Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

transport: accept connection if matched IP SAN but no DNS match #8223

Merged
merged 1 commit into from
Jul 7, 2017
Merged

transport: accept connection if matched IP SAN but no DNS match #8223

merged 1 commit into from
Jul 7, 2017

Conversation

heyitsanthony
Copy link
Contributor

The IP SAN check would always do a DNS SAN check if DNS is given
and the connection's IP is verified. Instead, don't check DNS
entries if there's a matching iP.

Fixes #8206

@heyitsanthony
transport: accept connection if matched IP SAN but no DNS match
ab95eb0 
The IP SAN check would always do a DNS SAN check if DNS is given
and the connection's IP is verified. Instead, don't check DNS
entries if there's a matching iP.

Fixes etcd-io#8206
@xiang90
Copy link
Contributor

xiang90 commented Jul 6, 2017

lgtm

@xiang90
Copy link
Contributor

xiang90 commented Jul 6, 2017

this needs to be backported?

@xiang90
Copy link
Contributor

xiang90 commented Jul 6, 2017

ok... see the label. thanks

@codecov-io
Copy link

Codecov Report

❗ No coverage uploaded for pull request base (master@2e76152). Click here to learn what that means.
The diff coverage is 75%.

Impacted file tree graph

@@            Coverage Diff            @@
##             master    #8223   +/-   ##
=========================================
  Coverage          ?   76.36%           
=========================================
  Files             ?      345           
  Lines             ?    26976           
  Branches          ?        0           
=========================================
  Hits              ?    20601           
  Misses            ?     4897           
  Partials          ?     1478
Impacted Files Coverage Δ
pkg/transport/listener_tls.go 78.4% <75%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 2e76152...ab95eb0. Read the comment docs.

@heyitsanthony heyitsanthony merged commit 67fa8b8 into etcd-io:master Jul 7, 2017
@heyitsanthony heyitsanthony deleted the ip-san-exit branch July 7, 2017 16:10
@gyuho gyuho mentioned this pull request Jul 17, 2017
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@heyitsanthony @xiang90 @codecov-io @gyuho