Project

General

Profile

Bug #27221

SSE encryption does not detect ssl termination in proxy

Added by Casey Bodley 10 months ago. Updated 6 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
Target version:
-
Start date:
08/24/2018
Due date:
% Done:

0%

Source:
Tags:
sse proxy
Backport:
luminous mimic
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:

Description

Requests using sse encryption are rejected if they aren't received over an ssl connection - but this does not account for cases where a proxy is performing ssl termination. When rgw_crypt_require_ssl is enabled (as by default), the 'Forwarded' and 'X-Forwarded-Proto' headers should be consulted when determining whether the connection is secure.


Related issues

Copied to rgw - Backport #36644: luminous: SSE encryption does not detect ssl termination in proxy Resolved
Copied to rgw - Backport #36645: mimic: SSE encryption does not detect ssl termination in proxy Resolved

History

#1 Updated by Casey Bodley 8 months ago

  • Status changed from New to Testing

#2 Updated by Casey Bodley 8 months ago

  • Status changed from Testing to Pending Backport

#3 Updated by Patrick Donnelly 8 months ago

  • Copied to Backport #36644: luminous: SSE encryption does not detect ssl termination in proxy added

#4 Updated by Patrick Donnelly 8 months ago

  • Copied to Backport #36645: mimic: SSE encryption does not detect ssl termination in proxy added

#5 Updated by Nathan Cutler 6 months ago

  • Status changed from Pending Backport to Resolved

Also available in: Atom PDF