sapling

mirror of https://github.com/facebook/sapling.git synced 2024-10-10 16:57:49 +03:00

History

Arun Kulshreshtha 9f7d4447fd auth: optionally validate client certs Summary: This diff revives D25454687 (`f98273063a`), which was backed out by D25792491 (`b52168c4c8`) because it was causing Mercurial to crash in certain environments where certificates are configured incorrectly. I've modified the code so that by default, certificates are not validated (maintaining the old behavior), but users of the API can opt-in to validation. In the case of EdenAPI (which is the only user that opts in), this is controlled via a new `edenapi.validate-certs` config option, which defaults to false. This allows enforcing validation on platforms where the configs should be correct (such as devservers) while maintaining the old behavior on other platforms by default. Reviewed By: DurhamG Differential Revision: D26009207 fbshipit-source-id: 904dee61fd12fdee4a0031d14adef7fdb4801139	2021-01-26 17:58:12 -08:00
..
src	auth: optionally validate client certs	2021-01-26 17:58:12 -08:00
Cargo.toml	auth: add x509 module for validating certs	2020-12-11 18:55:03 -08:00

Arun Kulshreshtha 9f7d4447fd auth: optionally validate client certs

Summary:
This diff revives D25454687 (f98273063a), which was backed out by D25792491 (b52168c4c8) because it was causing Mercurial to crash in certain environments where certificates are configured incorrectly.

I've modified the code so that by default, certificates are not validated (maintaining the old behavior), but users of the API can opt-in to validation. In the case of EdenAPI (which is the only user that opts in), this is controlled via a new `edenapi.validate-certs` config option, which defaults to false. This allows enforcing validation on platforms where the configs should be correct (such as devservers) while maintaining the old behavior on other platforms by default.

Reviewed By: DurhamG

Differential Revision: D26009207

fbshipit-source-id: 904dee61fd12fdee4a0031d14adef7fdb4801139

2021-01-26 17:58:12 -08:00

src auth: optionally validate client certs 2021-01-26 17:58:12 -08:00

Cargo.toml auth: add x509 module for validating certs 2020-12-11 18:55:03 -08:00