Project

General

Profile

Actions

Bug #6583

closed

User story #6589: Improve Rudder security in 3.1: Inventory signature and security, SELinux compliance

Architecture #6356: Inventory endpoint should validate agent signature

Can't validate inventory key stored with old format

Added by Vincent MEMBRÉ over 9 years ago. Updated over 9 years ago.

Status:
Released
Priority:
1 (highest)
Category:
Web - Nodes & inventories
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:

Description

Pubic key from old inventories are stored as one liners in ldap and can't be used to check the inventory signature.

We shoudl change the PublicKey data structure to manage this case

Actions #1

Updated by Vincent MEMBRÉ over 9 years ago

  • Status changed from New to In progress
Actions #2

Updated by Vincent MEMBRÉ over 9 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Vincent MEMBRÉ to Nicolas CHARLES
  • Pull Request set to https://github.com/Normation/ldap-inventory/pull/63
Actions #3

Updated by Vincent MEMBRÉ over 9 years ago

  • Status changed from Pending technical review to Pending release
  • % Done changed from 0 to 100
Actions #5

Updated by Vincent MEMBRÉ over 9 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 3.1.0~beta1 which were released today.

Actions

Also available in: Atom PDF