xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2026-04-24 17:51:29 +00:00
Code Issues Projects Releases Wiki Activity

Skip policy setting for now and take defaults.

Browse Source
This commit is contained in:
Jarrod Johnson
2026-04-14 10:45:45 -04:00
parent 2bd13c397d
commit 2a32fc85a6
1 changed files with 0 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
confluent_server/confluent/util.py
View File

@@ -279,17 +279,6 @@ class TLSCertVerifier(object):
return False
castore = verification.Store(certs)
_polbuilder = verification.PolicyBuilder().store(castore)
try:
eep = verification.ExtensionPolicy.permit_all().require_present(
x509.SubjectAlternativeName, verification.Criticality.AGNOSTIC, None).may_be_present(
x509.KeyUsage, verification.Criticality.AGNOSTIC, None)
cap = verification.ExtensionPolicy.webpki_defaults_ca().require_present(
x509.BasicConstraints, verification.Criticality.AGNOSTIC, None).may_be_present(
x509.KeyUsage, verification.Criticality.AGNOSTIC, None)
_polbuilder = _polbuilder.extension_policies(
ee_policy=eep, ca_policy=cap)
except AttributeError:
pass
try:
addr = ipaddress.ip_address(self.subject)
subject = x509.IPAddress(addr)