Bug 1115993 - [engine-setup] websocket proxy CSR should be saved also on filesystem
Summary: [engine-setup] websocket proxy CSR should be saved also on filesystem
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: oVirt
Classification: Retired
Component: ovirt-engine-core
Version: 3.5
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 3.5.0
Assignee: Simone Tiraboschi
QA Contact: Jiri Belka
URL:
Whiteboard: integration
Depends On:
Blocks: 1116017
TreeView+ depends on / blocked
 
Reported: 2014-07-03 13:14 UTC by Jiri Belka
Modified: 2014-10-17 12:21 UTC (History)
10 users (show)

Fixed In Version: ovirt-3.5.0_rc2
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1118328 (view as bug list)
Environment:
Last Closed: 2014-10-17 12:21:09 UTC
oVirt Team: ---


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
oVirt gerrit 30910 master MERGED packaging: setup: Making separate WSP CSR available also in temp file Never
oVirt gerrit 31752 ovirt-engine-3.5 MERGED packaging: setup: Making separate WSP CSR available also in temp file Never

Description Jiri Belka 2014-07-03 13:14:44 UTC
Description of problem:
websocket proxy CSR should be saved also on filesystem. why?

1. i don't like copy & paste ..or.. i just used vnc/whatever and copy&paste is not working
2. i lost login session and history with CSR is lost

Version-Release number of selected component (if applicable):
ovirt-engine-setup-base-3.5.0-0.0.master.20140629172257.git0b16ed7.el6.noarch
ovirt-engine-setup-plugin-ovirt-engine-common-3.5.0-0.0.master.20140629172257.git0b16ed7.el6.noarch
ovirt-engine-setup-plugin-websocket-proxy-3.5.0-0.0.master.20140629172257.git0b16ed7.el6.noarch
ovirt-engine-setup-plugin-ovirt-engine-3.5.0-0.0.master.20140629172257.git0b16ed7.el6.noarch

How reproducible:
100%

Steps to Reproduce:
1. engine-setup
2. find /etc/pki/ovirt-engine /etc/ovirt-engine
3.

Actual results:
CSR is not saved on the disk

Expected results:
should be saved there as a backup

Additional info:

Comment 1 Alon Bar-Lev 2014-07-31 14:07:41 UTC
just to make sure, the csr will be saved in addition to presenting it at the local host at /tmp not at /etc or any persistent location. the file at /tmp must be unique to avoid naming attacks.

Comment 2 Jiri Belka 2014-09-25 12:45:40 UTC
ok, rhevm-setup-plugin-websocket-proxy-3.5.0-0.13.beta.el6ev.noarch

# engine-setup
...         
          The certificate signing request is available at:
          /tmp/tmpuy6z8a
...

# openssl req -in /tmp/tmpuy6z8a -verify
verify OK
-----BEGIN CERTIFICATE REQUEST-----
MIICRDCCASwCADAAMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LWm
fcbHp8ZgKaNrK5GO/rzfyyw8aS7FLahnF9WXxHQVEa449kw7dwnLuyyZ0Mw6cizc
O1grYLNpArOpWDqpTy89W3RjkcnVH3l5moe0Gx6D641JnUvR3nZysVJEyGAL92aJ
9UclLR7G00TeZn4HZ2EP3ssAnyda9Ru4vIhzXfNqRZ7XFKq6MxeNtJCMtruy30X3
Zitkl7HRHXpNk1y0jBr3rv8yUTPIQUvnU6hKb1aBI/RJPQm/IP8SVbmxyGPH/TqW
nNBWArSqeUcevYsyc2CCFx0Azade2Qvly9kdOTzbykqJ24/3Hne8rmhZEwwq/Fd4
b/2ATi331qkIJ1egbQIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAEhLMSNUyNjF
O9YTaHkiG2Xh/nTYBrynZ4vWgZcoTbdnDANXUuQi5sK9TCHBqVIpvcYWmpLS6wdS
t2iqhzGTJEhfmtJAyew20PuxtfjIntWy3NOn8SoOVKoQPpOLXjqmXk1QSFXl0nvZ
WRzBIC+oeITzSkqukIhhTVpDUV39O8AwsBRGwxFAQgfjMzGcmA2ti7V/NxfG+1dW
ClphPLBO4fnNIU6RI6LANgYkYhkBbY/GQTP7klDgxVPAZF7Fab1gcshbv6+H+g/c
4Jo1Fp/6jwm0xxBdK+DsP6E8Vt7JD5a57gDKxNM9iDDaJllVM2SoaWh6obznRSXM
xY1GKFet4js=
-----END CERTIFICATE REQUEST-----

Comment 3 Sandro Bonazzola 2014-10-17 12:21:09 UTC
oVirt 3.5 has been released and should include the fix for this issue.


Note You need to log in before you can comment on or make changes to this bug.