nifi-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (MINIFICPP-607) Remove host and peer verification bypass configuration option
Date Fri, 14 Sep 2018 18:37:00 GMT

    [ https://issues.apache.org/jira/browse/MINIFICPP-607?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16615219#comment-16615219
] 

ASF GitHub Bot commented on MINIFICPP-607:
------------------------------------------

GitHub user phrocker opened a pull request:

    https://github.com/apache/nifi-minifi-cpp/pull/398

    MINIFICPP-607: Remove host/peer bypass

    Thank you for submitting a contribution to Apache NiFi - MiNiFi C++.
    
    In order to streamline the review of the contribution we ask you
    to ensure the following steps have been taken:
    
    ### For all changes:
    - [ ] Is there a JIRA ticket associated with this PR? Is it referenced
         in the commit message?
    
    - [ ] Does your PR title start with MINIFI-XXXX where XXXX is the JIRA number you are
trying to resolve? Pay particular attention to the hyphen "-" character.
    
    - [ ] Has your PR been rebased against the latest commit within the target branch (typically
master)?
    
    - [ ] Is your initial contribution a single, squashed commit?
    
    ### For code changes:
    - [ ] If adding new dependencies to the code, are these dependencies licensed in a way
that is compatible for inclusion under [ASF 2.0](http://www.apache.org/legal/resolved.html#category-a)?
    - [ ] If applicable, have you updated the LICENSE file?
    - [ ] If applicable, have you updated the NOTICE file?
    
    ### For documentation related changes:
    - [ ] Have you ensured that format looks appropriate for the output in which it is rendered?
    
    ### Note:
    Please ensure that once the PR is submitted, you check travis-ci for build issues and
submit an update to your PR as soon as possible.


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/phrocker/nifi-minifi-cpp MINIFICPP-607

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/nifi-minifi-cpp/pull/398.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #398
    
----
commit 2ce8824de8704fcfcc8de68b66312699ebbaa5c2
Author: Marc Parisi <phrocker@...>
Date:   2018-09-14T18:29:02Z

    MINIFICPP-607: Remove host/peer bypass

----


> Remove host and peer verification bypass configuration option
> -------------------------------------------------------------
>
>                 Key: MINIFICPP-607
>                 URL: https://issues.apache.org/jira/browse/MINIFICPP-607
>             Project: NiFi MiNiFi C++
>          Issue Type: Improvement
>    Affects Versions: 0.5.0
>            Reporter: Andy LoPresto
>            Assignee: Mr TheSegfault
>            Priority: Critical
>              Labels: certificate, configuration, cryptography, security, tls, verification
>
> There is a [section of the MiNiFi C++ documentation|https://github.com/apache/nifi-minifi-cpp/#sitetosite-security-configuration]
which instructs the user on how to bypass host and peer verification when making secure connections.
These configuration options should be removed, and users should configure the certificates
correctly. 
> {quote}
> If during testing you have a need to disable host or peer verification, you may use the
following options:
> # in minifi.properties
> nifi.security.client.disable.host.verification=true
> nifi.security.client.disable.peer.verification=true
> {quote}
> Spoke to Marc Parisi off list and he asked me to assign to him. 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message