-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ssl_certificate never used in Client #4
Labels
Comments
I've been looking through the code and yes this settings seem to be not used but required. |
thanks to @jsvd's archeology skills it used to be there ruby-lumberjack/lib/lumberjack/client.rb Line 77 in ea49476
|
But even the verification is disabled there 😢 |
@lazyfrosch I'll fix it :( I am messing with another SSL problem so I'll do it at the same time. |
@ph thanks for that 😄 |
ph
added a commit
that referenced
this issue
Jul 30, 2015
The ruby client did not enforce the validation of the certificate, opening possible man in the middle attacks on the client. This PR make sure that the `verify_mode` is set to `VERIFY_PEER` and add the certificate to the store for this specific connection. An integration test was added to validate this change. This change make the ruby client handling of connection closer to the `logstash-forwarder` behavior, which does the verify peer per default. Fixes #4
ph
added a commit
that referenced
this issue
Jul 30, 2015
The ruby client did not enforce the validation of the certificate, opening possible man in the middle attacks on the client. This PR make sure that the `verify_mode` is set to `VERIFY_PEER` and add the certificate to the store for this specific connection. An integration test was added to validate this change. This change makes the ruby client handling of connection closer to the `logstash-forwarder` behavior, which does the verify peer per default. Fixes #4
ph
added a commit
that referenced
this issue
Jul 30, 2015
The ruby client did not enforce the validation of the certificate, opening possible man in the middle attacks on the client. This PR make sure that the `verify_mode` is set to `VERIFY_PEER` and add the certificate to the store for this specific connection. An integration test was added to validate this change. This change makes the ruby client handling of connection closer to the `logstash-forwarder` behavior, which does the verify peer per default. Fixes #4
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Prove me wrong, but I think the
ssl_certificate
is never used in client.So the connection to a server doesn't get validated?
The text was updated successfully, but these errors were encountered: