sts-sponsors team mailing list archive

Thread
Date

[Bug 1820083] [NEW] TLS params not set for session

To: sts-sponsors@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1820083@xxxxxxxxxxxxxxxxxx>
Date: Thu, 14 Oct 2021 23:55:48 -0000
Reply-to: Bug 1820083 <1820083@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

You have been subscribed to a public bug by Dan Streetman (ddstreet):

[Impact]

A connection session is opened, but the TLS parameters (timeout, ca,
cert and key) are not actually set for the session.  This prevents use
of TLS for the etcd3gw package.

[Test Plan]

# Create self signed certs, using the default for all prompts

$ openssl req -addext "subjectAltName = DNS:localhost" -x509 -keyout
localhost.key -newkey rsa:4096 -nodes -sha256 -out localhost.crt

# install 'etcd' package, stop the default server, and spin up ectd
server

$ sudo apt install etcd
$ sudo systemctl stop etcd

$ etcd --name test --data-dir test --cert-file=localhost.crt --key-
file=localhost.key --advertise-client-urls=https://localhost:2379
--listen-client-urls=https://localhost:2379

# run test script

$ cat test.py
#!/usr/bin/python3

from etcd3gw import Etcd3Client

c = Etcd3Client(host="localhost", protocol="https", cert_key="localhost.key", cert_cert="localhost.crt", ca_cert="localhost.crt", timeout=10)
c.put('test', 'success!')
resp = c.get('test')
print(b''.join(resp).decode())

$ ./test.py
success!

[Where Problems Could Occur]

This adds TLS parameters (if provided) to the session, so regressions
would involve failed connections, possibly those without TLS that had
TLS params incorrectly provided before.

[Other]

the upstream bug is https://github.com/dims/etcd3-gateway/issues/20
fixed upstream with pull request https://github.com/dims/etcd3-gateway/pull/21
via commit 90b7a19cdc4daa1230d7f15c10b113abdefdc8c0

that commit is contained in version 0.2.2 which is already in h, so this
is needed in b/f/g.  This package was not included in Xenial.

** Affects: python-etcd3gw (Ubuntu)
     Importance: Medium
         Status: Fix Released

** Affects: python-etcd3gw (Ubuntu Bionic)
     Importance: Medium
     Assignee: Heather Lemon (hypothetical-lemon)
         Status: In Progress

** Affects: python-etcd3gw (Ubuntu Cosmic)
     Importance: Medium
         Status: Won't Fix

** Affects: python-etcd3gw (Ubuntu Disco)
     Importance: Medium
         Status: Won't Fix

** Affects: python-etcd3gw (Ubuntu Eoan)
     Importance: Medium
         Status: Won't Fix

** Affects: python-etcd3gw (Ubuntu Focal)
     Importance: Medium
     Assignee: Heather Lemon (hypothetical-lemon)
         Status: In Progress

** Affects: python-etcd3gw (Ubuntu Groovy)
     Importance: Medium
     Assignee: Heather Lemon (hypothetical-lemon)
         Status: Won't Fix

** Affects: python-etcd3gw (Ubuntu Hirsute)
     Importance: Medium
         Status: Fix Released


** Tags: patch sts sts-sponsor sts-sponsor-slashd
-- 
TLS params not set for session
https://bugs.launchpad.net/bugs/1820083
You received this bug notification because you are a member of STS Sponsors, which is subscribed to the bug report.