You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@thrift.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2015/03/29 23:18:52 UTC

[jira] [Commented] (THRIFT-3050) Client certificate authentication for non-http TLS in C#

    [ https://issues.apache.org/jira/browse/THRIFT-3050?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14385967#comment-14385967 ] 

ASF GitHub Bot commented on THRIFT-3050:
----------------------------------------

GitHub user hansdude opened a pull request:

    https://github.com/apache/thrift/pull/410

    THRIFT-3050 TLS Client cert validation TLS C#

    This plumbs the remote certificate validation callback down
    to the server side authentication code. When the callback is
    set, we set the client certificate required flag. In practice, the
    validation callback still gets called even when the client
    doesn't supply a certificate.
    
    I've taken the liberty of using slightly more modern C# syntax
    to shorten up the affected method.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/hansdude/thrift master

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/thrift/pull/410.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #410
    
----
commit 45d750c5fc9502e3b17c5260b9ab9080bc152eab
Author: Hans-Peter Klett <ha...@spectralogic.com>
Date:   2015-03-29T21:10:16Z

    THRIFT-3050 TLS Client cert validation TLS C#
    
    This plumbs the remote certificate validation callback down
    to the server side authentication code. When the callback is
    set, we set the client certificate required flag. In practice, the
    validation callback still gets called even when the client
    doesn't supply a certificate.
    
    I've taken the liberty of using slightly more modern C# syntax
    to shorten up the affected method.

----


> Client certificate authentication for non-http TLS in C#
> --------------------------------------------------------
>
>                 Key: THRIFT-3050
>                 URL: https://issues.apache.org/jira/browse/THRIFT-3050
>             Project: Thrift
>          Issue Type: New Feature
>          Components: C# - Library
>    Affects Versions: 0.9.2
>            Reporter: Hans-Peter Klett
>              Labels: security
>
> Currently I don't see a way for the server to authenticate the client certificate.
> Related issues:
> THRIFT-181 - Superceded by THRIFT-2347, but mentions lack of client certificate validation
> THRIFT-2347 - Added TLS support.
> THRIFT-2455 - Adds client certificate validation for HTTP, but not regular TLS
> THRIFT-2568 - Added validator support for server TLS certificate.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)