Bug 1723676
Summary: | Change md5 checksum used in GlusterHooks calls | ||||||
---|---|---|---|---|---|---|---|
Product: | [Red Hat Storage] Red Hat Gluster Storage | Reporter: | SATHEESARAN <sasundar> | ||||
Component: | rhhi | Assignee: | Sahina Bose <sabose> | ||||
Status: | CLOSED ERRATA | QA Contact: | SATHEESARAN <sasundar> | ||||
Severity: | high | Docs Contact: | |||||
Priority: | high | ||||||
Version: | rhhiv-1.6 | CC: | bugs, godas, jcall, rbarry, rhs-bugs, sabose, seamurph | ||||
Target Milestone: | --- | Keywords: | ZStream | ||||
Target Release: | RHHI-V 1.6.z Async Update | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: |
Previously, gluster hook scripts were verified across multiple servers using an MD5 checksum. However, the MD5 checksum failed on FIPS enabled systems. SHA256 is now used instead of MD5 to checksum hook scripts.
|
Story Points: | --- | ||||
Clone Of: | 1709201 | Environment: | |||||
Last Closed: | 2019-10-03 12:24:01 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 1709201 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
SATHEESARAN
2019-06-25 06:55:32 UTC
Tested with RHV 4.3.5.4 and RHGS 3.4.4 async ( glusterfs-3.12.2-47.2 ) Gluster Hooks are not available under the cluster for the first time, then later when syncing them, all the available and enabled hooks are listed promptly. But when trying to 'resolve conflicts' - the wizard shows 'MD5sum', but its actually the 'sha256sum' Its just the UI misdirection. The other major issue is that, when actually 'resolving conflicts' by copying the hook scripts to the missing host, null pointer exception is seen Based on the above reasons, marking this bug as failed verification Created attachment 1591786 [details]
engine.log.snip
Discussed with Sahina on this bug as it failed verification. As the fix is not complete, this bug have to be targeted for RHV 4.3.6 (In reply to SATHEESARAN from comment #3) > Discussed with Sahina on this bug as it failed verification. > > As the fix is not complete, this bug have to be targeted for RHV 4.3.6 Just to be clear - the md5 checksum change is implemented and part of 4.3.5. So the initial issue logged about errors seen on FIPS enabled system has been resolved. The bug is Failed QA due to the functionality being broken in "Resolve conflicts" where the hook script is copied to all servers - this feature is a seldom used feature. I would have preferred a separate bug for this one. I still do see exception while copying the hooks. I will raise a separate bug for the same. This bug is specific about implementation of sha256sum for hook scripts instead of md5sum. That is done and verified with ovirt-engine-4.3.6.3 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:2963 |