pool/salt
SHA256
12
0
Fork 1
Code Issues Pull Requests Activity
Files
c0d7cc4bb8f2cba3ecff6e8171369dfdc326173579f012272459fb4c68d93a11
salt/x509-fixes-for-remote-signing-106.patch
Bo Maryniuk c0d7cc4bb8 Accepting request 636187 from home:mdinca:branches:systemsmanagement:saltstack 
- Prepend current directory when path is just filename (bsc#1095942)
- Integration of MSI authentication for azurearm
- Adds fix for SUSE Expanded Support os grain detection
- Fixes 509x remote signing
- Fix for StringIO import in Python2
- Use Adler32 algorithm to compute string checksums (bsc#1102819)
- Only do reverse DNS lookup on IPs for salt-ssh (bsc#1104154)
- Add support for Python 3.7
- Fix license macro to build on SLE12SP2
- Decode file contents for python2 (bsc#1102013)
- Fix for sorting of multi-version packages (bsc#1097174 and bsc#1097413)
- Fix mine.get not returning data - workaround for #48020 (bsc#1100142)
- Added:
  * change-stringio-import-in-python2-to-import-the-clas.patch
  * integration-of-msi-authentication-with-azurearm-clou.patch
  * x509-fixes-for-remote-signing-106.patch
  * fix-for-suse-expanded-support-detection.patch
  * only-do-reverse-dns-lookup-on-ips-for-salt-ssh.patch
  * prepend-current-directory-when-path-is-just-filename.patch
  * add-support-for-python-3.7.patch
  * decode-file-contents-for-python2-bsc-1102013.patch
  * fix-mine.get-not-returning-data-workaround-for-48020.patch
  * x509-fixes-111.patch
  * use-adler32-algorithm-to-compute-string-checksums.patch
- Modified:
  * fix-for-sorting-of-multi-version-packages-bsc-109717.patch

OBS-URL: https://build.opensuse.org/request/show/636187
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=129
2018-09-17 14:18:45 +00:00

81 lines
2.9 KiB
Diff
Raw Blame History

From 6276eb2cd3f2b396c13118a111998230477cc65a Mon Sep 17 00:00:00 2001
From: Florian Bergmann <bergmannf@users.noreply.github.com>
Date: Tue, 11 Sep 2018 14:02:55 +0200
Subject: [PATCH] X509 fixes for remote signing (#106)
* Use to_str salt.utils when writing to a file.
* Assign the certificate as a string.
* Convert to string before sending via 'publish'.
Otherwise the publish call with receive a "b''" string, which can not be used
in the functions.
* Do not silently ignore errors.
At least log the occurring errors to debug and trace.
---
salt/modules/x509.py | 10 +++++-----
salt/states/x509.py | 2 +-
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/salt/modules/x509.py b/salt/modules/x509.py
index 15de06e200..9901bc5bd9 100644
--- a/salt/modules/x509.py
+++ b/salt/modules/x509.py
@@ -658,7 +658,7 @@ def read_crl(crl):
text = get_pem_entry(text, pem_type='X509 CRL')
crltempfile = tempfile.NamedTemporaryFile()
- crltempfile.write(text)
+ crltempfile.write(salt.utils.stringutils.to_str(text))
crltempfile.flush()
crlparsed = _parse_openssl_crl(crltempfile.name)
crltempfile.close()
@@ -1368,9 +1368,9 @@ def create_certificate(
pem_type='CERTIFICATE REQUEST').replace('\n', '')
if 'public_key' in kwargs:
# Strip newlines to make passing through as cli functions easier
- kwargs['public_key'] = get_public_key(
+ kwargs['public_key'] = salt.utils.stringutils.to_str(get_public_key(
kwargs['public_key'],
- passphrase=kwargs['public_key_passphrase']).replace('\n', '')
+ passphrase=kwargs['public_key_passphrase'])).replace('\n', '')
# Remove system entries in kwargs
# Including listen_in and preqreuired because they are not included
@@ -1766,13 +1766,13 @@ def verify_crl(crl, cert):
crltext = _text_or_file(crl)
crltext = get_pem_entry(crltext, pem_type='X509 CRL')
crltempfile = tempfile.NamedTemporaryFile()
- crltempfile.write(crltext)
+ crltempfile.write(salt.utils.stringutils.to_str(crltext))
crltempfile.flush()
certtext = _text_or_file(cert)
certtext = get_pem_entry(certtext, pem_type='CERTIFICATE')
certtempfile = tempfile.NamedTemporaryFile()
- certtempfile.write(certtext)
+ certtempfile.write(salt.utils.stringutils.to_str(certtext))
certtempfile.flush()
cmd = ('openssl crl -noout -in {0} -CAfile {1}'.format(
diff --git a/salt/states/x509.py b/salt/states/x509.py
index 832f74168c..7bb941f393 100644
--- a/salt/states/x509.py
+++ b/salt/states/x509.py
@@ -545,7 +545,7 @@ def certificate_managed(name,
if not private_ret['result']:
return private_ret
- file_args['contents'] += certificate
+ file_args['contents'] += salt.utils.stringutils.to_str(certificate)
if not append_certs:
append_certs = []
--
2.19.0
Reference in New Issue View Git Blame Copy Permalink