Bug 528329

Summary: RHEVM - Backend - Fencing: Fencing command is sent as non-secure even when security is enabled
Product: [Other] Security Response Reporter: Daniel Paikov <dpaikov>
Component: vulnerabilityAssignee: Nobody <nobody>
Status: MODIFIED --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: srevivo
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Windows   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Daniel Paikov 2009-10-11 10:41:55 UTC 
The fencing commands Fence-Host and Get-PowerManagementStatus are sent as non-secured even when ManagementUseSecuredConnection=True.

The VDSM receives the commands with "secure=False":
Thread-195307::DEBUG::2009-10-11 10:58:32,866::clientIF::1046::vds::fenceNode(addr=10.35.64.120,port=,agent=drac5,user=root,passwd=XXXX,action=status,secure=False,options=)
Comment 1 Vitaly Elyashev 2009-10-12 12:27:34 UTC 
Please talk with Amos regarding requirements
Vitaly
Comment 2 Eli Mesika 2009-10-12 13:44:40 UTC 


Thread-23233::DEBUG::2009-10-12 09:31:25,842::clientIF::1044::vds::fenceNode(addr=10.35.109.20,port=,agent=ipmilan,user=USERID,passwd=XXXX,action=status,secure=true,options=)
Thread-23233::DEBUG::2009-10-12 09:31:26,044::clientIF::1064::vds::rc 0 in agent=fence_ipmilan
ipaddr=10.35.109.20
login=USERID
option=status
passwd=XXXX
secure
timeout=20
 out Getting status of IPMI:10.35.109.20...Chassis power = On
Done
Comment 3 Eli Mesika 2009-10-12 13:45:23 UTC 
At revision: 37573