You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by "michaeljmarshall (via GitHub)" <gi...@apache.org> on 2023/03/01 07:32:46 UTC

[GitHub] [pulsar] michaeljmarshall opened a new pull request, #19674: [improve] Add Broker, WS Proxy conf to simplify hostname verification

michaeljmarshall opened a new pull request, #19674:
URL: https://github.com/apache/pulsar/pull/19674

   ### Motivation
   
   When we merged #15818 in order to make the broker's client configurable, we did not add an explicit config for hostname verification. This PR adds that config to the broker and the websocket proxy. I chose the name `tlsHostnameVerificationEnabled` because that is what is already used in the proxy. It diverges from the function worker's config of `tlsEnableHostnameVerification`.
   
   Before this PR, you would have enabled hostname verification by configuring `brokerClient_tlsHostnameVerificationEnable=true` in the broker and WS proxy configs. (Note that the variable name is slightly different because the `ClientConfiguration` does not have a `d` at the end of its name.
   
   The remaining follow up work will be to update the `ClusterData` objects to configure hostname verification there to make it easier to configure hostname verification for remote clusters.
   
   ### Modifications
   
   * Add `tlsHostnameVerificationEnabled` to the `broker.conf` and the `proxy.conf`
   * Update all of the relevant locations that were previously only relying on `brokerClient_tlsHostnameVerificationEnable`
   
   ### Verifying this change
   
   I added a single test to ensure that the `WebSocketProxyConfiguration` properly converts to the `ServiceConfiguration` object.
   
   ### Does this pull request potentially affect one of the following parts:
   
   This PR introduces a "new" configuration key, but not a new concept. All underlying behaviors are unchanged.
   
   ### Documentation
   
   - [x] `doc-not-needed`
   
   Docs are automatically updated by these changes.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] michaeljmarshall merged pull request #19674: [improve] Simplify enabling Broker, WS Proxy hostname verification

Posted by "michaeljmarshall (via GitHub)" <gi...@apache.org>.
michaeljmarshall merged PR #19674:
URL: https://github.com/apache/pulsar/pull/19674


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org