So, I don't really know much about security or SSL, but here goes: Depot.py: Is there a reason to make paths to key and certs be absolute from the command line?
Could a malicious user read from /dev/fd/* over and over and manage to read the decrypted SSL key? Other than those questions, things look fine to me. Brock Shawn Walker wrote: > Greetings, > > The following webrev contains changes to implement the following RFEs: > > 2154 pkg.depotd should offer SSL/HTTPS option > > webrev: > http://cr.opensolaris.org/~swalker/pkg-2154/ > > Change Summary: > * Added --ssl-cert-file option to allow specification of the location of > a PEM-encoded certificate file. > > * Added --ssl-key-file option to allow specification of the location of > a PEM-encoded server private key file. > > * Added --ssl-dialog to allow the user to choose between openssl's > builtin password prompt authentication or the apache style > exec:/path/to/program method of obtaining the passphrase. > > * Changed depot server to default to port 443 if no -p port_no was > provided and the ssl options were. > > * Changed depot server to exit with a failure code of 1 and to not print > usage if cherrypy failed to initialise. > > * Updated pkg.depotd man page > > * Updated SMF xml and scripts > > Notes: > * There are no tests for this as I wasn't sure whether it was right for > me to add SSL key generation, etc. to the gate. I'll be happy to add > them if this is acceptable. Just let me know what I need to do. > Ideally, I'd like our entire test suite to run through SSL, but that > would double test execution times. > > * The builtin password authentication prompting is done by the OpenSSL > library; I don't know the implementation details. It appears to read > from /dev/tty whenever I do a truss on it. > > * The --ssl-dialog option was modeled after Apache's SSLPassPhraseDialog > directive [1]. > > Cheers, > _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
