Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't load keys when generating keys #9863

Merged
merged 1 commit into from Jul 15, 2016
Merged

Don't load keys when generating keys #9863

merged 1 commit into from Jul 15, 2016

Conversation

kbrock
Copy link
Member

@kbrock kbrock commented Jul 15, 2016
edited

Purpose or Intent

To generate a new appliance encryption key (aka v2_key) users use:

mv certs/v2_key certs/v2_key.old
bundle exec ruby tools/fix_auth.rb --key

This displays an ugly warning but actually works

On an appliance, it should be generated on boot by evmserverd.

If you're a developer, you can copy the certs/v2_key.dev to certs/v2_key.

Caution, using the developer key will allow anyone with the public developer key to decrypt the two-way
passwords in your database.

Now if the user had not deleted the old certs/v2_key then it would throw and error and not generate a new v2_key. But if you note, it is very hard for the user to know if this is a problem or not

Only generate one encryption_key (v2_key) per installation.
Chances are you did not want to overwrite this file.
If you do this all encrypted secrets in the database will not be readable.
Please backup your key and run again.

tools/fix_auth/fix_auth.rb:50:in `rescue in generate_password': File exists - File exists @ rb_sysopen - certs/v2_key (Errno::EEXIST)
  from tools/fix_auth/fix_auth.rb:42:in `generate_password'
  from tools/fix_auth/fix_auth.rb:90:in `run'
  from tools/fix_auth/cli.rb:37:in `run'
  from tools/fix_auth/cli.rb:41:in `run'
  from ./tools/fix_auth.rb:24:in `<main>'

Solution

Don't display a warning that the v2_key does not exist if we are in the process of generating the key.

https://bugzilla.redhat.com/show_bug.cgi?id=1356697

@jrafanie
Copy link
Member

@kbrock the change seems to make sense, can you reword these statements in the description... I don't know what you mean:

This looks to be throwing an error when no v2_key exists.

What error?

It is actually generating a key.

So, it's creating a key...

It throws an actual error when the key does exists.

Does not exist or does exist? What error?

And it does not generate a key.

Is this because of the 'actual error' ?

Does this problem have a workaround that users have successfully used in the past? I'm wondering how this worked before... Maybe this:

cp certs/v2_key certs/v2_key.old  # make a copy, don't remove the v2_key
bundle exec ruby tools/fix_auth.rb --key

???

@kbrock
Copy link
Member Author

kbrock commented Jul 15, 2016
edited

updated. thanks @jrafanie

@jrafanie
Copy link
Member

@kbrock

Now if the user had not deleted the old certs/v2_key then it would throw and error

an error

@kbrock
Don't load keys when generating keys
dd103d7 
Don't display a warning that the `v2_key` does not exist if we are in the process of generating the key.

https://bugzilla.redhat.com/show_bug.cgi?id=1356697

details:

To generate a new appliance encryption key (aka `v2_key`), a user removes and adds a key:

```
mv certs/v2_key certs/v2_key.old
bundle exec ruby tools/fix_auth.rb --key
```

This displays a warning, and looks like it fails but the key is generated:

```
On an appliance, it should be generated on boot by evmserverd.

If you're a developer, you can copy the certs/v2_key.dev to certs/v2_key.

Caution, using the developer key will allow anyone with the public developer key to decrypt the two-way
passwords in your database.
```

Now if the user had not deleted the old `certs/v2_key` then it would throw and error and
 not generate a new `v2_key`. But if you note, it is very hard for the user to know if this is a problem or not:

```
Only generate one encryption_key (v2_key) per installation.
Chances are you did not want to overwrite this file.
If you do this all encrypted secrets in the database will not be readable.
Please backup your key and run again.

tools/fix_auth/fix_auth.rb:50:in `rescue in generate_password': File exists - File exists @ rb_sysopen - certs/v2_key (Errno::EEXIST)
  from tools/fix_auth/fix_auth.rb:42:in `generate_password'
  from tools/fix_auth/fix_auth.rb:90:in `run'
  from tools/fix_auth/cli.rb:37:in `run'
  from tools/fix_auth/cli.rb:41:in `run'
  from ./tools/fix_auth.rb:24:in `<main>'
```

Solution is to not show the warning if in the process of generating the key
@miq-bot
Copy link
Member

miq-bot commented Jul 15, 2016

Checked commit kbrock@dd103d7 with ruby 2.2.5, rubocop 0.37.2, and haml-lint 0.16.1
1 file checked, 0 offenses detected
Everything looks good. 🏆

@jrafanie
Copy link
Member

LGTM, thanks @kbrock

@jrafanie
Copy link
Member

Merging. I'm not sure how you can test this but there should be a way. Maybe we can do that in a followup PR.

@jrafanie jrafanie merged commit 0bf1bc7 into ManageIQ:master Jul 15, 2016
@jrafanie jrafanie added this to the Sprint 44 Ending Aug 1, 2016 milestone Jul 15, 2016
@chessbyte chessbyte assigned jrafanie and unassigned gtanzillo Jul 15, 2016
@kbrock kbrock deleted the fix_auth_warning branch July 15, 2016 23:39
chessbyte pushed a commit that referenced this pull request Jul 18, 2016
@jrafanie @chessbyte
Merge pull request #9863 from kbrock/fix_auth_warning
54807fe 
Don't load keys when generating keys
(cherry picked from commit 0bf1bc7)
@chessbyte
Copy link
Member

Darga backport details:

commit 54807fe69c11d517cd816d2b85871d20cf578d85
Author: Joe Rafaniello <jrafanie@users.noreply.github.com>
Date:   Fri Jul 15 18:37:49 2016 -0400

    Merge pull request #9863 from kbrock/fix_auth_warning

    Don't load keys when generating keys
    (cherry picked from commit 0bf1bc7bcc2535e6430c485ff2e7b84475872461)

@kbrock
Copy link
Member Author

kbrock commented Jul 18, 2016

Thanks @chessbyte https://bugzilla.redhat.com/show_bug.cgi?id=1357520

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@jrafanie jrafanie

Labels
bug darga/backported tools
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@kbrock @jrafanie @miq-bot @chessbyte @gtanzillo