-
Notifications
You must be signed in to change notification settings - Fork 258
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
require TLS by default #1529
require TLS by default #1529
Conversation
ea2f45a
to
61667e0
Compare
Upstream Python is maybe making effort in having finally TLS-PSK supported in native ssl module |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please remove the remains of
TLS Require = no
following
TLS Enable = no
as this is not required anymore.
@@ -40,7 +40,7 @@ messages | |||
list jobs | |||
@$out $log_home/should-hang.out | |||
restore client=bareos-fd fileset=SelfTest where=$tmp/bareos-restores select all done yes | |||
@sleep 3 | |||
@sleep 10 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do we really need to wait for 10 seconds here?
52d5254
to
65b2001
Compare
As the default now is `TlsRequire = Yes`, this commit sets TlsRequire to No in the configuration files for this test.
As Tls Require now defaults to yes, we need to set it to no to make the test work.
Previously, when setting `TLS Require = yes` this would implicitly also set `TLS Enable = yes`. Since both, `TLS Enable` and `TLS Require` now default to yes, this would mean that to disable TLS you have to set both `TLS Enable = no` and `TLS Require = no`. Thus patch changes the behaviour, to make `TLS Enable = no` also imply `TLS Require = no`. The most common scenarios don't require any configuration change, as the effect is unchanged. In the improbable case where you had configured Bareos like this: ``` TLS Enable = no TLS Require = yes ``` The old behaviour was to have TLS enabled and required, while the new behaviour is now to have TLS disabled.
59900e4
to
9e66fc3
Compare
Thank you for contributing to the Bareos Project!
Please check
If you have any questions or problems, please give a comment in the PR.
Helpful documentation and best practices
Checklist for the reviewer of the PR (will be processed by the Bareos team)
Make sure you check/merge the PR using
devtools/pr-tool
to have some simple automated checks run and a proper changelog record added.General
Source code quality
Tests