Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pki cert-find returns results when junk value is passed with --maxSerialNumber #3267

Open
pki-bot opened this issue Oct 3, 2020 · 2 comments
Open

pki cert-find returns results when junk value is passed with --maxSerialNumber #3267

pki-bot opened this issue Oct 3, 2020 · 2 comments

Comments

@pki-bot
Copy link

pki-bot commented Oct 3, 2020

This issue was migrated from Pagure Issue #3150. Originally filed by cipherboy (@cipherboy) on 2020-03-16 09:33:26:

Description of problem:

pki cert-find returns results when junk value is passed with --maxSerialNumber

pki -h pki2.example.org -p 30044 cert-find --maxSerialNumber "ABx4iMAtll7wex01lDym8sqqIOi8ZwgrJIqkoVes/FIHe84dgr1N3nRXTMh6pWkP0vM="

----------------
34 entries found
----------------
  Serial Number: 0x1
  Subject DN: CN=PKI ROOTCA Signing Cert,O=redhat
  Status: VALID
  Type: X.509 version 3
  Key Algorithm: PKCS 1 RSA with 2048-bit key
  Not Valid Before: Tue May 26 15:22:06 IST 2015
  Not Valid After: Sat May 26 15:22:06 IST 2035
  Issued On: Tue May 26 15:22:06 IST 2015
  Issued By: system

  Serial Number: 0x2
  Subject DN: CN=PKI ROOTCA OCSP Signing Certificate,O=Redhat
  Status: VALID
  Type: X.509 version 3
  Key Algorithm: PKCS 1 RSA with 2048-bit key
  Not Valid Before: Tue May 26 15:22:10 IST 2015
  Not Valid After: Mon May 15 15:22:10 IST 2017
  Issued On: Tue May 26 15:22:10 IST 2015
  Issued By: system

  Serial Number: 0x3
  Subject DN: CN=pki2.example.org,O=Redhat
  Status: VALID
  Type: X.509 version 3
  Key Algorithm: PKCS 1 RSA with 2048-bit key
  Not Valid Before: Tue May 26 15:22:10 IST 2015
  Not Valid After: Mon May 15 15:22:10 IST 2017
  Issued On: Tue May 26 15:22:10 IST 2015
  Issued By: system

Version-Release number of selected component (if applicable):
pki-ca-10.2.3-2.el7.noarch
pki-tools-10.2.3-2.el7.x86_64

Steps to reproduce
1.Install and configure CA subsystem
2.issue pki -h <host> -p <port> cert-find --maxSerialNumber "junkvalue"

Actual results:

Returns certs when random data is passed to cert-find --maxSerialNumber

Expected results:

No results should be returned

Additional info:
@pki-bot
Copy link
Author

pki-bot commented Oct 3, 2020

Comment from cipherboy (@cipherboy) at 2020-03-16 09:33:36

https://bugzilla.redhat.com/show_bug.cgi?id=1225321

@pki-bot
Copy link
Author

pki-bot commented Oct 3, 2020

Comment from cipherboy (@cipherboy) at 2020-03-16 09:33:37

Metadata Update from @cipherboy:

  • Custom field component adjusted to None
  • Custom field feature adjusted to None
  • Custom field origin adjusted to None
  • Custom field proposedmilestone adjusted to None
  • Custom field proposedpriority adjusted to None
  • Custom field reviewer adjusted to None
  • Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1225321
  • Custom field type adjusted to None
  • Custom field version adjusted to None

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pki-bot