Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-96990

revocation notifier not closing TLS session correctly

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • keylime-7.12.1-10.el10
    • No
    • Moderate
    • rhel-security-special-projects
    • 26
    • 1
    • QE ack, Dev ack
    • False
    • False
    • Hide

      None

      Show
      None
    • No
    • None
    • Release Note Not Required
    • Unspecified
    • Unspecified
    • Unspecified
    • ppc64le
    • None

      What were you trying to do that didn't work?

       

      When revocation notifier sends a message, on webhook server side I can see an error:

      ERROR
      A0444E9AFF7F0000:error:0A000126:SSL routines::unexpected eof while reading:ssl/record/rec_layer_s3.c:691:

      What is the impact of this issue to you?

      errors in server log and subsequently failing tests

       

      Please provide the package NVR for which the bug is seen:

      keylime-7.12.1-2.el10.ppc64le

      How reproducible is this bug?:

      very frequently, like 50% or test runs

      this seems to be ppc64le issue only

      Steps to reproduce

      basically follow the scenario in https://github.com/RedHat-SP-Security/keylime-tests/blob/main/functional/basic-attestation-on-localhost/test.sh

      1. use openssl s_server as webhook server
      2. configure keylime, add agent, let the attestation fail
      3. observe an error in s_server log

      Expected results

      Actual results

              scorreia@redhat.com Sergio Correia
              ksrot@redhat.com Karel Srot
              Sergio Correia Sergio Correia
              Karel Srot Karel Srot
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated: