Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

privileges: support require SAN (#17539) #17698

Merged
merged 3 commits into from
Jun 5, 2020
Merged

privileges: support require SAN (#17539) #17698

merged 3 commits into from
Jun 5, 2020

Conversation

sre-bot
Copy link
Contributor

@sre-bot sre-bot commented Jun 5, 2020

cherry-pick #17539 to release-4.0

What problem does this PR solve?

Issue Number: close #14759

Problem Summary:

see more in issue link

What is changed and how it works?

What's Changed:

  • add require SAN clause to maintain addition priv info
  • check SAN in user's cert when priv is "require SAN"

Related changes

Check List

Tests

  • Unit test
  • Integration test(WIP)

Side effects

  • n/a

Release note

  • Support authentication based on TLS certificate SAN field

This change is Reviewable

@lysu @sre-bot
cherry pick pingcap#17539 to release-4.0
ccbb71a 
Signed-off-by: sre-bot <sre-bot@pingcap.com>
@sre-bot
Copy link
Contributor Author

sre-bot commented Jun 5, 2020

/run-all-tests

@sre-bot sre-bot mentioned this pull request Jun 5, 2020
Merged
@sre-bot sre-bot added sig/execution SIG execution security Everything related with security status/PTAL type/4.0-cherry-pick labels Jun 5, 2020
@sre-bot sre-bot added this to the v4.0.1 milestone Jun 5, 2020
@lysu lysu added the priority/release-blocker This issue blocks a release. Please solve it ASAP. label Jun 5, 2020
@lysu lysu modified the milestones: v4.0.1, v4.0.2 Jun 5, 2020
@lysu lysu removed the priority/release-blocker This issue blocks a release. Please solve it ASAP. label Jun 5, 2020
jackysp
jackysp reviewed Jun 5, 2020
View reviewed changes
Copy link
Member

@jackysp jackysp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

imtbkcat
imtbkcat approved these changes Jun 5, 2020
View reviewed changes
Copy link

@imtbkcat imtbkcat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jackysp
Copy link
Member

jackysp commented Jun 5, 2020

/merge

@sre-bot sre-bot added the status/can-merge Indicates a PR has been approved by a committer. label Jun 5, 2020
@sre-bot
Copy link
Contributor Author

sre-bot commented Jun 5, 2020

/run-all-tests

@sre-bot
Copy link
Contributor Author

sre-bot commented Jun 5, 2020

@sre-bot merge failed.

@jackysp
Copy link
Member

jackysp commented Jun 5, 2020

/merge

@sre-bot
Copy link
Contributor Author

sre-bot commented Jun 5, 2020

/run-all-tests

@sre-bot sre-bot merged commit bc522e3 into pingcap:release-4.0 Jun 5, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jackysp jackysp jackysp left review comments

@imtbkcat imtbkcat imtbkcat approved these changes

@wshwsh12 wshwsh12 Awaiting requested review from wshwsh12

Assignees

@lysu lysu

Labels
security Everything related with security sig/execution SIG execution status/can-merge Indicates a PR has been approved by a committer. type/4.0-cherry-pick
Projects
None yet
Milestone
v4.0.2
Development

Successfully merging this pull request may close these issues.
4 participants
@sre-bot @jackysp @imtbkcat @lysu