Project

General

Profile

Bug #9729

status.php: Sanitize zabbix-agent tlspsk key

Added by Viktor Gurov 5 months ago. Updated about 1 month ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Web Interface
Target version:
Start date:
09/05/2019
Due date:
% Done:

100%

Estimated time:
Affected Version:
2.5.0
Affected Architecture:

Description

config-sanitized.xml keep <tlspskfile> of zabbix-agent:

$ grep tlspsk config-sanitized.xml
<tlspskidentity>ZabbixKey</tlspskidentity>
<tlspskfile>cGFzczEyMw0KcGFzczEyMw0KcGFzczEyMw0KcGFzczEyMw==</tlspskfile>

checked with zabbix4-agent-4.0.10 and zabbix42-agent-4.2.4 

2.5.0-DEVELOPMENT (amd64)
built on Wed Sep 04 20:39:01 EDT 2019
FreeBSD 12.0-RELEASE-p10

Associated revisions

Revision 60a7d1e1 (diff)
Added by Jim Pingle 5 months ago

status.php: Sanitize zabbix TLS psk info. Fixes #9729

Revision 1544d718 (diff)
Added by Jim Pingle 5 months ago

status.php: Sanitize zabbix TLS psk info. Fixes #9729

(cherry picked from commit 60a7d1e1201f43ec48b0ad374ded1c15eb29e14e)

History

#1 Updated by Jim Pingle 5 months ago

  • Assignee set to Jim Pingle

#2 Updated by Jim Pingle 5 months ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

#3 Updated by Viktor Gurov 4 months ago

Jim Pingle wrote:

Applied in changeset 60a7d1e1201f43ec48b0ad374ded1c15eb29e14e.

<tlspskidentity>xxxxx</tlspskidentity>
<tlspskfile>xxxxx</tlspskfile>

there is no reason to sanitize <tlspskidentity>
only <tlspskfile>

#4 Updated by Jim Pingle 4 months ago

  • Status changed from Feedback to Resolved

#5 Updated by Jim Pingle 2 months ago

  • Private changed from Yes to No

#6 Updated by Jim Pingle about 2 months ago

  • Target version changed from 2.5.0 to 2.4.5

#7 Updated by Jim Pingle about 2 months ago

  • Status changed from Resolved to Feedback

Needs checked and/or tested again on 2.4.5 snapshots

#8 Updated by Viktor Gurov about 1 month ago

Jim Pingle wrote:

Needs checked and/or tested again on 2.4.5 snapshots

tested on 2.4.5.a.20191209.0732

Resolved

#9 Updated by Jim Pingle about 1 month ago

  • Status changed from Feedback to Resolved

Also available in: Atom PDF