Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support common name check for tls #934

Merged
merged 2 commits into from
Mar 19, 2020
Merged

support common name check for tls #934

merged 2 commits into from
Mar 19, 2020

Conversation

WangXiangUSTC
Copy link
Contributor

What problem does this PR solve?

fix issue #930
Allow pump and drainer add TLS certificate CN validation

What is changed and how it works?

add VerifyPeerCertificate function for tls

Check List

Tests

  • Integration test

Related changes

  • Need to cherry-pick to the release branch
  • Need to update the documentation

@WangXiangUSTC
Copy link
Contributor Author

/run-all-tests

@WangXiangUSTC
Copy link
Contributor Author

@july2993 @kennytm PTAL

july2993
july2993 reviewed Mar 17, 2020
View reviewed changes
Copy link
Contributor

@july2993 july2993 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

pls update config template
rest LGTM

@WangXiangUSTC
Copy link
Contributor Author

WangXiangUSTC commented Mar 17, 2020
edited
Loading

pls update config template
rest LGTM

update in f961dd9 @july2993

@weekface weekface mentioned this pull request Mar 19, 2020
Closed
52 tasks
july2993
july2993 reviewed Mar 19, 2020
View reviewed changes
Copy link
Contributor

@july2993 july2993 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

kennytm
kennytm approved these changes Mar 19, 2020
View reviewed changes
Copy link
Contributor

@kennytm kennytm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

When are we going to move to tidb-tool's TLS package?

@WangXiangUSTC
Copy link
Contributor Author

LGTM.

When are we going to move to tidb-tool's TLS package?

seems that binlog use a different way to support online reload, so I need to modified a lot of code if I use pkg in tidb-tools, so just update the pkg/security in this pr 😃 @kennytm

@WangXiangUSTC WangXiangUSTC merged commit cd9a4d1 into pingcap:master Mar 19, 2020
@WangXiangUSTC WangXiangUSTC deleted the xiang/cn branch March 19, 2020 10:02
WangXiangUSTC added a commit that referenced this pull request Mar 20, 2020
@WangXiangUSTC
support common name check for tls (#934)
47c8b1d
@WangXiangUSTC WangXiangUSTC mentioned this pull request Mar 20, 2020
Merged
WangXiangUSTC added a commit that referenced this pull request Mar 20, 2020
@WangXiangUSTC
support common name check for tls (#934) (#937)
a5b65c5
@sre-bot
Copy link

sre-bot commented Mar 20, 2020

cherry pick to release-3.1 failed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@july2993 july2993 july2993 left review comments

@kennytm kennytm kennytm approved these changes

Assignees
No one assigned
Labels
needs-cherry-pick-release-3.0 needs-cherry-pick-release-3.1 status/LGT2 type/feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@WangXiangUSTC @sre-bot @kennytm @july2993