[jira] [Resolved] (KNOX-903) KnoxShell allows self signed certs to be used without any checks

[ https://issues.apache.org/jira/browse/KNOX-903?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Larry McCay resolved KNOX-903. -- Resolution: Fixed > KnoxShell allows self signed certs to be used without any checks > ---

[jira] [Commented] (KNOX-903) KnoxShell allows self signed certs to be used without any checks

[ https://issues.apache.org/jira/browse/KNOX-903?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15902175#comment-15902175 ] ASF subversion and git services commented on KNOX-903: -- Commit 477e2401

[jira] [Commented] (KNOX-903) KnoxShell allows self signed certs to be used without any checks

[ https://issues.apache.org/jira/browse/KNOX-903?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15902177#comment-15902177 ] ASF subversion and git services commented on KNOX-903: -- Commit ff126bac

[jira] [Commented] (KNOX-903) KnoxShell allows self signed certs to be used without any checks

[ https://issues.apache.org/jira/browse/KNOX-903?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15902168#comment-15902168 ] ASF subversion and git services commented on KNOX-903: -- Commit 9f7e34f1

[jira] [Commented] (KNOX-903) KnoxShell allows self signed certs to be used without any checks

[ https://issues.apache.org/jira/browse/KNOX-903?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15902170#comment-15902170 ] ASF subversion and git services commented on KNOX-903: -- Commit 3ec2fc3b

[jira] [Assigned] (KNOX-903) KnoxShell allows self signed certs to be used without any checks

[ https://issues.apache.org/jira/browse/KNOX-903?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Larry McCay reassigned KNOX-903: Assignee: Larry McCay > KnoxShell allows self signed certs to be used without any checks > --

Re: [CANCEL] [VOTE] Release Apache Knox 0.12.0

We should default the variable to null and only set it conditionally. This will allow us to fail securely rather than insecurely. This may have been introduced when I had to merge the knoxtoken branch into that change. It was a troublesome merge as I recall. On Wed, Mar 8, 2017 at 1:53 PM, Sumit

[jira] [Updated] (KNOX-903) KnoxShell allows self signed certs to be used without any checks

[ https://issues.apache.org/jira/browse/KNOX-903?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Vincent Devillers updated KNOX-903: --- Description: A TrustStrategy of TrustSelfSignedStrategy is being used while setting up http cli

[jira] [Created] (KNOX-903) KnoxShell allows self signed certs to be used without any checks

Sumit Gupta created KNOX-903: Summary: KnoxShell allows self signed certs to be used without any checks Key: KNOX-903 URL: https://issues.apache.org/jira/browse/KNOX-903 Project: Apache Knox Iss

[jira] [Updated] (KNOX-902) SSO topology name is hardcoded in knoxauth.js

[ https://issues.apache.org/jira/browse/KNOX-902?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-902: -- Fix Version/s: 0.12.0 > SSO topology name is hardcoded in knoxauth.js > --

[jira] [Commented] (KNOX-902) SSO topology name is hardcoded in knoxauth.js

[ https://issues.apache.org/jira/browse/KNOX-902?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15901797#comment-15901797 ] Sandeep More commented on KNOX-902: --- Thanks [~akanto] ! I pushed your changes in, thank yo

[jira] [Updated] (KNOX-902) SSO topology name is hardcoded in knoxauth.js

[ https://issues.apache.org/jira/browse/KNOX-902?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-902: -- Resolution: Fixed Status: Resolved (was: Patch Available) > SSO topology name is hardcoded in kno

[jira] [Commented] (KNOX-902) SSO topology name is hardcoded in knoxauth.js

[ https://issues.apache.org/jira/browse/KNOX-902?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15901793#comment-15901793 ] ASF subversion and git services commented on KNOX-902: -- Commit 56176ef4

[CANCEL] [VOTE] Release Apache Knox 0.12.0

As per the discussion below the VOTE for release is being cancelled. Sumit. On 3/8/17, 1:51 PM, "Sumit Gupta" wrote: >Thanks for the catch Larry and Vincent. This may have been a merge issue >on my part as well. In any case I agree that the release cannot go out >with this bug. My vote is also

Re: [VOTE] Release Apache Knox 0.12.0

Thanks for the catch Larry and Vincent. This may have been a merge issue on my part as well. In any case I agree that the release cannot go out with this bug. My vote is also -1. I¹ll cancel the vote and file a JIRA for the issue to be fixed. Thanks everyone for testing the RC and stay tuned for t

Re: [VOTE] Release Apache Knox 0.12.0

@larry You are right, in the Hadoop class it should be: HostnameVerifier hostnameVerifier = NoopHostnameVerifier.INSTANCE; TrustStrategy trustStrategy = TrustSelfSignedStrategy.INSTANCE; if (clientContext.connection().secure()) { hostnameVerifier = SSLConnectionSocketFactory.getDefaultHostnameV

Re: [VOTE] Release Apache Knox 0.12.0

Unfortunately, I have found what I view as a showstopper. We had a regression in the knoxshell with respect to requiring proper trust of the cert presented by the gateway. Somewhere along the line the TrustSelfSignedStrategy was added back and self-signed certs now get a free pass. This needs to be