> On May 31, 2019, 3:05 p.m., Alexander Rukletsov wrote: > > 3rdparty/libprocess/src/tests/ssl_tests.cpp > > Lines 287-290 (patched) > > <https://reviews.apache.org/r/70748/diff/1/?file=2147040#file2147040line287> > > > > Can we also test that a client must *not* present a cert? I believe the > > answer is _no_, but a TODO or a NOTE could be helpful. > > Benno Evers wrote: > I guess we could let `curl` make a request against a server with > `verify_cert=true`, but that seems unrelated to the change in this review, so > it should probably become a separate review later in the chain.
Created https://issues.apache.org/jira/browse/MESOS-9879 for tracking this. - Benno ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/70748/#review215616 ----------------------------------------------------------- On July 2, 2019, 5:28 p.m., Benno Evers wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/70748/ > ----------------------------------------------------------- > > (Updated July 2, 2019, 5:28 p.m.) > > > Review request for mesos, Alexander Rukletsov, Benjamin Mahler, Jan-Philip > Gehrcke, Joseph Wu, and Till Toenshoff. > > > Bugs: MESOS-9810 > https://issues.apache.org/jira/browse/MESOS-9810 > > > Repository: mesos > > > Description > ------- > > This commit slightly updates the semants of the > `LIBPROCESS_SSL_VERIFY_CERT` and `LIBPROCESS_SSL_REQUIRE_CERT` > environment variables. The former now only applies to connections > in client mode and the latter now only applies to connections in > server mode. > > In particular, in TLS server mode we now *only* verify client > certificates when `LIBPROCESS_SSL_REQUIRE_CERT` is set to `true`, > regardless of the value of `LIBPROCESS_SSL_VERIFY_CERT`. > > In addtion, when in SSL client mode and `LIBPROCESS_SSL_VERIFY_CERT` > has been set to `true`, enforce that the server actually presents a > certificate that can be verified. Note that this is expected to be > not a behavioural change in practice, since the TLS specification > already states that a server MUST always send a certificate unless an > anonymous cipher is used, and most TLS ciphersuites are configured to > exclude anonymous ciphers. > > > Diffs > ----- > > 3rdparty/libprocess/src/openssl.hpp > 17bec246e516261f8d772f1647c17f092fae82d1 > 3rdparty/libprocess/src/openssl.cpp > 19d25a89f7dda1f6c66dd1ffc5051e35457d26b0 > 3rdparty/libprocess/src/posix/libevent/libevent_ssl_socket.cpp > 7e2229a9ed815727500bd457356e5531607fa6cf > 3rdparty/libprocess/src/tests/ssl_tests.cpp > 5d360221937e68da185754f0633fa41a217c7107 > > > Diff: https://reviews.apache.org/r/70748/diff/9/ > > > Testing > ------- > > See end of this chain. > > > Thanks, > > Benno Evers > >