2017-03-29 15:34:03 +00:00
|
|
|
===========================
|
|
|
|
|
Salt 2016.3.7 Release Notes
|
|
|
|
|
===========================
|
|
|
|
|
|
|
|
|
|
Version 2016.3.7 is a bugfix release for :ref:`2016.3.0 <release-2016-3-0>`.
|
2017-04-17 19:20:45 +00:00
|
|
|
|
|
|
|
|
New master configuration option `allow_minion_key_revoke`, defaults to True. This option
|
|
|
|
|
controls whether a minion can request that the master revoke its key. When True, a minion
|
|
|
|
|
can request a key revocation and the master will comply. If it is False, the key will not
|
|
|
|
|
be revoked by the msater.
|
|
|
|
|
|
2017-06-08 19:18:53 +00:00
|
|
|
New master configuration option `require_minion_sign_messages`
|
|
|
|
|
This requires that minions cryptographically sign the messages they
|
|
|
|
|
publish to the master. If minions are not signing, then log this information
|
|
|
|
|
at loglevel 'INFO' and drop the message without acting on it.
|
|
|
|
|
|
|
|
|
|
New master configuration option `drop_messages_signature_fail`
|
|
|
|
|
Drop messages from minions when their signatures do not validate.
|
|
|
|
|
Note that when this option is False but `require_minion_sign_messages` is True
|
|
|
|
|
minions MUST sign their messages but the validity of their signatures
|
|
|
|
|
is ignored.
|
|
|
|
|
|
|
|
|
|
New minion configuration option `minion_sign_messages`
|
|
|
|
|
Causes the minion to cryptographically sign the payload of messages it places
|
|
|
|
|
on the event bus for the master. The payloads are signed with the minion's
|
|
|
|
|
private key so the master can verify the signature with its public key.
|
