[Freeipa-devel] [PATCH] 271 handle certificate decode errors in service
Rob Crittenden
rcritten at redhat.com
Tue Sep 15 14:04:10 UTC 2009
Pavel Zuna wrote:
> Rob Crittenden wrote:
>> In the service plugin we will attempt to revoke a server cert when a
>> service is deleted. Add some error handling around that effort.
>>
>> This fixes the self-tests.
>>
>> rob
> nack.
>
> Your "269 external CA signing, abstract RA" already handles them inside
> get_serial(). However, there is a difference. This patch allows the
> entry to be deleted even if the it fails to revoke the certificate. If
> that is the main purpose, we still need to rewrite it to apply against
> your 269 patch (in which case I will probably have to do some small
> fixes to my service patch, but don't worry about that).
Ok, good catch and good point.
Upon further reflection, I'm not sure what we should do if we can't
decode a certificate, may need to ask Andrew.
Remember that this deletion can take place in the context of deleting a
host. I'm not sure if stopping the whole process should be stopped or not.
I think we should probably catch different levels of errors. If we
simply can't decode the cert then perhaps, as in the case of my bogus
test case, we stick junk in there. If we can't decode the cert then
there is no chance of revoking it.
We also need a separate catch around the revocation so we can catch
errors there, such as "you are not allowed to perform this operation".
This could easily happen if someone that can create/delete hosts and
services but not manage certificates removes a host. Seems like this
opens a pretty big bag of worms.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20090915/1c4bc4fa/attachment.bin>
More information about the Freeipa-devel
mailing list