Project

General

Profile

Actions
Copy link

Bug #162

closed

Certificate will not be removed when FQDN has uppercase letters

Added by Ric Danger almost 15 years ago. Updated almost 15 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Ohad Levy
Category:
PuppetCA
Target version:
0.1-4
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Hi,

I found out that pupept certificate will not be removed when the host FQDN has uppercase letters.

Regards,
Ricardo

Actions
Copy link
 #1

Updated by Ric Danger almost 15 years ago

  • % Done changed from 0 to 30

This patch should fix it.

diff rupN vendor/plugins/proxy/lib/proxy.rb vendor/plugins/proxy/lib/proxy.rb
-- vendor/plugins/proxy/lib/proxy.rb 2009-12-14 07:57:25.000000000 0000
++ vendor/plugins/proxy/lib/proxy.rb 2010-01-29 15:48:29.000000000 0000
@ -81,12 +81,12 @ module GW
return false
end
begin
- if (ssldir + "ca/signed/#{fqdn}.pem").file?
 if (ssldir + "ca/signed/#{fqdn.downcase}.pem").file?
command = "/usr/bin/sudo S #{@sbin}/puppetca --clean #{fqdn}< /dev/null"
logger.info system(command)
return true
else
 logger.warn ssldir + "PuppetCA: ca/signed/#{fqdn}.pem does not exists - skipping"
+ logger.warn ssldir + "PuppetCA: ca/signed/#{fqdn.downcase}.pem does not exists - skipping"
return true
end
rescue StandardError => e

Actions
Copy link
 #2

Updated by Ric Danger almost 15 years ago

  • Status changed from New to Closed
  • % Done changed from 30 to 100
Actions
Copy link
 #3

Updated by Ohad Levy almost 15 years ago

  • Status changed from Closed to New

Hi, its not yet closed as it was not pushed to the repo :)

what about the sign method ? isnt that affected as well?

you could generally do it in a oneliner, something like
fqdn.downcase! as the first line after the def line.

Actions
Copy link
 #4

Updated by Ric Danger almost 15 years ago

Ohad Levy wrote:

Hi, its not yet closed as it was not pushed to the repo :)

what about the sign method ? isnt that affected as well?

you could generally do it in a oneliner, something like
fqdn.downcase! as the first line after the def line.

Nop.
The problem was that foreman checks for the file on the ssl/signed directory, using the fqdn case.
Puppetca cert files are always lowercase. So, if the case was not matched, foreman would not run puppetca --clean.
Puppetca commands are case-insensitive, so there is no problem here.

Actions
Copy link
 #5

Updated by Ohad Levy almost 15 years ago

  • Category set to PuppetCA
  • Status changed from New to Assigned
  • Assignee set to Ohad Levy
  • Target version set to 0.1-4
Actions
Copy link
 #6

Updated by Ohad Levy almost 15 years ago

  • Status changed from Assigned to Ready For Testing
Actions
Copy link
 #7

Updated by Ohad Levy almost 15 years ago

  • Status changed from Ready For Testing to Closed
Actions
Copy link

Also available in: Atom PDF