Barbican

Certificate Order API Should Do More Error Checking

Bug #1472383 reported by Dave McCowan
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Barbican
Fix Released
Medium
Dave McCowan
Barbican 1.0.0 "liberty"

Bug Description

The unit test test_should_pass_with_blank_dn()
in barbican/tests/api/controllers/test_orders.py
passes, but it really should not.

A certificate should not be issued if a blank CN.

We should take a thoughtful look at other strings that might be a valid LDAP format, but would be nonsense as a CN.

Strings that would create a wrong or nonsensical CN should be rejected by Barbican's validator.

Revision history for this message
Dave McCowan (dave-mccowan) wrote :

Fix committed and merged on 8/17/2015.

https://review.openstack.org/211759

Change-Id: I061ae6827cae9a43601f05425082a397267f6087
Partially-Implements: blueprint barbican-py3

Changed in barbican:
assignee: nobody → Dave McCowan (dave-mccowan)
status: New → Fix Released
status: Fix Released → Fix Committed
Thierry Carrez (ttx)
Changed in barbican:
milestone: none → liberty-rc1
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in barbican:
milestone: liberty-rc1 → 1.0.0
Douglas Mendizábal (dougmendizabal)
Changed in barbican:
importance: Undecided → Medium
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.