Bug #823
X509 auth driver should check errors when encripting
Status: | Closed | Start date: | 09/23/2011 | |
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 0% | |
Category: | Drivers - Auth | |||
Target version: | - | |||
Resolution: | wontfix | Pull request: | ||
Affected Versions: | OpenNebula 3.8 |
Description
An exception is returned if the data to be encripted is too large for that key size.
OpenSSL::PKey::RSAError - data too large for key size:
/srv/cloud/one/lib/ruby/x509_auth.rb:178:in `private_encrypt'
History
#1 Updated by Ruben S. Montero almost 9 years ago
- Category set to Drivers - Auth
- Target version set to Release 4.0
Also other errors should be more clearly shown in the logs. For example wrong permissions in r/the CA hash files make the authentication fails with a cryptic message:
/usr/lib/one/ruby/x509_auth.rb:183: `data greater than mod len'
(OpenSSL::PKey::RSAError)
from /usr/lib/one/ruby/x509_auth.rb:183:in `decrypt'
from /usr/lib/one/ruby/x509_auth.rb:116:in `authenticate'
from authenticate:50
/usr/lib/one/ruby/x509_auth.rb:183:
@cert_chain0.public_key.public_decrypt(Base64::decode64(data)
Reported by Uli in the maling list (THANKS!)
#2 Updated by Ruben S. Montero over 8 years ago
- Tracker changed from Feature to Bug
- Affected Versions OpenNebula 3.8 added
#3 Updated by Ruben S. Montero over 8 years ago
- Target version changed from Release 4.0 to Release 4.2
#4 Updated by Ruben S. Montero about 8 years ago
- Target version deleted (
Release 4.2)
#5 Updated by Ruben S. Montero over 6 years ago
- Status changed from New to Closed
- Resolution set to wontfix