Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

new option to ignore incoming connection encryption if set #3

Open
wants to merge 1 commit into
base: aiven-3.11.10
Choose a base branch
from

Conversation

sjamgade
Copy link

c2f24d2
The commit disallows unencrypted connection when the node expects
encrypted connection.

In simpler words, As soon as node is configured with encryption(nodeA) it
wont accept unencrypted connection (nodeB. nodeC). And inserts with
consistency 2 in a 3 node(nodeA, nodeB, nodeC) cluster would stop
working a soon as (nodeB) goes down, even though 2 nodes (nodeA [expects
encryption], and nodeC [encryption-not-configured]) are up.

That commit includes test and inside those tests is a comment to further
clarify the situation:

/*
* instance (1) won't connect to (2), since (2) won't have a TLS listener;
* instance (2) won't connect to (1), since inbound check will reject
* the unencrypted connection attempt;
*
* without the patch, instance (2) *CAN* connect to (1), without encryption,
* despite being in a different dc.
*/

Here instance1 is configured to have encryption (across DC's) and
instance(2) not at all. They belong to diffierent DC's

The patch add a new option. This options when set allows control over
enforcing the above decision (to terminate NON-SSL connection when SSL
is configured). If the option is set to true the check is enforced and
do not otherwise (also enforce if the option is not set, keeping the
behaviour backward compatible)

c2f24d2
The commit disallows unencrypted connection when the node expects
encrypted connection.

In simpler words, As soon as node is configured with encryption(nodeA) it
wont accept unencrypted connection (nodeB. nodeC). And inserts with
consistency 2 in a 3 node(nodeA, nodeB, nodeC) cluster would stop
working a soon as (nodeB) goes down, even though 2 nodes (nodeA [expects
encryption], and nodeC [encryption-not-configured]) are up.

That commit includes test and inside those tests is a comment to further
clarify the situation:

    /*
    * instance (1) won't connect to (2), since (2) won't have a TLS listener;
    * instance (2) won't connect to (1), since inbound check will reject
    * the unencrypted connection attempt;
    *
    * without the patch, instance (2) *CAN* connect to (1), without encryption,
    * despite being in a different dc.
    */

Here instance1 is configured to have encryption (across DC's) and
instance(2) not at all. They belong to diffierent DC's

The patch add a new option. This options when set allows control over
enforcing the above decision (to terminate NON-SSL connection when SSL
is configured). If the option is set to true the check is enforced and
do not otherwise (also enforce if the option is not set, keeping the
behaviour backward compatible)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant