From b3ae09a48cf7cb21e3562509717381e4c4133454 Mon Sep 17 00:00:00 2001 From: Jakub Filak Date: Wed, 22 Oct 2014 08:12:44 +0200 Subject: [LIBREPORT PATCH 101/105] ureport: use entit certs with 'rhsm' and drop 'rhsm-entitlement' /etc/pki/consumer certificates cannot be used for authentication in Strata. Martin Milata has correctly pointed out that it does not make sense to have both 'rhsm' and 'rhsm-entitlement' options. Related #1140224 Signed-off-by: Jakub Filak --- doc/reporter-ureport.txt | 6 ++---- src/lib/ureport.c | 11 ----------- src/plugins/ureport.conf | 4 +--- 3 files changed, 3 insertions(+), 18 deletions(-) diff --git a/doc/reporter-ureport.txt b/doc/reporter-ureport.txt index 807f1e1..1a67441 100644 --- a/doc/reporter-ureport.txt +++ b/doc/reporter-ureport.txt @@ -35,10 +35,8 @@ Configuration file lines should have 'PARAM = VALUE' format. The parameters are: Possible values are: 'rhsm';; - Uses the system certificate that is used for Red Hat subscription management. - - 'rhsm-entitlement';; - Same as 'rhsm' but uses the V3 RHSM entitlement certificates. + Uses the system V3 entitlement certificate that is used for Red Hat + subscription management. 'puppet';; Uses the certificate that is used by the Puppet configuration management tool. diff --git a/src/lib/ureport.c b/src/lib/ureport.c index 99e84ef..5782b4e 100644 --- a/src/lib/ureport.c +++ b/src/lib/ureport.c @@ -32,9 +32,6 @@ #define RHSM_WEB_SERVICE_URL "https://api.access.redhat.com/rs/telemetry/abrt" -#define RHSM_CERT_PATH "/etc/pki/consumer/cert.pem" -#define RHSM_KEY_PATH "/etc/pki/consumer/key.pem" - #define RHSMENT_PEM_DIR_PATH "/etc/pki/entitlement" #define RHSMENT_ENT_DATA_BEGIN_TAG "-----BEGIN ENTITLEMENT DATA-----" #define RHSMENT_ENT_DATA_END_TAG "-----END ENTITLEMENT DATA-----" @@ -94,14 +91,6 @@ ureport_server_config_set_client_auth(struct ureport_server_config *config, if (config->ur_url == NULL) ureport_server_config_set_url(config, xstrdup(RHSM_WEB_SERVICE_URL)); - config->ur_client_cert = xstrdup(RHSM_CERT_PATH); - config->ur_client_key = xstrdup(RHSM_KEY_PATH); - } - else if (strcmp(client_auth, "rhsm-entitlement") == 0) - { - if (config->ur_url == NULL) - ureport_server_config_set_url(config, xstrdup(RHSM_WEB_SERVICE_URL)); - GList *certs = get_file_list(RHSMENT_PEM_DIR_PATH, "pem"); if (g_list_length(certs) < 2) { diff --git a/src/plugins/ureport.conf b/src/plugins/ureport.conf index e7bd66b..9e0415f 100644 --- a/src/plugins/ureport.conf +++ b/src/plugins/ureport.conf @@ -22,10 +22,8 @@ AuthDataItems = hostname, machineid # 'IncludeAuthData' to 'yes'. # None (default): # SSLClientAuth = -# Using RH subscription management certificate: -# SSLClientAuth = rhsm # Using RH subscription management entitlement certificate: -# SSLClientAuth = rhsm-entitlement +# SSLClientAuth = rhsm # Using Puppet certificate: # SSLClientAuth = puppet # Using custom certificate: -- 1.8.3.1