Should load all available CA Certificates and not just the u1 bundled/shipped ones
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu One storage protocol |
Fix Released
|
Undecided
|
Guillermo Gonzalez | ||
Stable-13-10 |
Fix Released
|
Undecided
|
Guillermo Gonzalez | ||
Stable-3-0 |
Fix Released
|
Undecided
|
Guillermo Gonzalez | ||
ubuntuone-storage-protocol (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Precise |
Won't Fix
|
Critical
|
Unassigned | ||
Saucy |
Won't Fix
|
Critical
|
Unassigned |
Bug Description
The client should load all available certificates instead of the UbuntuOne*.pem ones.
[Impact]
This is needed as the server will change the certificates due to the recent SSL bug and it will not verify against the current loaded CA certificates. This change will be future-proof against any other changes to the certificate chain.
[Test Case]
A small protocol client is attached that connects and pings the server.
In order to test it, we have the new certificates (with the chain, etc) at staging:
from the root of the branch:
PYTHONPATH=. python2.7 ping_client.py staging
or with the package installed:
python2.7 ping_client.py staging
[Regression Potential]
The use of all available certificates in the system certificate store, instead of a select few, increases the risk of a MITM attack by way of a weakest-link CA. However, many other packages use /etc/ssl/certs as their certificate store, so this problem would not be specific to UbuntuOne and it would be a critical security problem if any of the listed CAs were compromised.
Related branches
- dobey (community): Approve
-
Diff: 78 lines (+53/-7)2 files modifiedtests/test_context.py (+37/-0)
ubuntuone/storageprotocol/context.py (+16/-7)
- dobey (community): Approve
-
Diff: 82 lines (+57/-7)2 files modifiedtests/test_context.py (+41/-0)
ubuntuone/storageprotocol/context.py (+16/-7)
- dobey (community): Approve
-
Diff: 82 lines (+57/-7)2 files modifiedtests/test_context.py (+41/-0)
ubuntuone/storageprotocol/context.py (+16/-7)
Changed in ubuntuone-storage-protocol (Ubuntu): | |
status: | New → Invalid |
Changed in ubuntuone-storage-protocol (Ubuntu Precise): | |
status: | New → In Progress |
Changed in ubuntuone-storage-protocol (Ubuntu Saucy): | |
status: | New → In Progress |
assignee: | nobody → Rodney Dawes (dobey) |
Changed in ubuntuone-storage-protocol (Ubuntu Precise): | |
assignee: | nobody → Rodney Dawes (dobey) |
Changed in ubuntuone-storage-protocol (Ubuntu Saucy): | |
importance: | Undecided → Critical |
Changed in ubuntuone-storage-protocol (Ubuntu Precise): | |
importance: | Undecided → Critical |
Changed in ubuntuone-storage-protocol: | |
status: | New → In Progress |
assignee: | nobody → Guillermo Gonzalez (verterok) |
Changed in ubuntuone-storage-protocol: | |
status: | In Progress → Fix Committed |
Changed in ubuntuone-storage-protocol (Ubuntu Precise): | |
status: | Incomplete → In Progress |
description: | updated |
Changed in ubuntuone-storage-protocol (Ubuntu Precise): | |
status: | Fix Committed → Won't Fix |
Changed in ubuntuone-storage-protocol: | |
status: | Fix Committed → Fix Released |
Changed in ubuntuone-storage-protocol (Ubuntu Precise): | |
assignee: | Rodney Dawes (dobey) → nobody |
Changed in ubuntuone-storage-protocol (Ubuntu Saucy): | |
assignee: | Rodney Dawes (dobey) → nobody |
Hi folks,
I've filled out the SRU template for this bug as best I can based on the package in the queue. However, I don't consider the test case included in the source to be sufficient; the test case merely duplicates the code in the get_certificates() call itself, but does not prove that loading the certificates in this way will work with either the current production certificate, or the future replacement certificate. Could someone please provide an appropriate test for this? (Does not have to be an automated test in python - a text "how to test" in the bug description is sufficient.)