User story #9502
closed
Drop old protocol and acl for agents
Added by Alexis Mousset over 7 years ago.
Updated about 6 years ago.
Category:
System techniques
Description
- We only generate key-based acl: improved security (and speed in cf-serverd, because we skip the very unefficient hostname comparison), get rid of all the DNS issues
allowlegacyconnects => { } to completely block old protocol- Maybe add restriction on used protocols/cipher (allowtlsversion, allowciphers, tls_min_version, tls_ciphers)
- Target version changed from 4.1.0~beta1 to 4.1.0~beta2
- Target version changed from 4.1.0~beta2 to 4.1.0~beta3
- Target version changed from 4.1.0~beta3 to 4.1.0~rc1
- Target version changed from 4.1.0~rc1 to 4.2.0~beta1
- Subject changed from Add a "tls networking only" mode to Drop old protocol and acl for agents
- Parent task changed from #6363 to #10718
- Target version changed from 4.2.0~beta1 to 4.2.0~beta2
- Target version changed from 4.2.0~beta2 to 4.2.0~beta3
- Target version changed from 4.2.0~beta3 to 4.2.0~rc1
- Target version changed from 4.2.0~rc1 to 4.2.0~rc2
- Target version changed from 4.2.0~rc2 to 4.2.0
- Target version changed from 4.2.0 to 4.2.1
- Target version changed from 4.2.1 to 4.2.2
- Description updated (diff)
- Assignee set to Alexis Mousset
- Target version changed from 4.2.2 to 4.3.0~beta1
- Status changed from New to In progress
- Status changed from In progress to Pending technical review
- Assignee changed from Alexis Mousset to Benoît PECCATTE
- Pull Request set to https://github.com/Normation/rudder-techniques/pull/1214
- Status changed from Pending technical review to Pending release
- Parent task deleted (
#10718)
- Related to Architecture #10718: Rudder 3.1 agents will not be compatible with Rudder >=4.3 added
- Status changed from Pending release to Released
This bug has been fixed in Rudder 4.3.0~beta1 which was released today.
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by