Skip to content

Fix cipher context assignment in handlecipherconfig.go#3675

Merged
eriknordmark merged 1 commit intolf-edge:masterfrom
europaul:fix-find-cipher-context
Dec 14, 2023
Merged

Fix cipher context assignment in handlecipherconfig.go#3675
eriknordmark merged 1 commit intolf-edge:masterfrom
europaul:fix-find-cipher-context

Conversation

@europaul
Copy link
Copy Markdown
Contributor

@europaul europaul commented Dec 14, 2023

The previous version was always assigning the last cipher context in the slice instead of the one with the correct ID.

@europaul europaul added the bug Something isn't working label Dec 14, 2023
@europaul europaul added the stable Should be backported to stable release(s) label Dec 14, 2023
@europaul
Fix cipher context assignment in handlecipherconfig.go
b269798 
The previous version was always assigning the last cipher context in the slice instead of the one with the correct ID.

Signed-off-by: Paul Gaiduk <paulg@zededa.com>
rouming
rouming approved these changes Dec 14, 2023
View reviewed changes
Copy link
Copy Markdown
Member

@rouming rouming left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice catch. Break was missing.

@europaul europaul force-pushed the fix-find-cipher-context branch from e1fdc5a to b269798 Compare December 14, 2023 13:02
@github-actions github-actions Bot requested a review from rouming December 14, 2023 13:03
@codecov
Copy link
Copy Markdown

codecov Bot commented Dec 14, 2023
edited
Loading

Codecov Report

Attention: 3 lines in your changes are missing coverage. Please review.

Comparison is base (7c742f2) 19.62% compared to head (b269798) 19.62%.

Files Patch % Lines
pkg/pillar/cmd/zedagent/handlecipherconfig.go 0.00% 3 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #3675      +/-   ##
==========================================
- Coverage   19.62%   19.62%   -0.01%     
==========================================
  Files         232      232              
  Lines       50746    50746              
==========================================
- Hits         9959     9957       -2     
- Misses      40064    40067       +3     
+ Partials      723      722       -1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

eriknordmark
eriknordmark approved these changes Dec 14, 2023
View reviewed changes
Copy link
Copy Markdown
Contributor

@eriknordmark eriknordmark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks.

Have you seen some failure this would cause, or this is purely from a code review?
If the former we should try to understand where it shoyld be back-ported to lts releases.

OhmSpectator
OhmSpectator approved these changes Dec 14, 2023
View reviewed changes
Comment thread pkg/pillar/cmd/zedagent/handlecipherconfig.go
continue
if cfgCipherContext.ContextID == cipherBlock.CipherContextID {
cipherBlock.CipherContext = &cfgCipherContext
break
Copy link
Copy Markdown
Member

@OhmSpectator OhmSpectator Dec 14, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For these cases, I prefer using the index in the loop, breaking on a match and then getting the object by the index. For me, it looks more explicit. But that's also fine.

Copy link
Copy Markdown
Contributor Author

@europaul europaul Dec 14, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would prefer to reference the copy here instead of the actual array element, in case the array might be subject to change.

@europaul
Copy link
Copy Markdown
Contributor Author

europaul commented Dec 14, 2023

Thanks.

Have you seen some failure this would cause, or this is purely from a code review? If the former we should try to understand where it shoyld be back-ported to lts releases.

I noticed the bug, while testing the change of signing certificate in the controller -> it introduces more cipher contexts and EVE ends up choosing the wrong one for the decryption.

Since the certificate change in the controller is independent from EVE, this can also affect the older EVE versions.

@eriknordmark eriknordmark merged commit b3d1d28 into lf-edge:master Dec 14, 2023
@europaul europaul mentioned this pull request Dec 14, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@eriknordmark eriknordmark eriknordmark approved these changes

@milan-zededa milan-zededa Awaiting requested review from milan-zededa milan-zededa is a code owner

@uncleDecart uncleDecart Awaiting requested review from uncleDecart

@rouming rouming Awaiting requested review from rouming

+1 more reviewer

@OhmSpectator OhmSpectator OhmSpectator approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

bug Something isn't working stable Should be backported to stable release(s)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@europaul @rouming @OhmSpectator @eriknordmark