Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow valid domain name characters in the DB username #43105

Closed
VinodAnandan opened this issue Dec 10, 2019 · 3 comments · Fixed by #43114
Closed

Allow valid domain name characters in the DB username #43105

VinodAnandan opened this issue Dec 10, 2019 · 3 comments · Fixed by #43114
Labels
A-security C-enhancement Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception) O-community Originated from the community

Comments

@VinodAnandan
Copy link

Is your feature request related to a problem? Please describe.
Currently, there is a restriction for the database username which will limit the certificate-based authentication. It's very common to include .local (e.g.:  internal-service2.local) in the CN (Common Name) of a certificate.  The AWS Certificate Manager (ACM) won't even issue a certificate if the "dot" (.) is not present.

Describe the solution you'd like
Could you please include dot (.) and hyphen (-) in the whitelist for the database username ?

Thank you,

Vinod
@VinodAnandan
Copy link
Author

CCing @bdarnell @knz @georgebuckerfield @mberhault

@knz knz mentioned this issue Dec 11, 2019
Merged
@knz
Copy link
Contributor

knz commented Dec 11, 2019

Thanks for the request!
CockroachDB 19.2 already added support for hyphens. For the periods see #43114.

@knz knz added A-security C-enhancement Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception) O-community Originated from the community labels Dec 11, 2019
@knz
Copy link
Contributor

knz commented Jan 13, 2020

@rolandcrosby @aaron-crl can you review this and the last few comments on #43114?
I'd need a yes/no answer as to whether the change is desirable, and a separate yes/no on whether putting this on the docket for 20.1 is a good idea.

@craig craig bot closed this as completed in #43114 Mar 4, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-security C-enhancement Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception) O-community Originated from the community
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

*: allow periods (.) in usernames knz/cockroach
2 participants
@knz @VinodAnandan