BIND 10 #1044: SSL/TLS certificate for b10-cmdctl is expired

BIND 10 Development do-not-reply at isc.org
Mon Nov 26 10:06:11 UTC 2012 

#1044: SSL/TLS certificate for b10-cmdctl is expired
-------------------------------------+-------------------------------------
                   Reporter:  cas    |                 Owner:  muks
                       Type:         |                Status:  reviewing
  defect                             |             Milestone:
                   Priority:         |  Sprint-20121204
  medium                             |            Resolution:
                  Component:  cmd-   |             Sensitive:  0
  ctl                                |           Sub-Project:  Core
                   Keywords:         |  Estimated Difficulty:  3.0
            Defect Severity:  High   |           Total Hours:  0
Feature Depending on Ticket:         |
  alpha2                             |
        Add Hours to Ticket:  0      |
                  Internal?:  0      |
-------------------------------------+-------------------------------------
Changes (by jelte):

 * owner:  jelte => muks


Comment:

 >
 > If Botan adds a single additional enumeration constant = 100 into that
 enum, it will not break Botan's API or ABI, but it will break our
 assumption upon which this code is written. I merely want to point this
 out in the review, that's all. :)
 >

 Yes, I know, but I do not expect that to be much of a problem (or rather,
 I think not redefining them all to 1 exit code is more useful than this
 potential problem)

 > The changes look good, but they are a set of changes grouped together in
 a single commit with a log message "Fix review comments". :) It seems that
 one unrelated change in `perfdhcp` was included by mistake as well. I
 suggest breaking these into individual commits for each thing they
 address.
 >

 I've been trying to get the number of commits down after the squash
 discussion. Often, review changes are a number of small changes that IMO
 don't really need a separate commit each. I may have gone too far with
 this one (like the additional file permission checks), but hey I did point
 to the comment here :)

 The perfdhcp change should not have been committed, which is my bad.
 Reverted that (I'll push that as a separate commit straight to master).
 But rather than splitting up an existing commit I propose I leave it as is
 for now and try to be better in grouping review changes next time ;)

 > What about Shane's comment about checking certificate expiry before
 using it (comment [comment:11])? Does the code already check the expiry
 time in the certificate?

 No. And unfortunately, there is no easy way to actually do this AFAICT.
 The python libraries don't expose this level of use, and I can't really
 find any builtin way to do it. So we'd either need to
 - add scary threading stuff and make cmdctl connect to itself to validate
 - call b10-certgen from the cmdctl code
 - move the checking code from b10-certgen to our cryptowrappers, and make
 python wrappers for them, then call those from cmdctl
 - make a hard dependency on an external tool (like openssl req)

 I have no idea which would be the right approach, and if I did I think we
 should probably defer that to a new ticket.

-- 
Ticket URL: <http://bind10.isc.org/ticket/1044#comment:15>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development

More information about the bind10-tickets mailing list