Write tool to determine if a pool password is weak or broken (when used a signing key).

Description

Basically, does this file have an embedded NUL, or is one generated when our XOR is applied?

Activity

Show:
John (TJ) Knoeller
March 29, 2021, 6:49 PM

CODE REVIEW :

  1. line 176 in the output message, the word “changes” should be “change”

Todd L Miller
March 29, 2021, 4:21 PM

Assigning to TJ to do the second code review we wanted. Documentation still needs to be done.

Todd L Miller
March 29, 2021, 4:03 PM

Documentation must occur in the release notes and in the how-to-upgrade instructions.

We can do the man page later.

Todd L Miller
March 27, 2021, 9:02 PM
Edited

Code Review

  • Assumes we don’t need explicit packaging for Debian. We should verify that the tool is installed on both RPM and Debian before release.

  • One minor tweak I’d consider cleaning up (but is not a blocker) is the following case up, maybe with a suggestion about setting CONDOR_CONFIG or specifying a key on the command line:

  • The code is otherwise reasonable and specific tests are OK, although I didn’t verify that its and HTCondor’s implementation of the scramble agree in practice, code inspection seems to indicate that it does.

  • Will push the merge pending BaTLab results.

Brian Bockelman
March 27, 2021, 8:30 PM

Talking with we decided that we should provide this as part of 8.9.13 and provide an option to truncate the key files, making them backward compatible with older versions of HTCondor.

Time remaining

0m

Assignee

John (TJ) Knoeller