Project

General

Profile

User story #9502

Drop old protocol and acl for agents

Added by Alexis MOUSSET over 1 year ago. Updated 5 months ago.

Status:
Released
Priority:
N/A
Category:
System techniques
Target version:
Target version (plugin):
Suggestion strength:
User visibility:
Effort required:

Description

  • We only generate key-based acl: improved security (and speed in cf-serverd, because we skip the very unefficient hostname comparison), get rid of all the DNS issues
  • allowlegacyconnects => { } to completely block old protocol
  • Maybe add restriction on used protocols/cipher (allowtlsversion, allowciphers, tls_min_version, tls_ciphers)

Related issues

Related to Rudder - Architecture #10718: Rudder 3.1 agents will not be compatible with Rudder >=4.3Rejected

Associated revisions

Revision 6fc4569d (diff)
Added by Alexis MOUSSET 8 months ago

Fixes #9502: Drop old protocol and acl for agents

History

#1 Updated by Alexis MOUSSET over 1 year ago

  • Parent task set to #6363

#2 Updated by Vincent MEMBRÉ over 1 year ago

  • Target version changed from 4.1.0~beta1 to 4.1.0~beta2

#3 Updated by Vincent MEMBRÉ over 1 year ago

  • Target version changed from 4.1.0~beta2 to 4.1.0~beta3

#4 Updated by Vincent MEMBRÉ over 1 year ago

  • Target version changed from 4.1.0~beta3 to 4.1.0~rc1

#5 Updated by François ARMAND over 1 year ago

  • Target version changed from 4.1.0~rc1 to 4.2.0~beta1

#6 Updated by Alexis MOUSSET about 1 year ago

  • Subject changed from Add a "tls networking only" mode to Drop old protocol and acl for agents
  • Parent task changed from #6363 to #10718

#7 Updated by Alexis MOUSSET about 1 year ago

  • Target version changed from 4.2.0~beta1 to 4.2.0~beta2

#8 Updated by Vincent MEMBRÉ 12 months ago

  • Target version changed from 4.2.0~beta2 to 4.2.0~beta3

#9 Updated by Vincent MEMBRÉ 11 months ago

  • Target version changed from 4.2.0~beta3 to 4.2.0~rc1

#10 Updated by Vincent MEMBRÉ 10 months ago

  • Target version changed from 4.2.0~rc1 to 4.2.0~rc2

#11 Updated by Vincent MEMBRÉ 9 months ago

  • Target version changed from 4.2.0~rc2 to 4.2.0

#12 Updated by Vincent MEMBRÉ 9 months ago

  • Target version changed from 4.2.0 to 4.2.1

#13 Updated by Vincent MEMBRÉ 8 months ago

  • Target version changed from 4.2.1 to 4.2.2

#14 Updated by Alexis MOUSSET 8 months ago

  • Description updated (diff)
  • Assignee set to Alexis MOUSSET
  • Target version changed from 4.2.2 to 4.3.0~beta1

#15 Updated by Alexis MOUSSET 8 months ago

  • Status changed from New to In progress

#16 Updated by Alexis MOUSSET 8 months ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Alexis MOUSSET to Benoît PECCATTE
  • Pull Request set to https://github.com/Normation/rudder-techniques/pull/1214

#17 Updated by Alexis MOUSSET 8 months ago

  • Status changed from Pending technical review to Pending release

#18 Updated by Vincent MEMBRÉ 5 months ago

  • Parent task deleted (#10718)

#19 Updated by Vincent MEMBRÉ 5 months ago

  • Related to Architecture #10718: Rudder 3.1 agents will not be compatible with Rudder >=4.3 added

#20 Updated by Vincent MEMBRÉ 5 months ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 4.3.0~beta1 which was released today.

Also available in: Atom PDF