Refactor #34236
closed
Drop require_ssl_smart_proxies setting
Description
From https://community.theforeman.org/t/drop-require-ssl-and-require-ssl-smart-proxies-settings/26772
If this setting is true (the default) The Smart Proxies authenticate using SSL client certificates.
If it’s false, other means can be used. Today reverse DNS can be used (foreman/smart_proxy_auth.rb at bde7047acb8a68a899f60585f751093c9713bb92 · theforeman/foreman · GitHub). I’d argue this is unsafe and we should not have this code at all.
It should also be noted that prior to Feature #30779: Use ActionDispatch::RemoteIp when working as a reverse proxy - Foreman users could spoof the remote IP if they came from the local network. That in combination with reverse DNS checks means it’s easy to bypass these security checks. After this, it may actually be that the Katello HTTP reverse proxy setup that it ships opens this security risk. Removing the option for users to shoot themselves in the foot makes the project more secure.
Updated by The Foreman Bot almost 2 years ago
- Status changed from New to Ready For Testing
- Assignee set to Ewoud Kohl van Wijngaarden
- Pull request https://github.com/theforeman/foreman/pull/9021 added
Updated by Ewoud Kohl van Wijngaarden almost 2 years ago
- Status changed from Ready For Testing to Closed
Applied in changeset foreman|9690f3aef6166fdd41979a167cfe93dd5cc40eab.
Updated by Ondřej Ezr almost 2 years ago
- Related to Refactor #34273: Drop usage of require_ssl_smart_proxies setting from tests added