Chg: update image tag in helm values to v3.2.1

Chg: update image tag in helm values to v3.2.1-RC2
Merge pull request #396 from Telecominfraproject/master
2025-12-24 14:27:00 +00:00 · 2024-12-30 14:52:14 +00:00 · 2024-12-10 19:32:56 +00:00 · 2024-12-10 12:34:49 -05:00 · 2024-10-04 15:54:26 +00:00 · 2024-09-30 23:10:48 +00:00
9 changed files with 12 additions and 35 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -21,7 +21,7 @@ defaults:

 jobs:
  docker:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
    env:
      DOCKER_REGISTRY_URL: tip-tip-wlan-cloud-ucentral.jfrog.io
      DOCKER_REGISTRY_USERNAME: ucentral
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -11,7 +11,7 @@ defaults:

 jobs:
  helm-package:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
    env:
      HELM_REPO_URL: https://tip.jfrog.io/artifactory/tip-wlan-cloud-ucentral-helm/
      HELM_REPO_USERNAME: ucentral
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,5 +1,5 @@
 cmake_minimum_required(VERSION 3.13)
-project(owgw VERSION 4.0.0)
+project(owgw VERSION 3.2.1)

 set(CMAKE_CXX_STANDARD 20)
 set(CMAKE_CXX_STANDARD_REQUIRED True)
--- a/helm/values.yaml
+++ b/helm/values.yaml
@@ -9,7 +9,7 @@ fullnameOverride: ""
 images:
  owgw:
    repository: tip-tip-wlan-cloud-ucentral.jfrog.io/owgw
-    tag: v4.0.0
+    tag: v3.2.1
    pullPolicy: Always
 #    regcred:
 #      registry: tip-tip-wlan-cloud-ucentral.jfrog.io
--- a/src/AP_WS_Server.cpp
+++ b/src/AP_WS_Server.cpp
@@ -71,18 +71,14 @@ namespace OpenWifi {
 	bool AP_WS_Server::ValidateCertificate(const std::string &ConnectionId,
 										   const Poco::Crypto::X509Certificate &Certificate) {
 		if (IsCertOk()) {
-			// validate certificate agains trusted chain
-			for (const auto &cert : ClientCasCerts_) {
-				if (Certificate.issuedBy(cert)) {
-					return true;
-				}
-			}
-			poco_warning(
+			if (!Certificate.issuedBy(*IssuerCert_)) {
+				poco_warning(
 					Logger(),
-					fmt::format(
-						"CERTIFICATE({}): issuer mismatch. Certificate not issued by any trusted CA",
-						ConnectionId)
-					);
+					fmt::format("CERTIFICATE({}): issuer mismatch. Local='{}' Incoming='{}'",
+								ConnectionId, IssuerCert_->issuerName(), Certificate.issuerName()));
+				return false;
+			}
+			return true;
 		}
 		return false;
 	}
@@ -137,13 +133,6 @@ namespace OpenWifi {
 			Context->addChainCertificate(Issuing);
 			Context->addCertificateAuthority(Issuing);

-			// add certificates from clientcas to trust chain
-			ClientCasCerts_ = Poco::Net::X509Certificate::readPEM(Svr.ClientCas());
-			for (const auto &cert : ClientCasCerts_) {
-				Context->addChainCertificate(cert);
-				Context->addCertificateAuthority(cert);
-			}
-
 			Poco::Crypto::RSAKey Key("", Svr.KeyFile(), Svr.KeyFilePassword());
 			Context->usePrivateKey(Key);

--- a/src/AP_WS_Server.h
+++ b/src/AP_WS_Server.h
@@ -223,7 +223,6 @@ namespace OpenWifi {
 		mutable std::array<std::mutex,MACHashMax>		SerialNumbersMutex_;

 		std::unique_ptr<Poco::Crypto::X509Certificate> IssuerCert_;
-		std::vector<Poco::Crypto::X509Certificate> ClientCasCerts_;
 		std::list<std::unique_ptr<Poco::Net::HTTPServer>> WebServers_;
 		Poco::ThreadPool DeviceConnectionPool_{"ws:dev-pool", 4, 256};
 		Poco::Net::SocketReactor Reactor_;
--- a/src/CapabilitiesCache.h
+++ b/src/CapabilitiesCache.h
@@ -111,7 +111,7 @@ namespace OpenWifi {
 				i >> cache;

 				for (const auto &[Type, Platform] : cache.items()) {
-					Platforms_[Type] = Poco::toLower(Platform.get<std::string>());
+					Platforms_[Type] = Poco::toLower(to_string(Platform));
 				}
 			} catch (...) {
 			}
--- a/src/framework/SubSystemServer.cpp
+++ b/src/framework/SubSystemServer.cpp
@@ -68,16 +68,6 @@ namespace OpenWifi {
 				Context->addCertificateAuthority(Issuing);
 			}

-			if (!client_cas_.empty()) {
-				// add certificates specified in clientcas
-				std::vector<Poco::Crypto::X509Certificate> Certs =
-					Poco::Net::X509Certificate::readPEM(client_cas_);
-				for (const auto &cert : Certs) {
-					Context->addChainCertificate(cert);
-					Context->addCertificateAuthority(cert);
-				}
-			}
-
 			Poco::Crypto::RSAKey Key("", key_file_, key_file_password_);
 			Context->usePrivateKey(Key);

--- a/src/framework/SubSystemServer.h
+++ b/src/framework/SubSystemServer.h
@@ -45,7 +45,6 @@ namespace OpenWifi {
 		[[nodiscard]] inline auto KeyFile() const { return key_file_; };
 		[[nodiscard]] inline auto CertFile() const { return cert_file_; };
 		[[nodiscard]] inline auto RootCA() const { return root_ca_; };
-		[[nodiscard]] inline auto ClientCas() const { return client_cas_; };
 		[[nodiscard]] inline auto KeyFilePassword() const { return key_file_password_; };
 		[[nodiscard]] inline auto IssuerCertFile() const { return issuer_cert_file_; };
 		[[nodiscard]] inline auto Name() const { return name_; };
Author	SHA1	Message	Date
TIP Automation User	38efea87ea	Chg: update image tag in helm values to v3.2.1	2024-12-30 14:52:14 +00:00
TIP Automation User	e90491c394	Chg: update image tag in helm values to v3.2.1-RC2	2024-12-10 19:32:56 +00:00
Carsten Schafer	735c4d715c	Merge pull request #396 from Telecominfraproject/master WIFI-14165: Release 3.2.0 patch	2024-12-10 12:34:49 -05:00
TIP Automation User	5b703690b0	Chg: update image tag in helm values to v3.2.0	2024-10-04 15:54:26 +00:00
TIP Automation User	f8302ba9e1	Chg: update image tag in helm values to v3.2.0-RC3	2024-09-30 23:10:48 +00:00
i-chvets	62b99c2cb1	Merge pull request #389 from Telecominfraproject/version_update WIFI-14165: release 3.2 version update	2024-09-30 11:02:38 -04:00
TIP Automation User	5411b6b195	Chg: update image tag in helm values to v3.2.0-RC2	2024-09-27 17:09:29 +00:00
i-chvets	5ed98b724a	Merge pull request #384 from Telecominfraproject/master WIFI-14161: Release 3.2 sync with master	2024-09-27 11:46:07 -04:00
i-chvets	68f5bb42ff	Merge pull request #380 from Telecominfraproject/master WIFI-14165: Release 3.2 master sync	2024-09-26 11:08:09 -04:00
TIP Automation User	5867b6a1c0	Chg: update image tag in helm values to v3.2.0-RC1	2024-09-11 17:50:49 +00:00