Bug 1286629
| Summary: | Remove connection fallback to non ssl for Openstack providers | |||
|---|---|---|---|---|
| Product: | Red Hat CloudForms Management Engine | Reporter: | Marius Cornea <mcornea> | |
| Component: | Providers | Assignee: | Ladislav Smola <lsmola> | |
| Status: | CLOSED ERRATA | QA Contact: | Ola Pavlenko <opavlenk> | |
| Severity: | high | Docs Contact: | ||
| Priority: | high | |||
| Version: | 5.5.0 | CC: | cpelland, dajohnso, gblomqui, jfrey, jhardy, jocarter, jprause, nachandr, obarenbo | |
| Target Milestone: | GA | |||
| Target Release: | 5.6.0 | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | provider:openstack | |||
| Fixed In Version: | 5.6.0.0 | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1288188 (view as bug list) | Environment: | ||
| Last Closed: | 2016-06-29 15:13:37 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1288188 | |||
|
Description
Marius Cornea
2015-11-30 11:29:16 UTC
New commit detected on cfme/5.5.z: https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=3e84fba0ba67788074f4bebc59ea0ef913c82eeb commit 3e84fba0ba67788074f4bebc59ea0ef913c82eeb Author: Ladislav Smola <lsmola> AuthorDate: Mon Nov 16 13:59:18 2015 +0100 Commit: Ladislav Smola <lsmola> CommitDate: Tue Jan 12 11:29:54 2016 +0100 Remove fallback to https When ssl is chosen, data should be always send in encrypted form, fallback to non ssl when ssl is not available breaks it. Also validation will always return valid, while silenty failing and switching to non ssl. Only downside is that it's not backwards compatible. New default will be SSl without validation, so provider needs to be edited to what is really supported, otherwise validation and refresh will fail. Fixes BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1286629 Conflicts: gems/pending/spec/openstack/openstack_handle/handle_spec.rb gems/pending/openstack/openstack_handle/handle.rb | 10 ---------- .../spec/openstack/openstack_handle/handle_spec.rb | 17 +++-------------- 2 files changed, 3 insertions(+), 24 deletions(-) New commit detected on ManageIQ/manageiq/master: https://github.com/ManageIQ/manageiq/commit/4bbf6953e8f4744f0744f8117075241fad2bc410 commit 4bbf6953e8f4744f0744f8117075241fad2bc410 Author: Ladislav Smola <lsmola> AuthorDate: Mon Nov 16 13:59:18 2015 +0100 Commit: Ladislav Smola <lsmola> CommitDate: Tue Jan 12 10:49:32 2016 +0100 Remove fallback to https When ssl is chosen, data should be always send in encrypted form, fallback to non ssl when ssl is not available breaks it. Also validation will always return valid, while silenty failing and switching to non ssl. Only downside is that it's not backwards compatible. New default will be SSl without validation, so provider needs to be edited to what is really supported, otherwise validation and refresh will fail. Fixes BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1286629 gems/pending/openstack/openstack_handle/handle.rb | 10 ---------- gems/pending/spec/openstack/openstack_handle/handle_spec.rb | 13 +------------ 2 files changed, 1 insertion(+), 22 deletions(-) No, this needs to stay open so we can make certain the same patch made it onto the CF 4.1 branch. We did test this and it was verified working on 5.5 with its clone, bug 1288188 Adding SSL connection with broken settings errors - no fallback to non ssl verified on 5.6.0.10-rc2.1.20160607103248_d06c141 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2016:1348 |