Bug 865822 - Providing wrong password for /etc/pki/rhui/entitlement-ca.crt leads to unhandled error in rhui-manager
Providing wrong password for /etc/pki/rhui/entitlement-ca.crt leads to unhand...
Status: CLOSED ERRATA
Product: Red Hat Update Infrastructure for Cloud Providers
Classification: Red Hat
Component: Tools (Show other bugs)
2.1
Unspecified Unspecified
high Severity unspecified
: ---
: 2.1.1
Assigned To: James Slagle
mkovacik
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-10-12 10:18 EDT by Vitaly Kuznetsov
Modified: 2013-02-27 11:59 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
When the wrong password is provided for the entitlement certificate CA, an unhandled exception error occurred in rhui-manager. This bug fix updates identity_cert.py and launcher.py. The error is handled and logged.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-02-27 11:59:47 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Vitaly Kuznetsov 2012-10-12 10:18:18 EDT
Description of problem:

Providing wrong password for /etc/pki/rhui/entitlement-ca.crt leads to unhandled error in rhui-manager:

]# rhui-manager
A RHUI identity certificate is required to use RHUI Tools but was not found.
A new identity certificate will be generated now using the CA certificate
found at /etc/pki/rhui/entitlement-ca.crt.

Enter the number of days the RHUI identity certificate will be valid.  
If the identity certificate ever expires, it will need to be 
regenerated using rhui-manager [Default: 3650]: 
...+++
............................................................+++
Enter pass phrase for /etc/pki/rhui/entitlement-ca-key.pem:
Traceback (most recent call last):
  File "/usr/bin/rhui-manager", line 16, in <module>
    rhui.tools.launcher.main()
  File "/usr/lib/python2.6/site-packages/rhui/tools/launcher.py", line 334, in main
    repo_update = _ensure_identity_cert(config, prompt)
  File "/usr/lib/python2.6/site-packages/rhui/tools/launcher.py", line 271, in _ensure_identity_cert
    identity_cert.generate_and_save(config, days)
  File "/usr/lib/python2.6/site-packages/rhui/tools/identity_cert.py", line 55, in generate_and_save
    return ret_code 
NameError: global name 'ret_code' is not defined


Version-Release number of selected component (if applicable):
rh-rhui-tools-2.1.10-1.el6_3.noarch

How reproducible:


Steps to Reproduce:
1. Start rhui-manager for the first time
2. Provide proper signing CA certificate and key
3. Enter wrong password for certificate (more than 4 letters)
  
Actual results:
Python trace (listed above)

Expected results:
"Wrong password" reporting

Additional info:
Comment 1 mkovacik 2013-01-16 10:48:06 EST
Shall the rhui-manager ask for the password again if an incorrect one has been provided?
Comment 2 James Slagle 2013-01-28 12:16:40 EST
fixed in cloude commit 37e2cbaad9fd71d6e7724225b51100fe973dca14
Comment 3 Vitaly Kuznetsov 2013-02-04 08:16:40 EST
# rpm -q rh-rhui-tools 
rh-rhui-tools-2.1.15-1.el6_3.noarch

[root@rhua ~]# rm -rf /etc/pki/rhui/entitlement-ca.crt /etc/pki/rhui/entitlement-ca-key.pem /etc/pki/rhui/identity.crt /etc/pki/rhui/identity.key /root/.rhui && echo SUCCESS
SUCCESS
[root@rhua ~]# rhui-manager
/etc/rhui/pem/ca.crt
An entitlement signing CA certificate is required to use RHUI Tools
but was not found.

Full path to the new signing CA certificate:

Full path to the new signing CA certificate private key:
/etc/rhui/pem/ca.key

A RHUI identity certificate is required to use RHUI Tools but was not found.
A new identity certificate will be generated now using the CA certificate
found at /etc/pki/rhui/entitlement-ca.crt.

Enter the number of days the RHUI identity certificate will be valid.  
If the identity certificate ever expires, it will need to be 
regenerated using rhui-manager [Default: 3650]: 
......................................................................................................................................+++
..........................................................+++
Enter pass phrase for /etc/pki/rhui/entitlement-ca-key.pem:
Error creating identity certificate, check the log file for more information
Comment 5 errata-xmlrpc 2013-02-27 11:59:47 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0571.html

Note You need to log in before you can comment on or make changes to this bug.