github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-30 23:15:14 +00:00
Code Issues Projects Releases Wiki Activity

Populate ClientCA in delegating auth setup

Browse Source 
kubernetes/kubernetes#67768 accidentally removed population of the the ClientCA
in the delegating auth setup code.  This restores it.
This commit is contained in:
Solly Ross 2018-10-04 12:48:18 -04:00
parent ae2efc752a
commit 65cea86e44
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
staging/src/k8s.io/apiserver/pkg/server/options/authentication.go
View File

@ -192,9 +192,11 @@ func (s *DelegatingAuthenticationOptions) ApplyTo(c *server.AuthenticationInfo,
} }
// configure AuthenticationInfo config // configure AuthenticationInfo config
cfg.ClientCAFile = s.ClientCert.ClientCA
if err = c.ApplyClientCert(s.ClientCert.ClientCA, servingInfo); err != nil { if err = c.ApplyClientCert(s.ClientCert.ClientCA, servingInfo); err != nil {
return fmt.Errorf("unable to load client CA file: %v", err) return fmt.Errorf("unable to load client CA file: %v", err)
} }
cfg.RequestHeaderConfig = s.RequestHeader.ToAuthenticationRequestHeaderConfig() cfg.RequestHeaderConfig = s.RequestHeader.ToAuthenticationRequestHeaderConfig()
if err = c.ApplyClientCert(s.RequestHeader.ClientCAFile, servingInfo); err != nil { if err = c.ApplyClientCert(s.RequestHeader.ClientCAFile, servingInfo); err != nil {
return fmt.Errorf("unable to load client CA file: %v", err) return fmt.Errorf("unable to load client CA file: %v", err)