Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-151705

keylime_tenant doesn't support API version negotiation

Linking RHIVOS CVEs to...Migration: Automation ...Sync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • rhel-9.5.z
    • keylime
    • None
    • None
    • None
    • rhel-security-special-projects
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • All
    • None

      What were you trying to do that didn't work?

      I am trying to register and attest agent from RHEL-10.2 on a keylime server from earlier RHEL versions (10.1 and earlier) but this doesn't work due to agent using a newer and incompatible API version.

      What is the impact of this issue to you?

      cannot attest agent from RHEL-10.2 using keylime server from a previous RHEL version

      Please provide the package NVR for which the bug is seen:

      keylime-agent-rust-0.2.9-1.el10

      vs

      keylime-tenant-7.3.0-13.el9_3

      keylime-tenant-7.3.0-15.el9_6.1

      keylime-tenant-7.12.1-11.el9_7.4

      keylime-tenant-7.12.1-2.el10_0.5

      keylime-tenant-7.12.1-11.el10_1.4

      How reproducible is this bug?:

      always

      Steps to reproduce

      1. configure keylime server on RHEL-10.1 or ealier
      2. add agent from RHEL-10.2
      3.  

      Expected results

      attestation works (or at least it is clearly stated that these versions are not compatible)

      Actual results

      various errors

              scorreia@redhat.com Sergio Correia
              ksrot@redhat.com Karel Srot
              Sergio Correia Sergio Correia
              Karel Srot Karel Srot
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: