1115993 – [engine-setup] websocket proxy CSR should be saved also on filesystem

Bug 1115993 - [engine-setup] websocket proxy CSR should be saved also on filesystem

Summary: [engine-setup] websocket proxy CSR should be saved also on filesystem

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	oVirt
Classification:	Retired
Component:	ovirt-engine-core
Sub Component:
Version:	3.5
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	3.5.0
Assignee:	Simone Tiraboschi
QA Contact:	Jiri Belka
Docs Contact:
URL:
Whiteboard:	integration
Depends On:
Blocks:	1116017
TreeView+	depends on / blocked

Reported:	2014-07-03 13:14 UTC by Jiri Belka
Modified:	2014-10-17 12:21 UTC (History)
CC List:	10 users (show)
Fixed In Version:	ovirt-3.5.0_rc2
Clone Of:
Clones:	1118328 (view as bug list)
Environment:
Last Closed:	2014-10-17 12:21:09 UTC
oVirt Team:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
oVirt gerrit	30910	0	master	MERGED	packaging: setup: Making separate WSP CSR available also in temp file	Never
oVirt gerrit	31752	0	ovirt-engine-3.5	MERGED	packaging: setup: Making separate WSP CSR available also in temp file	Never

Description Jiri Belka 2014-07-03 13:14:44 UTC

Description of problem:
websocket proxy CSR should be saved also on filesystem. why?

1. i don't like copy & paste ..or.. i just used vnc/whatever and copy&paste is not working
2. i lost login session and history with CSR is lost

Version-Release number of selected component (if applicable):
ovirt-engine-setup-base-3.5.0-0.0.master.20140629172257.git0b16ed7.el6.noarch
ovirt-engine-setup-plugin-ovirt-engine-common-3.5.0-0.0.master.20140629172257.git0b16ed7.el6.noarch
ovirt-engine-setup-plugin-websocket-proxy-3.5.0-0.0.master.20140629172257.git0b16ed7.el6.noarch
ovirt-engine-setup-plugin-ovirt-engine-3.5.0-0.0.master.20140629172257.git0b16ed7.el6.noarch

How reproducible:
100%

Steps to Reproduce:
1. engine-setup
2. find /etc/pki/ovirt-engine /etc/ovirt-engine
3.

Actual results:
CSR is not saved on the disk

Expected results:
should be saved there as a backup

Additional info:

Comment 1 Alon Bar-Lev 2014-07-31 14:07:41 UTC

just to make sure, the csr will be saved in addition to presenting it at the local host at /tmp not at /etc or any persistent location. the file at /tmp must be unique to avoid naming attacks.

Comment 2 Jiri Belka 2014-09-25 12:45:40 UTC

ok, rhevm-setup-plugin-websocket-proxy-3.5.0-0.13.beta.el6ev.noarch

# engine-setup
...         
          The certificate signing request is available at:
          /tmp/tmpuy6z8a
...

# openssl req -in /tmp/tmpuy6z8a -verify
verify OK
-----BEGIN CERTIFICATE REQUEST-----
MIICRDCCASwCADAAMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LWm
fcbHp8ZgKaNrK5GO/rzfyyw8aS7FLahnF9WXxHQVEa449kw7dwnLuyyZ0Mw6cizc
O1grYLNpArOpWDqpTy89W3RjkcnVH3l5moe0Gx6D641JnUvR3nZysVJEyGAL92aJ
9UclLR7G00TeZn4HZ2EP3ssAnyda9Ru4vIhzXfNqRZ7XFKq6MxeNtJCMtruy30X3
Zitkl7HRHXpNk1y0jBr3rv8yUTPIQUvnU6hKb1aBI/RJPQm/IP8SVbmxyGPH/TqW
nNBWArSqeUcevYsyc2CCFx0Azade2Qvly9kdOTzbykqJ24/3Hne8rmhZEwwq/Fd4
b/2ATi331qkIJ1egbQIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAEhLMSNUyNjF
O9YTaHkiG2Xh/nTYBrynZ4vWgZcoTbdnDANXUuQi5sK9TCHBqVIpvcYWmpLS6wdS
t2iqhzGTJEhfmtJAyew20PuxtfjIntWy3NOn8SoOVKoQPpOLXjqmXk1QSFXl0nvZ
WRzBIC+oeITzSkqukIhhTVpDUV39O8AwsBRGwxFAQgfjMzGcmA2ti7V/NxfG+1dW
ClphPLBO4fnNIU6RI6LANgYkYhkBbY/GQTP7klDgxVPAZF7Fab1gcshbv6+H+g/c
4Jo1Fp/6jwm0xxBdK+DsP6E8Vt7JD5a57gDKxNM9iDDaJllVM2SoaWh6obznRSXM
xY1GKFet4js=
-----END CERTIFICATE REQUEST-----

Comment 3 Sandro Bonazzola 2014-10-17 12:21:09 UTC

oVirt 3.5 has been released and should include the fix for this issue.

Note You need to log in before you can comment on or make changes to this bug.