[Bug 1879525] Re: Add TLS support
Dimitri John Ledkov
1879525 at bugs.launchpad.net
Mon Jun 8 13:52:44 UTC 2020
Build focal subiquity image with proposed enabled and busybox version
1:1.30.1-4ubuntu6.1 at
https://launchpad.net/~xnox/+livefs/ubuntu/focal/any/+build/221093
downloaded just the initrd & vmlinuz.
Waited for it to fail to boot, and sourced /scripts/functions and
executed configure_networking.
Downloaded https://start.ubuntu.com successfully
Failed to download https://untrusted-root.badssl.com
Verification successful.
** Tags removed: verification-needed verification-needed-focal
** Tags added: verification-done verification-done-focal
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to busybox in Ubuntu.
https://bugs.launchpad.net/bugs/1879525
Title:
Add TLS support
Status in busybox package in Ubuntu:
Fix Released
Status in busybox source package in Focal:
Fix Committed
Bug description:
[Impact]
* busybox in the initramfs provides wget applet that is used by casper for netboot support
* It does not support https at the moment, but it is desirable that it does
* There is built-in TLS code, or "fork & execute openssl"
* Enable the later one, and optionally include /usr/bin/openssl & certs, when building casper-like initrds which should support netboot.
[Test Case]
* Boot casper created initrd, with break=bottom
* Configure dhcp based networking
* Attempt to wget https://start.ubuntu.com/connectivity-check
* It should succeed
[Regression Potential]
* The openssl codepath is optional in busybox wget, and we only include openssl & certs for casper.
* The casper based initrd will grow in size, due to inclusion of openssl & certs
[Other Info]
* Parity with d-i, which includes https support already
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/busybox/+bug/1879525/+subscriptions
More information about the foundations-bugs
mailing list