[Bug 1555562] Re: lastpass-cli changed bundled CA certificates
zasran
1555562 at bugs.launchpad.net
Thu May 24 21:35:22 UTC 2018
Why is this hardcoded instead of being configurable? The problem keeps
happening again and again rendering lpass useless for long period of
times and there doesn't seem to be any improvement in sight.
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1555562
Title:
lastpass-cli changed bundled CA certificates
Status in lastpass-cli package in Ubuntu:
Fix Committed
Status in lastpass-cli source package in Bionic:
In Progress
Bug description:
[Impact]
lastpass.com provisioned a new SSL certificate on their servers.
Their packaged client use their API via SSL, and pin which certificates are allowed to sign their certificate.
Since the new certificate is signed by certificate not in the list, we need to patch it in for the client to allow connections.
The client in it's current state is useless and errors out with:
"Error: Peer certificate cannot be authenticated with given CA
certificates." for all operations working against the API, which is
almost all of them.
Upstream bug: https://github.com/lastpass/lastpass-cli/issues/409
Upstream fix: https://github.com/lastpass/lastpass-cli/commit/b888411b042df9414d1d78d99332b672e65c4eb9
[Test Case]
`lpass login test at example.com` will cause an error: "Error: Peer
certificate cannot be authenticated with given CA certificates."
[Regression Potential]
The application is already unusable, but even if we consider a working
version we're only adding a couple of SSL certificates to the
validation list.
[Other info]
I would suggest we pocket copy lastpass-cli=1.0.0-1.2ubuntu2 from
cosmic to bionic-proposed.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lastpass-cli/+bug/1555562/+subscriptions
More information about the Ubuntu-sponsors
mailing list