Barbican

SnakeOil Can Sign Certificates with wrong CA

Bug #1499874 reported by Dave McCowan
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Barbican
Fix Released
Critical
Dave McCowan
Barbican 1.0.0 "liberty"

Bug Description

SnakeOil Can Sign Certificates with wrong CA

Douglas Mendizábal (dougmendizabal)
Changed in barbican:
milestone: none → liberty-rc1
importance: Undecided → Critical
status: New → In Progress
assignee: nobody → Dave McCowan (dave-mccowan)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to barbican (master)

Reviewed: https://review.openstack.org/228032
Committed: https://git.openstack.org/cgit/openstack/barbican/commit/?id=5c67eabd7ce664180b5e1ca59c91c1b4a919e6fc
Submitter: Jenkins
Branch: master

commit 5c67eabd7ce664180b5e1ca59c91c1b4a919e6fc
Author: Dave McCowan <email address hidden>
Date: Fri Sep 25 16:23:04 2015 -0400

    Use subCA when specified to sign CSRs

    Snakeoil was always using the root CA to sign CSRs. With this
    commit it will use the CA whose reference was passed.

    Change-Id: I6afee4414aa4d2878f619f0f3650361a7b1d6ea8
    Closes-Bug: 1499874
    Partially-implements: blueprint add-cas

Changed in barbican:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in barbican:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in barbican:
milestone: liberty-rc1 → 1.0.0
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.