search

openshift / oauth-proxy

A reverse proxy that provides authentication with OpenShift via OAuth and Kubernetes service accounts
MIT License
263 stars 138 forks source link

Bug 1748212: [4.1]: Tighten cipher usage #130

Closed stlaz closed 5 years ago

stlaz commented 5 years ago

Use the cipher suites that are provided by the OpenShift library-go as the reasonable defaults.

cc @enj @mrogers950

I think I'll need to create separate bugzillas for each the backport, the original fix included...

openshift-ci-robot commented 5 years ago

@stlaz: No Bugzilla bug is referenced in the title of this pull request. To reference a bug, add 'Bug XXX:' to the title of this pull request and request another bug refresh with /bugzilla refresh.

In response to [this](https://github.com/openshift/oauth-proxy/pull/130): >[4.1]: Tighten cipher usage Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
openshift-ci-robot commented 5 years ago

@stlaz: No Bugzilla bug is referenced in the title of this pull request. To reference a bug, add 'Bug XXX:' to the title of this pull request and request another bug refresh with /bugzilla refresh.

In response to [this](https://github.com/openshift/oauth-proxy/pull/130): >[4.1]: Tighten cipher usage Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
eparis commented 5 years ago

This PR has no review, no bug attached (which depends on a 4.2 bug), and thus no QE review in master. All of these things need done.

sttts commented 5 years ago

/lgtm /approve

sttts commented 5 years ago

/retest

openshift-ci-robot commented 5 years ago

@stlaz: This pull request references Bugzilla bug 1748212, which is invalid:

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to [this](https://github.com/openshift/oauth-proxy/pull/130): >Bug 1748212: [4.1]: Tighten cipher usage Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
stlaz commented 5 years ago

Added a BZ and the fix to travis CI so that the tests should pass now.

stlaz commented 5 years ago

Travis was still using the old config file, trying to bump go version for its builds to see if this makes it use the new config instead

stlaz commented 5 years ago

/bugzilla refresh

openshift-ci-robot commented 5 years ago

@stlaz: This pull request references Bugzilla bug 1748212, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker.

In response to [this](https://github.com/openshift/oauth-proxy/pull/130#issuecomment-530679838): >/bugzilla refresh Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
mfojtik commented 5 years ago

/lgtm

mfojtik commented 5 years ago

/approve

openshift-ci-robot commented 5 years ago

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by: mfojtik, stlaz, sttts

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/openshift/oauth-proxy/blob/release-4.1/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
openshift-ci-robot commented 5 years ago

@stlaz: All pull requests linked via external trackers have merged. Bugzilla bug 1748212 has been moved to the MODIFIED state.

In response to [this](https://github.com/openshift/oauth-proxy/pull/130): >Bug 1748212: [4.1]: Tighten cipher usage Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.