Bug 757773 - ldap-client yast module requires certificates with "*.pem" name schema
ldap-client yast module requires certificates with "*.pem" name schema
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE 12.1
Classification: openSUSE
Component: YaST2
Final
Other Other
: P5 - None : Normal (vote)
: ---
Assigned To: Shawn Chang
Jiri Srain
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-04-18 13:04 UTC by Uwe Gansert
Modified: 2015-02-19 07:04 UTC (History)
2 users (show)

See Also:
Found By: Development
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
y2log (431.46 KB, application/octet-stream)
2012-04-18 13:06 UTC, Uwe Gansert
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Uwe Gansert 2012-04-18 13:04:02 UTC
I use yast2 ldap-client to configure my system. I downloaded a root CA which has the ending "*.crt". With such an ending, the c_rehash skips the cert, so ssl does not work. The root CA has to end with "*.pem" so c_rehash creates the link for it.


Ralf suggested to open a bug for this (CC)
Comment 1 Uwe Gansert 2012-04-18 13:06:13 UTC
Created attachment 486672 [details]
y2log
Comment 2 Jiří Suchomel 2012-04-18 13:10:49 UTC
So what is wrong? 

c_rehash behavior or YaST for not strictly requiring .pem format?
Comment 3 Uwe Gansert 2012-04-18 13:17:35 UTC
c_rehash can only handle *pem endings (simple perl code). So either yast has to catch that error case when someone uses a certificate that has different naming or c_rehash has to be changed.
Maybe the maintainer of openssl can say that if a change in c_rehash makes sense.
Comment 4 Ralf Haferkamp 2012-04-18 13:25:41 UTC
Here is a bug report from upstream including a patch:
http://rt.openssl.org/Ticket/Display.html?id=1325&user=guest&pass=guest
Comment 5 Jiří Suchomel 2012-04-19 06:46:31 UTC
If there's already upstream bug report, than please take care of our c_rehash as well.
Comment 10 Shawn Chang 2013-02-06 09:51:03 UTC
created request id Request: #151437
Submitted to openSUSE 12.1 already.
Comment 11 Bernhard Wiedemann 2013-02-06 10:00:08 UTC
This is an autogenerated message for OBS integration:
This bug (757773) was mentioned in
https://build.opensuse.org/request/show/151437 Maintenance /
Comment 12 Bernhard Wiedemann 2013-02-07 05:00:08 UTC
This is an autogenerated message for OBS integration:
This bug (757773) was mentioned in
https://build.opensuse.org/request/show/151543 Maintenance /
Comment 13 Shawn Chang 2013-02-07 05:38:17 UTC
submitted to openSUSE 12.2. It should be fixed.
Comment 14 Bernhard Wiedemann 2013-02-16 10:00:08 UTC
This is an autogenerated message for OBS integration:
This bug (757773) was mentioned in
https://build.opensuse.org/request/show/155587 Maintenance / 
https://build.opensuse.org/request/show/155588 Maintenance /
Comment 15 Bernhard Wiedemann 2013-02-22 11:00:09 UTC
This is an autogenerated message for OBS integration:
This bug (757773) was mentioned in
https://build.opensuse.org/request/show/156084 Evergreen:11.2 / openssl
Comment 16 Swamp Workflow Management 2013-02-25 10:04:49 UTC
openSUSE-SU-2013:0336-1: An update that fixes 12 vulnerabilities is now available.

Category: security (moderate)
Bug References: 757773,802648,802746
CVE References: CVE-2011-4108,CVE-2011-4576,CVE-2011-4577,CVE-2011-4619,CVE-2012-0027,CVE-2012-0050,CVE-2012-0884,CVE-2012-1165,CVE-2012-2110,CVE-2012-2686,CVE-2013-0166,CVE-2013-0169
Sources used:
openSUSE 12.1 (src):    openssl-1.0.0k-34.20.1
Comment 17 Swamp Workflow Management 2013-02-25 10:05:27 UTC
openSUSE-SU-2013:0337-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 757773,802184,802746,803004
CVE References: CVE-2012-2686,CVE-2013-0166,CVE-2013-0169
Sources used:
openSUSE 12.2 (src):    openssl-1.0.1e-2.8.1
Comment 18 Swamp Workflow Management 2013-02-25 11:04:34 UTC
openSUSE-SU-2013:0339-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 757773,802648,802746
CVE References: CVE-2012-2686,CVE-2013-0166,CVE-2013-0169
Sources used:
openSUSE 11.4 (src):    openssl-1.0.0k-18.45.1
Comment 19 Bernhard Wiedemann 2013-02-26 08:00:18 UTC
This is an autogenerated message for OBS integration:
This bug (757773) was mentioned in
https://build.opensuse.org/request/show/156390 Evergreen:11.2 / openssl