[Bug 1820083] Re: TLS params not set for session
Dan Streetman
1820083 at bugs.launchpad.net
Thu Oct 14 23:55:38 UTC 2021
** Tags removed: sts-sponser
** Tags added: sts-sponsor
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1820083
Title:
TLS params not set for session
Status in python-etcd3gw package in Ubuntu:
Fix Released
Status in python-etcd3gw source package in Bionic:
In Progress
Status in python-etcd3gw source package in Cosmic:
Won't Fix
Status in python-etcd3gw source package in Disco:
Won't Fix
Status in python-etcd3gw source package in Eoan:
Won't Fix
Status in python-etcd3gw source package in Focal:
In Progress
Status in python-etcd3gw source package in Groovy:
Won't Fix
Status in python-etcd3gw source package in Hirsute:
Fix Released
Bug description:
[Impact]
A connection session is opened, but the TLS parameters (timeout, ca,
cert and key) are not actually set for the session. This prevents use
of TLS for the etcd3gw package.
[Test Plan]
# Create self signed certs, using the default for all prompts
$ openssl req -addext "subjectAltName = DNS:localhost" -x509 -keyout
localhost.key -newkey rsa:4096 -nodes -sha256 -out localhost.crt
# install 'etcd' package, stop the default server, and spin up ectd
server
$ sudo apt install etcd
$ sudo systemctl stop etcd
$ etcd --name test --data-dir test --cert-file=localhost.crt --key-
file=localhost.key --advertise-client-urls=https://localhost:2379
--listen-client-urls=https://localhost:2379
# run test script
$ cat test.py
#!/usr/bin/python3
from etcd3gw import Etcd3Client
c = Etcd3Client(host="localhost", protocol="https", cert_key="localhost.key", cert_cert="localhost.crt", ca_cert="localhost.crt", timeout=10)
c.put('test', 'success!')
resp = c.get('test')
print(b''.join(resp).decode())
$ ./test.py
success!
[Where Problems Could Occur]
This adds TLS parameters (if provided) to the session, so regressions
would involve failed connections, possibly those without TLS that had
TLS params incorrectly provided before.
[Other]
the upstream bug is https://github.com/dims/etcd3-gateway/issues/20
fixed upstream with pull request https://github.com/dims/etcd3-gateway/pull/21
via commit 90b7a19cdc4daa1230d7f15c10b113abdefdc8c0
that commit is contained in version 0.2.2 which is already in h, so
this is needed in b/f/g. This package was not included in Xenial.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-etcd3gw/+bug/1820083/+subscriptions
More information about the Ubuntu-sponsors
mailing list