Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: c6d30b391238444f8e3c8476c47fd6bccec9449e https://github.com/tribe29/checkmk/commit/c6d30b391238444f8e3c8476c47fd6bcc… Author: Joerg Herbel <joerg.herbel(a)tribe29.com> Date: 2022-06-14 (Tue, 14 Jun 2022) Changed paths: M cmk/gui/fields/__init__.py M cmk/gui/fields/definitions.py M cmk/gui/plugins/openapi/endpoints/certs.py M cmk/gui/plugins/openapi/restful_objects/request_schemas.py M tests/unit/cmk/gui/plugins/openapi/test_openapi_certs.py Log Message: ----------- REST API endpoint for CSRs: restrict to CNs which are valid UUIDs This internal endpoint is used during the agent registration process. It issues agent certificates which are later used to encrypt the transport of agent data. We want to make sure that we only issue agent certificates with CNs which are valid UUIDs. This mitigates possible attack vectors which involve the misuse of agent certificates to act as a false agent controller. CMK-10708 Change-Id: I62e683c43a45bb947abaf8886a6a7365a7ed264a