Opened 6 years ago
Closed 6 years ago
#1517 closed defect (fixed)
sge_ca only does partial matches against GECOS data
Reported by: | markdixon | Owned by: | Mark Dixon <m.c.dixon@…> |
---|---|---|---|
Priority: | normal | Milestone: | |
Component: | sge | Version: | 8.1.8 |
Severity: | minor | Keywords: | |
Cc: |
Description
Hi,
When the sge_ca tool supplied with grid engine is used to create a new certificate, it uses the supplied GECOS data to check if a certificate with the same common name already exists.
That check only does a partial match on CN=<gecos info>, so if a new certificate's GECOS data matches the start of another certificate's GECOS data, it will refuse to create the certificate.
e.g. the cert created by the first command below prevents the second cert from being created:
$SGE_ROOT/util/sgeCA/sge_ca -user "user1:Bobby:bobby@somewhere"
$SGE_ROOT/util/sgeCA/sge_ca -user "user2:Bob:bob@somewhere"
The attached patch fixes this, prepared against 8.1.8.
Cheers,
Mark
Attachments (1)
Change History (2)
Changed 6 years ago by markdixon
comment:1 Changed 6 years ago by Mark Dixon <m.c.dixon@…>
- Owner set to Mark Dixon <m.c.dixon@…>
- Resolution set to fixed
- Status changed from new to closed
In 4805/sge: