Issue #11484 has been updated by Daniel Pittman. Description updated
Bill Tong wrote: > From my understanding, the auth option does the following: > <pre> > auth yes: only look at client certs > auth no: only look at hostnames/ips(?) > auth any: look at both > </pre> That is subtly wrong: yes => require a client certificate, and use the certname any => do not require a client certificate. use the certname if a certificate is offered, or the reverse IP lookup otherwise no => same as any ---------------------------------------- Bug #11484: puppet's "auth" option is too obtuse https://projects.puppetlabs.com/issues/11484#change-56855 Author: Bill Tong Status: Needs More Information Priority: Normal Assignee: Category: Target version: Affected Puppet version: Keywords: Branch: >From my understanding, the auth option does the following: auth yes: only look at client certs auth no: only look at hostnames/ips(?) auth any: look at both So "yes" and "no" bear no relation to what is being done. I'd like to suggest the following: auth clientcert auth hostbased auth any -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
