-
u.schuster released this
2026-04-25 21:39:57 +02:00 | 19 commits to main since this releaseNew virtual hook on IRuntimeConfig, defaulting to isLoopback() so existing
consumers keep their current behaviour. AuthInterceptor now consults
certAuthTrusted() (instead of isLoopback() directly) to decide whether to
honour an inbound X-SSL-Client-DN header.Operators with an SSH tunnel to a loopback bind, or a non-TLS proxy that
forwards X-SSL-Client-DN from untrusted clients, can now override the
hook to require additional gating (e.g. an env var, a TLS-only port).Bump to 0.3.5 (additive — no consumer break).
Closes #5
Co-Authored-By: Claude Opus 4.7 (1M context) noreply@anthropic.com
Downloads
-
Source code (ZIP)
1 download
-
Source code (TAR.GZ)
1 download
-
Source code (ZIP)