[
https://issues.apache.org/jira/browse/HDDS-1858?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16892282#comment-16892282
]
Xiaoyu Yao commented on HDDS-1858:
----------------------------------
Thanks [~elserj]for reporting the issue and @[~swagle] for the patch.
The first change(client) looks good but the second one(server) is line 217 is
incorrect.
The original logic on line 217 which sets private key with mTLS is correct. For
the first change, we could switch line 205 and 208 without a negative if
clause.
> mTLS support for Ozone is not correct
> -------------------------------------
>
> Key: HDDS-1858
> URL: https://issues.apache.org/jira/browse/HDDS-1858
> Project: Hadoop Distributed Data Store
> Issue Type: Bug
> Reporter: Josh Elser
> Assignee: Siddharth Wagle
> Priority: Critical
> Labels: newbie
> Attachments: HDDS-1858.01.patch
>
>
> Thanks to Josh for reporting that we have missing 'Not' in the if condition
> check.
> {code}
> if (conf.isGrpcMutualTlsRequired()) {
> return new GrpcTlsConfig(
> null, null, conf.getTrustStoreFile(), false);
> } else {
> return new GrpcTlsConfig(conf.getClientPrivateKeyFile(),
> conf.getClientCertChainFile(), conf.getTrustStoreFile(), true);
> }
> {code}
> it should have been
> {code}
> if (!conf.isGrpcMutualTlsRequired()) {
> return new GrpcTlsConfig(
> null, null, conf.getTrustStoreFile(), false);
> } else {
> return new GrpcTlsConfig(conf.getClientPrivateKeyFile(),
> conf.getClientCertChainFile(), conf.getTrustStoreFile(), true);
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
