Branch: refs/heads/master
Home: https://github.com/Checkmk/checkmk
Commit: 071161f1e02bfe77d678a537aedc1781b6190c6b
https://github.com/Checkmk/checkmk/commit/071161f1e02bfe77d678a537aedc1781b…
Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com>
Date: 2024-03-21 (Thu, 21 Mar 2024)
Changed paths:
A .werks/16617.md
M cmk/gui/type_defs.py
M cmk/gui/userdb/session.py
M cmk/gui/utils/encrypter.py
M cmk/utils/crypto/secrets.py
M tests/unit/cmk/gui/userdb/test_userdb.py
M tests/unit/cmk/gui/utils/test_encryption.py
M tests/unit/cmk/utils/crypto/test_secrets.py
Log Message:
-----------
16617 Use session specific key for ValueSpec encryption
When a user edits a configuration e.g. for a special agent with an explicit password the complete configuration is transfered to the user.
To not reveal the password in cleartext this field is encrypted.
The key for that encryption was previously to this Werk shared amongst all users (a salt was used though).
With this Werk every user session has now a secret dedicated to this encryption so the key is rotated often and not shared amongst other users.
CMK-11925
Change-Id: I1ec79d9ce50845c86088196b00652b77af61a356
To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications
Branch: refs/heads/master
Home: https://github.com/Checkmk/checkmk
Commit: 2702de8d06464209cb1b5e8a8ff1d1d332b4eb42
https://github.com/Checkmk/checkmk/commit/2702de8d06464209cb1b5e8a8ff1d1d33…
Author: Matteo Stifano <matteo.stifano(a)checkmk.com>
Date: 2024-03-21 (Thu, 21 Mar 2024)
Changed paths:
M tests/update/conftest.py
Log Message:
-----------
test_update: Remove outdated conditional statement
Such statement is always False in the Master branch since we are now
using 2.3.0* base versions.
No need to keep it there.
Change-Id: I548d736a133df5e685a65da02b29053d40c861b6
To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications