Skip to content

Commit

Permalink
Addresses a bug with plugins.security.allow_unsafe_democertificates
Browse files Browse the repository at this point in the history 
… setting (opensearch-project#4600)

Signed-off-by: Darshit Chanpura <[email protected]>
  • Loading branch information
@DarshitChanpura
DarshitChanpura authored Jul 26, 2024
1 parent 77ea464 commit 004d07b
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 6 deletions.
7 changes: 7 additions & 0 deletions src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -378,6 +378,13 @@ public OpenSearchSecurityPlugin(final Settings settings, final Path configPath)
demoCertHashes.add("a2ce3f577a5031398c1b4f58761444d837b031d0aff7614f8b9b5e4a9d59dbd1"); // esnode
demoCertHashes.add("cd708e8dc707ae065f7ad8582979764b497f062e273d478054ab2f49c5469c6"); // root-ca

// updates correct sha256sum
demoCertHashes.add("a3556d6bb61f7bd63cb19b1c8d0078d30c12739dedb0455c5792ac8627782042"); // kirk
demoCertHashes.add("25e34a9a5d4f1dceed1666eb624397bf3fe5787a7133cd32838ace0381bce1f7"); // kirk-key
demoCertHashes.add("a2ce3f577a5031398c1b4f58761444d837b031d0aff7614f8b9b5e4a9d59dbd1"); // esnode
demoCertHashes.add("ba9c5a61065f7f6115188128ffbdaa18fca34562b78b811f082439e2bef1d282"); // esnode-key
demoCertHashes.add("bcd708e8dc707ae065f7ad8582979764b497f062e273d478054ab2f49c5469c6"); // root-ca

final SecurityManager sm = System.getSecurityManager();

if (sm != null) {
Expand Down
10 changes: 5 additions & 5 deletions src/main/java/org/opensearch/security/tools/democonfig/Certificates.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ public enum Certificates {
"KRVHWCFiR7bZhHGLq3br8hSu0hwjb3oGa1ZI8dui6ujyZt6nm6BoEkau3G/6+zq9",
"E6vX3+8Fj4HKCAL6i0SwfGmEpTNp5WUhqibK/fMhhmMT4Mx6MxkT+OFnIjdUU0S/",
"e3kgnG8qjficUr38CyEli1U0M7koIXUZI7r+LQ==",
"-----END CERTIFICATE-----"
"-----END CERTIFICATE-----\n"
)
)
),
Expand Down Expand Up @@ -83,7 +83,7 @@ public enum Certificates {
"mQGwy8vIqMjAdHGLrCS35sVYBXG13knS52LJHvbVee39AbD5/LlWvjJGlQMzCLrw",
"F7oILW5kXxhb8S73GWcuMbuQMFVHFONbZAZgn+C9FW4l7XyRdkrbR1MRZ2km8YMs",
"/AHmo368d4PSNRMMzLHw8Q==",
"-----END PRIVATE KEY-----"
"-----END PRIVATE KEY-----\n"
)
)
),
Expand Down Expand Up @@ -115,7 +115,7 @@ public enum Certificates {
"hUBqIEAYly1EqH/y45APiRt3Nor1yF6zEI4TnL0yNrHw6LyQkUNCHIGMJLfnJQ9L",
"camMGIXOx60kXNMTigF9oXXwixWAnDM9y3QT8QXA7hej/4zkbO+vIeV/7lGUdkyg",
"PAi92EvyxmsliEMyMR0VINl8emyobvfwa7oMeWMR+hg=",
"-----END CERTIFICATE-----"
"-----END CERTIFICATE-----\n"
)
)
),
Expand Down Expand Up @@ -150,7 +150,7 @@ public enum Certificates {
"tu49A/0KZu4PBjrFMYTSEWGNJez3Fb2VsJwylVl6HivwbP61FhlYfyksCzQQFU71",
"+x7Nmybp7PmpEBECr3deoZKQ/acNHn0iwb0It+YqV5+TquQebqgwK6WCLsMuiYKT",
"bg/ch9Rhxbq22yrVgWHh6epp",
"-----END PRIVATE KEY-----"
"-----END PRIVATE KEY-----\n"
)
)
),
Expand Down Expand Up @@ -185,7 +185,7 @@ public enum Certificates {
"1yVJon6RkUGtqBqKIuLksKwEr//ELnjmXit4LQKSnqKr0FTCB7seIrKJNyb35Qnq",
"qy9a/Unhokrmdda1tr6MbqU8l7HmxLuSd/Ky+L0eDNtYv6YfMewtjg0TtAnFyQov",
"rdXmeq1dy9HLo3Ds4AFz3Gx9076TxcRS/iI=",
"-----END CERTIFICATE-----"
"-----END CERTIFICATE-----\n"
)
)
);
Expand Down
2 changes: 1 addition & 1 deletion src/test/java/org/opensearch/security/tools/democonfig/CertificateGeneratorTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,7 @@ private static String readPEMFile(String pemFilePath) throws Exception {
try (BufferedReader reader = new BufferedReader(new FileReader(pemFilePath))) {
String line;
while ((line = reader.readLine()) != null) {
pemContent.append(line).append("\n");
pemContent.append(line);
}
}
return pemContent.toString();
Expand Down

0 comments on commit 004d07b

Please sign in to comment.