, 1:40 p.m.)

Review request for mesos, Adam B, Albert Strasheim, Artem Harutyunyan, Joris Van Remoortere,
and Lukas Loesche.

Bugs: MESOS-5724

Repository: mesos


Allows the verification of X509 certificates based on an IP address
instead of a hostname. Introduces a new environment variable;
`SSL_VERIFY_IPADD` which, when set to `true` will disable any
attempts to reverse-/lookup the hostname for certificate validation.
Instead the peer certificate verification then relies on the IP
address of a connection.

Diffs (updated)

  3rdparty/libprocess/src/libevent_ssl_socket.hpp 1dbdaa8 
  3rdparty/libprocess/src/libevent_ssl_socket.cpp 19d9ae5 
  3rdparty/libprocess/src/openssl.hpp 7d55025 
  3rdparty/libprocess/src/openssl.cpp 0f62aa6 



make check on OSX and various linux distros.


Till Toenshoff

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message