Bareos Bug Tracker
Bareos Bug Tracker

View Issue Details Jump to Notes ] Related Changesets ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000257bareos-core[All Projects] file daemonpublic2013-12-03 15:482015-03-25 19:19
Reportermvwieringen 
Assigned To 
PrioritynormalSeverityfeatureReproducibilityalways
StatusclosedResolutionfixed 
PlatformLinuxOSUbuntuOS Version12.04
Product Version13.2.2 
Target Version13.2.3Fixed in Version13.2.3 
Summary0000257: When using passive mode and TLS using NAT the verify peer mode will fail.
DescriptionWhen you use passive mode e.g. when the SD connects to the FD for transfering
data the TLS handshake will fail when you also NAT the connection from the SD
to the FD. The FD can only validate the certificate using the CN matching the
FQDN of the ip address of the NAT box.
Additional InformationYou can work around this by putting the FQDN of the NAT box that the FD sees
into the alternative name of the certificate but it would be much nicer if
you could just define a set of allowed CNs in the client definition of the
FD just like what the SD has with TLS Allowed CN.
TagsNo tags attached.
bareos-master: impact
bareos-master: action
bareos-18.2: impact
bareos-18.2: action
bareos-17.2: impact
bareos-17.2: action
bareos-16.2: impact
bareos-16.2: action
bareos-15.2: impact
bareos-15.2: action
bareos-14.2: impact
bareos-14.2: action
bareos-13.2: impact
bareos-13.2: action
bareos-12.4: impact
bareos-12.4: action
Attached Files? file icon bareos-common_13.4.0-3.1_amd64.deb [^] (427,120 bytes) 2013-12-03 17:20
? file icon bareos-filedaemon_13.4.0-3.1_amd64.deb [^] (87,622 bytes) 2013-12-03 17:20

- Relationships

-  Notes
(0000743)
mvwieringen (developer)
2013-12-04 10:47

Fix committed to bareos bareos-13.2 branch with changesetid 1359.
(0000744)
mvwieringen (developer)
2013-12-04 10:47

Fix committed to bareos master branch with changesetid 1360.
(0001415)
mvwieringen (developer)
2015-03-25 16:51

Fix committed to bareos2015 bareos-14.2 branch with changesetid 4975.
(0001567)
joergs (administrator)
2015-03-25 19:19

Due to the reimport of the Github repository to bugs.bareos.org, the status of some tickets have been changed. These tickets will be closed again.
Sorry for the noise.

- Related Changesets
bareos: bareos-13.2 52acbfbc
Timestamp: 2013-11-28 19:40:16
Author: mvwieringen
Ported: N/A
Details ] Diff ]
Add support for setting allowed cns for passive mode.

Fixes 0000257: When using passive mode and TLS using NAT the verify peer mode will fail.
mod - src/filed/authenticate.c Diff ] File ]
mod - src/filed/filed_conf.c Diff ] File ]
mod - src/filed/filed_conf.h Diff ] File ]
bareos: master 3901288d
Timestamp: 2013-11-28 19:40:16
Author: mvwieringen
Ported: N/A
Details ] Diff ]
Add support for setting allowed cns for passive mode.

Fixes 0000257: When using passive mode and TLS using NAT the verify peer mode will fail.
mod - src/filed/authenticate.c Diff ] File ]
mod - src/filed/filed_conf.c Diff ] File ]
mod - src/filed/filed_conf.h Diff ] File ]
bareos2015: bareos-13.2 9b03474f
Timestamp: 2013-11-28 20:40:16
Author: mvwieringen
Ported: N/A
Details ] Diff ]
Add support for setting allowed cns for passive mode.

Fixes 0000257: When using passive mode and TLS using NAT the verify peer mode will fail.
mod - src/filed/authenticate.c Diff ] File ]
mod - src/filed/filed_conf.c Diff ] File ]
mod - src/filed/filed_conf.h Diff ] File ]
bareos2015: bareos-14.2 3bdfdd8f
Timestamp: 2013-11-28 20:40:16
Author: mvwieringen
Ported: N/A
Details ] Diff ]
Add support for setting allowed cns for passive mode.

Fixes 0000257: When using passive mode and TLS using NAT the verify peer mode will fail.
mod - src/filed/authenticate.c Diff ] File ]
mod - src/filed/filed_conf.c Diff ] File ]
mod - src/filed/filed_conf.h Diff ] File ]

- Issue History
Date Modified Username Field Change
2013-12-03 15:48 mvwieringen New Issue
2013-12-03 15:48 mvwieringen Status new => assigned
2013-12-03 15:48 mvwieringen Assigned To => mvwieringen
2013-12-03 15:58 mvwieringen File Added: bareos-common_13.4.0-2.1_amd64.deb
2013-12-03 15:58 mvwieringen File Added: bareos-filedaemon_13.4.0-2.1_amd64.deb
2013-12-03 16:36 mvwieringen File Deleted: bareos-common_13.4.0-2.1_amd64.deb
2013-12-03 16:36 mvwieringen File Deleted: bareos-filedaemon_13.4.0-2.1_amd64.deb
2013-12-03 17:20 mvwieringen File Added: bareos-common_13.4.0-3.1_amd64.deb
2013-12-03 17:21 mvwieringen File Added: bareos-filedaemon_13.4.0-3.1_amd64.deb
2013-12-04 10:47 mvwieringen Changeset attached => bareos bareos-13.2 52acbfbc
2013-12-04 10:47 mvwieringen Note Added: 0000743
2013-12-04 10:47 mvwieringen Status assigned => resolved
2013-12-04 10:47 mvwieringen Resolution open => fixed
2013-12-04 10:47 mvwieringen Changeset attached => bareos master 3901288d
2013-12-04 10:47 mvwieringen Note Added: 0000744
2014-05-16 17:31 mvwieringen adm Assigned To mvwieringen =>
2014-05-16 17:31 mvwieringen adm Status resolved => closed
2014-05-16 17:31 mvwieringen adm Fixed in Version => 13.2.3
2015-03-25 16:51 mvwieringen Changeset attached => bareos2015 bareos-13.2 9b03474f
2015-03-25 16:51 mvwieringen Changeset attached => bareos2015 bareos-14.2 3bdfdd8f
2015-03-25 16:51 mvwieringen Note Added: 0001415
2015-03-25 16:51 mvwieringen Status closed => resolved
2015-03-25 19:19 joergs Note Added: 0001567
2015-03-25 19:19 joergs Status resolved => closed


Copyright © 2000 - 2018 MantisBT Team
Powered by Mantis Bugtracker