Bug 1288188

Summary: Remove connection fallback to non ssl for Openstack providers
Product: Red Hat CloudForms Management Engine Reporter: John Prause <jprause>
Component: ProvidersAssignee: Ladislav Smola <lsmola>
Status: CLOSED ERRATA QA Contact: Nandini Chandra <nachandr>
Severity: high Docs Contact:
Priority: high    
Version: 5.5.0CC: cpelland, dajohnso, gblomqui, jfrey, jhardy, lsmola, mcornea, nachandr, obarenbo
Target Milestone: GAKeywords: ZStream
Target Release: 5.5.2   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 5.5.2.1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1286629 Environment:
Last Closed: 2016-02-10 15:21:55 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1286629    
Bug Blocks:    

Comment 2 CFME Bot 2016-01-12 13:32:29 UTC 
New commit detected on cfme/5.5.z:
https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=5f937ed3c8f42aea23a0dd689464159419804e52

commit 5f937ed3c8f42aea23a0dd689464159419804e52
Merge: f47b7ad 3e84fba
Author:     Greg Blomquist <gblomqui>
AuthorDate: Tue Jan 12 08:28:35 2016 -0500
Commit:     Greg Blomquist <gblomqui>
CommitDate: Tue Jan 12 08:28:35 2016 -0500

    Merge branch 'bz1288188' into '5.5.z'
    
    Bz1288188
    
    Correct SSL handling for OpenStack provider and removing fallback to non ssl
    
    5.5.z bugfix for:
    https://bugzilla.redhat.com/show_bug.cgi?id=1288188
    
    Conflicts in UI form of:
    https://github.com/ManageIQ/manageiq/pull/5296
    Conflicts:
    	app/views/shared/views/ems_common/angular/_form.html.haml
    
    Clean cherry-pick of:
    https://github.com/ManageIQ/manageiq/pull/5862
    
    Conflicts in test due to rspec should -> expect change:
    https://github.com/ManageIQ/manageiq/pull/5637
    Conflicts:
    	gems/pending/spec/openstack/openstack_handle/handle_spec.rb
    
    
    See merge request !706

 .../ems_common/ems_common_form_controller.js       |  3 ++
 app/controllers/ems_cloud_controller.rb            | 38 +++++++++--------
 app/controllers/ems_common.rb                      | 38 +++++++++++++++--
 app/models/ext_management_system.rb                |  4 ++
 .../manageiq/providers/openstack/cloud_manager.rb  |  4 ++
 .../manageiq/providers/openstack/infra_manager.rb  |  4 ++
 .../manageiq/providers/openstack/manager_mixin.rb  |  2 +-
 app/views/ems_infra/_form_fields.html.haml         |  2 +-
 .../views/ems_common/angular/_form.html.haml       | 11 +++++
 gems/pending/openstack/openstack_handle/handle.rb  | 48 +++++++++++-----------
 .../openstack_handle/identity_delegate.rb          |  2 +-
 .../spec/openstack/openstack_handle/handle_spec.rb | 17 ++------
 12 files changed, 112 insertions(+), 61 deletions(-)
Comment 4 Nandini Chandra 2016-01-20 18:52:34 UTC 
Verified the following in 5.5.2.1

1)SSL that requires validation 
  expected result : If certificate validation fails then the connection fails 
2)SSL that doesn't  require validation 
 exp result : If certificate validation fails then it should continue with an encrypted connection and not fallback to non-ssl connection (unencrypted). Provider refresh succeeded.
Comment 5 errata-xmlrpc 2016-02-10 15:21:55 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:0159