Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

SWIFT: POC Conversion

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Normal
Fix Version/s: rhel-10.0.beta
Affects Version/s: rhel-10.0.beta
Component/s: ipa
Labels:
- commit
- fixed_upstream

Fixed in Build:
ipa-4.12.2-1.el10
Regression:
No
Severity:
None
Epic Link:
FREEIPA-9612
sprint_count:
2

AssignedTeam:
rhel-idm-ipa
Sub-System Group:

ssg_idm

Dev Target Milestone:
25
Internal Target Milestone:
26
Story Points:
1
ACKs Check:

Dev ack
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
No
Sprint:
2024-Q3-Alpha-S4, 2024-Q3-Alpha-S5

Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/133524
Test Coverage:

RegressionOnly

Release Note Type:
Unspecified Release Note Type - Unknown

Experience:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

Cloned from: https://pagure.io/freeipa/issue/9641

Recently released `cryptography 43.0.0` (https://cryptography.io/en/latest/changelog/#v43-0-0)

> Added Certificate public_key_algorithm_oid and Certificate Signing Request public_key_algorithm_oid to determine the PublicKeyAlgorithmOID Object Identifier of the public key found inside the certificate.

https://cryptography.io/en/latest/x509/reference/#cryptography.x509.Certificate.public_key_algorithm_oid

This caught by pylint:
```
************* Module ipalib.x509
ipalib/x509.py:453: [E0110(abstract-class-instantiated), load_pem_x509_certificate] Abstract class 'IPACertificate' with abstract methods instantiated)
ipalib/x509.py:465: [E0110(abstract-class-instantiated), load_der_x509_certificate] Abstract class 'IPACertificate' with abstract methods instantiated)
```

and by unit tests, for example:
```
______________________ test_x509.test_1_load_base64_cert _______________________

self = <ipatests.test_ipalib.test_x509.test_x509 object at 0x7faee8551520>

    def test_1_load_base64_cert(self):
        """
        Test loading a base64-encoded certificate.
        """
    
        # Load a good cert
>       x509.load_pem_x509_certificate(goodcert_headers)

test_ipalib/test_x509.py:205: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

data = b'-----BEGIN CERTIFICATE-----\nMIICAjCCAWugAwIBAgICBEUwDQYJKoZIhvcNAQEFBQAwKTEnMCUGA1UEAxMeSVBBIFRlc3QgQ2VydGlmaWNhdGU...h6m7TCp0eDgRpo77zNuvd3U4Qpm0Qk+KEjtHQDjNNG6N4ZnCQPmjFPScElvc/GgW7XMbywJy2euF+3/Uip8cnPgSH4=\n-----END CERTIFICATE-----'

    def load_pem_x509_certificate(data):
        """
        Load an X.509 certificate in PEM format.
    
        :returns: a ``IPACertificate`` object.
        :raises: ``ValueError`` if unable to load the certificate.
        """
>       return IPACertificate(
            crypto_x509.load_pem_x509_certificate(data, backend=default_backend())
        )
E       TypeError: Can't instantiate abstract class IPACertificate without an implementation for abstract method 'public_key_algorithm_oid'

../ipalib/x509.py:453: TypeError
```

links to

freeipa pragure 9641

RHSA-2024:133524 ipa bug fix and enhancement update

Assignee:: Florence Renaud

Reporter:: Florence Renaud

Developer:: Florence Renaud

QA Contact:: Erik Belko

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 2024/08/14 3:11 PM

Updated:: 2024/11/26 11:01 AM

Resolved:: 2024/11/26 11:01 AM

Dev Target end:: 2024/08/19

Target end:: 2024/08/26

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates