FAQ
Hi all,

I've installed Puppet Enterprise 2.5 on Ubuntu 10.04.4 ("minimal" version
on our new hosting provider, previous on amazon ec2 all works fine). So
couldn't login to puppet dashboard - internal server error. I found problem
in rubycas-server. It fails when try to hash password:
(/opt/puppet/share/rubycas-server/lib/casserver/authenticators/sql_encrypted.rb)
def validate(credentials) ....
encrypt_function = @options[:encrypt_function] ||
'user.encrypted_password ==
Digest::SHA256.hexdigest("#{user.encryption_salt}::#{@password}")'
...
return eval(encrypt_function) # FAIL
But in simple ruby script function *Digest::SHA256.hexdigest* works fine. I
changed to *OpenSSL::Digest::SHA256.hexdigest* in rubycas-server and it
works...

Maybe you can advice how to solve this problem without source change?

Thanks in advance.

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/EuLrHRjTs-4J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

Search Discussions

  • Jeff McCune at Jun 8, 2012 at 4:57 pm
    Could you post the trace of the error and some entries from the logs? How
    did you track it down to here?

    -Jeff
    On Friday, June 8, 2012, Pavel Drobushevich wrote:

    Hi all,

    I've installed Puppet Enterprise 2.5 on Ubuntu 10.04.4 ("minimal" version
    on our new hosting provider, previous on amazon ec2 all works fine). So
    couldn't login to puppet dashboard - internal server error. I found problem
    in rubycas-server. It fails when try to hash password:

    (/opt/puppet/share/rubycas-server/lib/casserver/authenticators/sql_encrypted.rb)
    def validate(credentials) ....
    encrypt_function = @options[:encrypt_function] ||
    'user.encrypted_password ==
    Digest::SHA256.hexdigest("#{user.encryption_salt}::#{@password}")'
    ...
    return eval(encrypt_function) # FAIL
    But in simple ruby script function *Digest::SHA256.hexdigest* works fine.
    I changed to *OpenSSL::Digest::SHA256.hexdigest* in rubycas-server and it
    works...

    Maybe you can advice how to solve this problem without source change?

    Thanks in advance.

    --
    You received this message because you are subscribed to the Google Groups
    "Puppet Users" group.
    To view this discussion on the web visit
    https://groups.google.com/d/msg/puppet-users/-/EuLrHRjTs-4J.
    To post to this group, send email to puppet-users@googlegroups.com<javascript:_e({}, 'cvml', 'puppet-users@googlegroups.com');>
    .
    To unsubscribe from this group, send email to
    puppet-users+unsubscribe@googlegroups.com <javascript:_e({}, 'cvml',
    'puppet-users%2Bunsubscribe@googlegroups.com');>.
    For more options, visit this group at
    http://groups.google.com/group/puppet-users?hl=en.
    --
    You received this message because you are subscribed to the Google Groups "Puppet Users" group.
    To post to this group, send email to puppet-users@googlegroups.com.
    To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
  • Pavel Drobushevich at Jun 11, 2012 at 6:49 am
    Hi Jeff,

    I've added begin/rescue around this line of code but it didn't catch
    exception, so there is no any information in log :( I added step by step
    log print to code and found this line. When I did replace it (
    eval(encrypt_function) ) to true (or changed encrypt_function
    to OpenSSL::Digest::SHA256.hexdigest) it works well. As I understand it is
    problem with native sha2 library.

    Thanks,
    Pavel
    On Friday, June 8, 2012 7:57:09 PM UTC+3, Jeff McCune wrote:

    Could you post the trace of the error and some entries from the logs? How
    did you track it down to here?

    -Jeff
    On Friday, June 8, 2012, Pavel Drobushevich wrote:

    Hi all,

    I've installed Puppet Enterprise 2.5 on Ubuntu 10.04.4 ("minimal" version
    on our new hosting provider, previous on amazon ec2 all works fine). So
    couldn't login to puppet dashboard - internal server error. I found problem
    in rubycas-server. It fails when try to hash password:

    (/opt/puppet/share/rubycas-server/lib/casserver/authenticators/sql_encrypted.rb)
    def validate(credentials) ....
    encrypt_function = @options[:encrypt_function] ||
    'user.encrypted_password ==
    Digest::SHA256.hexdigest("#{user.encryption_salt}::#{@password}")'
    ...
    return eval(encrypt_function) # FAIL
    But in simple ruby script function *Digest::SHA256.hexdigest* works
    fine. I changed to *OpenSSL::Digest::SHA256.hexdigest* in rubycas-server
    and it works...

    Maybe you can advice how to solve this problem without source change?

    Thanks in advance.

    --
    You received this message because you are subscribed to the Google Groups
    "Puppet Users" group.
    To view this discussion on the web visit
    https://groups.google.com/d/msg/puppet-users/-/EuLrHRjTs-4J.
    To post to this group, send email to puppet-users@googlegroups.com.
    To unsubscribe from this group, send email to
    puppet-users+unsubscribe@googlegroups.com.
    For more options, visit this group at
    http://groups.google.com/group/puppet-users?hl=en.
    --
    You received this message because you are subscribed to the Google Groups "Puppet Users" group.
    To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/1qLAKtaBPJIJ.
    To post to this group, send email to puppet-users@googlegroups.com.
    To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppuppet-users @
categoriespuppet
postedJun 8, '12 at 12:59p
activeJun 11, '12 at 6:49a
posts3
users2
websitepuppetlabs.com

2 users in discussion

Pavel Drobushevich: 2 posts Jeff McCune: 1 post

People

Translate

site design / logo © 2021 Grokbase