date:20191005

[trafficserver] branch 9.0.x updated: Updated ChangeLog

2019-10-05 Thread zwoop

This is an automated email from the ASF dual-hosted git repository.

zwoop pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new b58aaa9  Updated ChangeLog
b58aaa9 is described below

commit b58aaa9de8da43e55a8e94811dae4398f3fbdfde
Author: Leif Hedstrom 
AuthorDate: Sat Oct 5 15:22:21 2019 -0600

Updated ChangeLog
---
 CHANGELOG-9.0.0 | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG-9.0.0 b/CHANGELOG-9.0.0
index 748314d..79959cd 100644
--- a/CHANGELOG-9.0.0
+++ b/CHANGELOG-9.0.0
@@ -794,6 +794,7 @@ Changes with Apache Traffic Server 9.0.0
   #5935 - Perform a SSL quiet shutdown when close-notify is not sent
   #5939 - Remove hard coded filename in error message
   #5955 - Fix debug output for global_user_agent_header.
+  #5956 - Turn on certificate verification, in permissive mode for now
   #5959 - Clear api set bit to avoid crash in following redirect.
   #5961 - Clarify docs on the change from redirect_enabled.
   #5962 - Removed hardcoded sni.yaml configuration filename in logs

[trafficserver] branch 9.0.x updated: Turn on certificate verification, in permissive mode for now

2019-10-05 Thread zwoop

This is an automated email from the ASF dual-hosted git repository.

zwoop pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 2d142ef  Turn on certificate verification, in permissive mode for now
2d142ef is described below

commit 2d142efd025d7e48d6a6ac0c7b7eb3792ceb2440
Author: Leif Hedstrom 
AuthorDate: Tue Sep 24 11:30:38 2019 -0600

Turn on certificate verification, in permissive mode for now

(cherry picked from commit 04982180df1de9996e9df207bae37ba200882096)
---
 configs/records.config.default.in   | 2 +-
 doc/admin-guide/files/records.config.en.rst | 2 +-
 mgmt/RecordsConfig.cc   | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configs/records.config.default.in 
b/configs/records.config.default.in
index 61028b0..df417bc 100644
--- a/configs/records.config.default.in
+++ b/configs/records.config.default.in
@@ -163,7 +163,7 @@ CONFIG proxy.config.reverse_proxy.enabled INT 1
 #
https://docs.trafficserver.apache.org/records.config#client-related-configuration
 #
https://docs.trafficserver.apache.org/en/latest/admin-guide/files/ssl_multicert.config.en.html
 ##
-CONFIG proxy.config.ssl.client.verify.server.policy STRING DISABLED
+CONFIG proxy.config.ssl.client.verify.server.policy STRING PERMISSIVE
 CONFIG proxy.config.ssl.client.verify.server.properties STRING ALL
 CONFIG proxy.config.ssl.client.CA.cert.filename STRING NULL
 CONFIG proxy.config.ssl.server.cipher_suite STRING 
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES
 [...]
diff --git a/doc/admin-guide/files/records.config.en.rst 
b/doc/admin-guide/files/records.config.en.rst
index e4d94c6..c8284d5 100644
--- a/doc/admin-guide/files/records.config.en.rst
+++ b/doc/admin-guide/files/records.config.en.rst
@@ -3349,7 +3349,7 @@ SSL Termination
 Client-Related Configuration
 
 
-.. ts:cv:: CONFIG proxy.config.ssl.client.verify.server.policy STRING DISABLED
+.. ts:cv:: CONFIG proxy.config.ssl.client.verify.server.policy STRING 
PERMISSIVE
:reloadable:
:overridable:
 
