-
Notifications
You must be signed in to change notification settings - Fork 68
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Read secret file before each authentication attempt #128
Read secret file before each authentication attempt #128
Conversation
There has not been any activity to this pull request in the last 14 days. It will automatically be closed after 7 more days. Remove the |
@martin-helmich - Sorry to ping, but any chance this could be reviewed before it's closed off as stale? Thanks! |
There has not been any activity to this pull request in the last 14 days. It will automatically be closed after 7 more days. Remove the |
@martin-helmich Can we please remove the stale tag? |
Apologies. This should not have gotten stale. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 LGTM -- thanks for your contribution.
I believe we have been seeing this issue in our environment. It doesn't appear that this change made it to 0.7.0. Is it possible it may be included in a release soon? |
This PR removes the
secret
variable from the controller and instead reads the secret file before each authentication attempt.Fixes #56 by ensuring that the correct password is used for all reloads.
Relevant varnish docs: https://github.com/varnishcache/varnish-cache/blob/606977bbfb624ead38e9c8648beac0b3906a4294/doc/sphinx/users-guide/run_security.rst#cli-interface-authentication, specifically: