Bug 1256967 - profile update in raw format accepts bad config
profile update in raw format accepts bad config
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: pki-core (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: rc
: 7.2
Assigned To: Matthew Harmsen
Asha Akkiangady
Depends On:
  Show dependency treegraph
Reported: 2015-08-25 18:34 EDT by Nathan Kinder
Modified: 2015-08-25 19:25 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2015-08-25 19:25:31 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Nathan Kinder 2015-08-25 18:34:37 EDT
This bug is created as a clone of upstream ticket:

Updating a profile with bad profile data will appear to succeed.  The new profile data will be saved to database, but will not be loaded correctly and existing profile data is used... until restart.  Then the profile will be skipped because it does not load properly.  Attempting to use, update or delete the profile will fail.  Attempting to import a new profile will probably also fail, because the LDAP entry already exists.

A manual ldapmodify with good profile data can restore the situation.

Proposed fix: attempt to initialise profile with new profile data received in raw format BEFORE writing to database and returning from call.  Bad data should result in status 400 with as much explanation as possible.

Note You need to log in before you can comment on or make changes to this bug.