gsh-digital-services/seaweedFS
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: s3 command ignore -tlsVerifyClientCert and -cacert.file arguments (#6547)

Browse Source 
s3 command ignore tlsVerifyClientCert and cacert.file arguments from
command line. On startS3Server instead of use real values (in s3opt),
default values (from s3Options, always empty) are checked.

Now on right values are checked and if user provide this arguments
RequireAndVerifyClientCert is set and/or ca certificate is loaded.
This commit is contained in:
Karol Będkowski
2025-02-13 21:27:38 +00:00
committed by GitHub
parent 903d288e08
commit 441614b386
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
weed/command/s3.go
View File

@@ -312,7 +312,7 @@ func (s3opt *S3Options) startS3Server() bool {
}
caCertPool := x509.NewCertPool()
if *s3Options.tlsCACertificate != "" {
if *s3opt.tlsCACertificate != "" {
// load CA certificate file and add it to list of client CAs
caCertFile, err := ioutil.ReadFile(*s3opt.tlsCACertificate)
if err != nil {
@@ -322,7 +322,7 @@ func (s3opt *S3Options) startS3Server() bool {
}
clientAuth := tls.NoClientCert
if *s3Options.tlsVerifyClientCert {
if *s3opt.tlsVerifyClientCert {
clientAuth = tls.RequireAndVerifyClientCert
}