[Bug 1820083] Re: TLS params not set for session

Dan Streetman 1820083 at bugs.launchpad.net
Thu Oct 14 23:55:38 UTC 2021 

** Tags removed: sts-sponser
** Tags added: sts-sponsor

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1820083

Title:
  TLS params not set for session

Status in python-etcd3gw package in Ubuntu:
  Fix Released
Status in python-etcd3gw source package in Bionic:
  In Progress
Status in python-etcd3gw source package in Cosmic:
  Won't Fix
Status in python-etcd3gw source package in Disco:
  Won't Fix
Status in python-etcd3gw source package in Eoan:
  Won't Fix
Status in python-etcd3gw source package in Focal:
  In Progress
Status in python-etcd3gw source package in Groovy:
  Won't Fix
Status in python-etcd3gw source package in Hirsute:
  Fix Released

Bug description:
  [Impact]

  A connection session is opened, but the TLS parameters (timeout, ca,
  cert and key) are not actually set for the session.  This prevents use
  of TLS for the etcd3gw package.

  [Test Plan]

  # Create self signed certs, using the default for all prompts

  $ openssl req -addext "subjectAltName = DNS:localhost" -x509 -keyout
  localhost.key -newkey rsa:4096 -nodes -sha256 -out localhost.crt

  # install 'etcd' package, stop the default server, and spin up ectd
  server

  $ sudo apt install etcd
  $ sudo systemctl stop etcd

  $ etcd --name test --data-dir test --cert-file=localhost.crt --key-
  file=localhost.key --advertise-client-urls=https://localhost:2379
  --listen-client-urls=https://localhost:2379

  # run test script

  $ cat test.py
  #!/usr/bin/python3

  from etcd3gw import Etcd3Client

  c = Etcd3Client(host="localhost", protocol="https", cert_key="localhost.key", cert_cert="localhost.crt", ca_cert="localhost.crt", timeout=10)
  c.put('test', 'success!')
  resp = c.get('test')
  print(b''.join(resp).decode())

  $ ./test.py
  success!

  [Where Problems Could Occur]

  This adds TLS parameters (if provided) to the session, so regressions
  would involve failed connections, possibly those without TLS that had
  TLS params incorrectly provided before.

  [Other]

  the upstream bug is https://github.com/dims/etcd3-gateway/issues/20
  fixed upstream with pull request https://github.com/dims/etcd3-gateway/pull/21
  via commit 90b7a19cdc4daa1230d7f15c10b113abdefdc8c0

  that commit is contained in version 0.2.2 which is already in h, so
  this is needed in b/f/g.  This package was not included in Xenial.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-etcd3gw/+bug/1820083/+subscriptions

More information about the Ubuntu-sponsors mailing list