kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove excessive warnings with x509 certificate auth 

Suppress common name verify warning log and roll up into returned error

remove glog test dependency

Kubernetes-commit: bb3124c48a4d276ed280175e5825ea9db022d699
This commit is contained in:
David McCormick 2018-09-24 17:15:27 +01:00 committed by Kubernetes Publisher
parent c30426fbcf
commit a948ad1df7
1 changed files with 1 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/authentication/request/x509/x509.go
View File

@ -23,7 +23,6 @@ import (
"net/http"
"time"
"github.com/golang/glog"
"github.com/prometheus/client_golang/prometheus"
utilerrors "k8s.io/apimachinery/pkg/util/errors"
@ -168,8 +167,7 @@ func (a *Verifier) verifySubject(subject pkix.Name) error {
if a.allowedCommonNames.Has(subject.CommonName) {
return nil
}
glog.Warningf("x509: subject with cn=%s is not in the allowed list: %v", subject.CommonName, a.allowedCommonNames.List())
return fmt.Errorf("x509: subject with cn=%s is not allowed", subject.CommonName)
return fmt.Errorf("x509: subject with cn=%s is not in the allowed list", subject.CommonName)
}
// DefaultVerifyOptions returns VerifyOptions that use the system root certificates, current time,