Merged PR 19384: [6.0] MSRC 68121 - SFB - ASP.NET Core Client Certificate...
Merged PR 19384: [6.0] MSRC 68121 - SFB - ASP.NET Core Client Certificate Validation Check Bypasses Revocation Check with Cache MSRC 68121 - SFB - ASP.NET Core Client Certificate Validation Check Bypasses Revocation Check with Cache CRM:0331001790 Fixes an issue with certificate validation results being stored indefinitely due to sliding expiration keeping it alive. The fix just adds an absolute expiration of 30 minutes. Customer Impact: This issue prevents certificate revocation if the certificate is in use as the certificate would never be rechecked for revocation due to sliding keeping the result in the cache. Regression: No Risk: Low Verification Unit test Packaging changes reviewed? TBD: need patchconfig edits?
显示
- src/Security/Authentication/Certificate/src/AssemblyInfo.cs 6 个添加, 0 个删除src/Security/Authentication/Certificate/src/AssemblyInfo.cs
- src/Security/Authentication/Certificate/src/CertificateValidationCache.cs 34 个添加, 8 个删除...hentication/Certificate/src/CertificateValidationCache.cs
- src/Security/Authentication/test/CertificateTests.cs 120 个添加, 2 个删除src/Security/Authentication/test/CertificateTests.cs
加载中
想要评论请 注册 或 登录