Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(xo-server, xo-web): warning for too small host TLS keys #7995

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

feat(xo-server, xo-web): warning for too small host TLS keys #7995

wants to merge 3 commits into from
+61 −1

Conversation

b-Nollet
Copy link
Contributor

@b-Nollet b-Nollet commented Sep 18, 2024
edited
Loading

Description

Display a warning in host list when host TLS key is too short to update to XCP-ng 8.3

image

image

Checklist

  • Commit
    • Title follows commit conventions
    • Reference the relevant issue (Fixes #007, See xoa-support#42, See https://...)
    • If bug fix, add Introduced by
  • Changelog
    • If visible by XOA users, add changelog entry
    • Update "Packages to release" in CHANGELOG.unreleased.md
  • PR
    • If UI changes, add screenshots
    • If not finished or not tested, open as Draft

@b-Nollet b-Nollet force-pushed the warning-short-TLS branch 4 times, most recently from db9c766 to bd70212 Compare September 19, 2024 13:21
@b-Nollet b-Nollet changed the title WIP feat(xo-server, xo-web): warning for too small host TLS keys Sep 19, 2024
@b-Nollet b-Nollet marked this pull request as ready for review September 19, 2024 13:39
stephane-m-dev
stephane-m-dev reviewed Sep 19, 2024
View reviewed changes
packages/xo-server/src/api/host.mjs Outdated
const certificate = await this.getXapi(host).call('host.get_server_certificate', host._xapiRef)

const cert = new X509Certificate(certificate)
return cert.publicKey.asymmetricKeyDetails.modulusLength < 2048
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe you could use a constant that describes what 2048 is, and that can be reused if needed?
Ex: CERT_PUBKEY_MIN_SIZE

@julien-f julien-f removed the request for review from velvetrevolver September 20, 2024 07:57
@b-Nollet b-Nollet removed the request for review from stephane-m-dev September 20, 2024 08:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@julien-f julien-f julien-f left review comments

@stephane-m-dev stephane-m-dev stephane-m-dev left review comments

@fbeauchamp fbeauchamp Awaiting requested review from fbeauchamp

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
Highlight
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@b-Nollet @julien-f @stephane-m-dev