diff --git a/mgmt/RecordsConfig.cc b/mgmt/RecordsConfig.cc
index 71214fb..92adf0f 100644
--- a/mgmt/RecordsConfig.cc
+++ b/mgmt/RecordsConfig.cc
@@ -1098,7 +1098,7 @@ static const RecordElement RecordsConfig[] =
   ,
   {RECT_CONFIG, "proxy.config.ssl.client.verify.server", RECD_INT, "0", 
RECU_DYNAMIC, RR_NULL, RECC_INT, "[0-2]", RECA_NULL}
   ,
-  {RECT_CONFIG, "proxy.config.ssl.client.verify.server.policy", RECD_STRING, 
"DISABLED", RECU_DYNAMIC, RR_NULL, RECC_NULL, nullptr, RECA_NULL}
+  {RECT_CONFIG, "proxy.config.ssl.client.verify.server.policy", RECD_STRING, 
"PERMISSIVE", RECU_DYNAMIC, RR_NULL, RECC_NULL, nullptr, RECA_NULL}
   ,
   {RECT_CONFIG, "proxy.config.ssl.client.verify.server.properties", 
RECD_STRING, "ALL", RECU_DYNAMIC, RR_NULL, RECC_NULL, nullptr, RECA_NULL}
   ,

[trafficserver] branch master updated: Turn on certificate verification, in permissive mode for now

2019-10-05 Thread zwoop

This is an automated email from the ASF dual-hosted git repository.

zwoop pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new 0498218  Turn on certificate verification, in permissive mode for now
0498218 is described below

commit 04982180df1de9996e9df207bae37ba200882096
Author: Leif Hedstrom 
AuthorDate: Tue Sep 24 11:30:38 2019 -0600

Turn on certificate verification, in permissive mode for now
---
 configs/records.config.default.in   | 2 +-
 doc/admin-guide/files/records.config.en.rst | 2 +-
 mgmt/RecordsConfig.cc   | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configs/records.config.default.in 
b/configs/records.config.default.in
index 61028b0..df417bc 100644
--- a/configs/records.config.default.in
+++ b/configs/records.config.default.in
@@ -163,7 +163,7 @@ CONFIG proxy.config.reverse_proxy.enabled INT 1
 #
https://docs.trafficserver.apache.org/records.config#client-related-configuration
 #
https://docs.trafficserver.apache.org/en/latest/admin-guide/files/ssl_multicert.config.en.html
 ##
-CONFIG proxy.config.ssl.client.verify.server.policy STRING DISABLED
+CONFIG proxy.config.ssl.client.verify.server.policy STRING PERMISSIVE
 CONFIG proxy.config.ssl.client.verify.server.properties STRING ALL
 CONFIG proxy.config.ssl.client.CA.cert.filename STRING NULL
 CONFIG proxy.config.ssl.server.cipher_suite STRING 
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES
 [...]
diff --git a/doc/admin-guide/files/records.config.en.rst 
b/doc/admin-guide/files/records.config.en.rst
index e4d94c6..c8284d5 100644
--- a/doc/admin-guide/files/records.config.en.rst
+++ b/doc/admin-guide/files/records.config.en.rst
@@ -3349,7 +3349,7 @@ SSL Termination
 Client-Related Configuration
 
 
-.. ts:cv:: CONFIG proxy.config.ssl.client.verify.server.policy STRING DISABLED
+.. ts:cv:: CONFIG proxy.config.ssl.client.verify.server.policy STRING 
PERMISSIVE
:reloadable:
:overridable:
 
diff --git a/mgmt/RecordsConfig.cc b/mgmt/RecordsConfig.cc
index 71214fb..92adf0f 100644
--- a/mgmt/RecordsConfig.cc
+++ b/mgmt/RecordsConfig.cc
@@ -1098,7 +1098,7 @@ static const RecordElement RecordsConfig[] =
   ,
   {RECT_CONFIG, "proxy.config.ssl.client.verify.server", RECD_INT, "0", 
RECU_DYNAMIC, RR_NULL, RECC_INT, "[0-2]", RECA_NULL}
   ,
-  {RECT_CONFIG, "proxy.config.ssl.client.verify.server.policy", RECD_STRING, 
"DISABLED", RECU_DYNAMIC, RR_NULL, RECC_NULL, nullptr, RECA_NULL}
+  {RECT_CONFIG, "proxy.config.ssl.client.verify.server.policy", RECD_STRING, 
"PERMISSIVE", RECU_DYNAMIC, RR_NULL, RECC_NULL, nullptr, RECA_NULL}
   ,
   {RECT_CONFIG, "proxy.config.ssl.client.verify.server.properties", 
RECD_STRING, "ALL", RECU_DYNAMIC, RR_NULL, RECC_NULL, nullptr, RECA_NULL}
   ,

[trafficserver] branch 8.0.x updated: Concurrent SRV request failures

2019-10-05 Thread zwoop

This is an automated email from the ASF dual-hosted git repository.

zwoop pushed a commit to branch 8.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/8.0.x by this push:
 new 36ac629  Concurrent SRV request failures
36ac629 is described below

commit 36ac62973735f311d41c5dcd63e8c0a2ff22b777
Author: Vijay Mamidi 
AuthorDate: Sat Oct 5 00:23:06 2019 -0700

Concurrent SRV request failures

(cherry picked from commit bf0140612866699d174355c6f95f886463090c33)
---
 iocore/hostdb/HostDB.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iocore/hostdb/HostDB.cc b/iocore/hostdb/HostDB.cc
index 6dcf7ea..b70238e 100644
--- a/iocore/hostdb/HostDB.cc
+++ b/iocore/hostdb/HostDB.cc
@@ -1605,7 +1605,7 @@ HostDBContinuation::probeEvent(int /* event ATS_UNUSED 
*/, Event *e)
 }
 
 if (action.continuation && r) {
-  reply_to_cont(action.continuation, r.get());
+  reply_to_cont(action.continuation, r.get(), is_srv());
 }
 
 // If it suceeds or it was a remote probe, we are done

[trafficserver] branch 9.0.x updated: Concurrent SRV request failures

2019-10-05 Thread zwoop

This is an automated email from the ASF dual-hosted git repository.

zwoop pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 5fe0b79  Concurrent SRV request failures
5fe0b79 is described below

commit 5fe0b79170de26f1887e2edd4fde370208c836ec
Author: Vijay Mamidi 
AuthorDate: Sat Oct 5 00:23:06 2019 -0700

Concurrent SRV request failures

(cherry picked from commit bf0140612866699d174355c6f95f886463090c33)
---
 iocore/hostdb/HostDB.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iocore/hostdb/HostDB.cc b/iocore/hostdb/HostDB.cc
index 991071c..512781f 100644
--- a/iocore/hostdb/HostDB.cc
+++ b/iocore/hostdb/HostDB.cc
@@ -1556,7 +1556,7 @@ HostDBContinuation::probeEvent(int /* event ATS_UNUSED 
*/, Event *e)
 }
 
 if (action.continuation && r) {
-  reply_to_cont(action.continuation, r.get());
+  reply_to_cont(action.continuation, r.get(), is_srv());
 }
 
 // If it succeeds or it was a remote probe, we are done

[trafficserver] branch master updated: Concurrent SRV request failures

2019-10-05 Thread zwoop

This is an automated email from the ASF dual-hosted git repository.

zwoop pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
 new bf01406  Concurrent SRV request failures
bf01406 is described below

commit bf0140612866699d174355c6f95f886463090c33
Author: Vijay Mamidi 
AuthorDate: Sat Oct 5 00:23:06 2019 -0700

Concurrent SRV request failures
---
 iocore/hostdb/HostDB.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iocore/hostdb/HostDB.cc b/iocore/hostdb/HostDB.cc
index 991071c..512781f 100644
--- a/iocore/hostdb/HostDB.cc
+++ b/iocore/hostdb/HostDB.cc
@@ -1556,7 +1556,7 @@ HostDBContinuation::probeEvent(int /* event ATS_UNUSED 
*/, Event *e)
 }
 
 if (action.continuation && r) {
-  reply_to_cont(action.continuation, r.get());
+  reply_to_cont(action.continuation, r.get(), is_srv());
 }
 
 // If it succeeds or it was a remote probe, we are done

[trafficserver] branch 9.0.x updated: Updated ChangeLog

[trafficserver] branch 9.0.x updated: Turn on certificate verification, in permissive mode for now

[trafficserver] branch master updated: Turn on certificate verification, in permissive mode for now

[trafficserver] branch 8.0.x updated: Concurrent SRV request failures

[trafficserver] branch 9.0.x updated: Concurrent SRV request failures

[trafficserver] branch master updated: Concurrent SRV request failures

6 matches

Site Navigation

Mail list logo

Footer information