From b3ae09a48cf7cb21e3562509717381e4c4133454 Mon Sep 17 00:00:00 2001

From: Jakub Filak <jfilak@redhat.com>

Date: Wed, 22 Oct 2014 08:12:44 +0200

Subject: [LIBREPORT PATCH 101/105] ureport: use entit certs with 'rhsm' and

 drop 'rhsm-entitlement'

/etc/pki/consumer certificates cannot be used for authentication in

Strata. Martin Milata has correctly pointed out that it does not make

sense to have both 'rhsm' and 'rhsm-entitlement' options.

Related #1140224

Signed-off-by: Jakub Filak <jfilak@redhat.com>

---

 doc/reporter-ureport.txt |  6 ++----

 src/lib/ureport.c        | 11 -----------

 src/plugins/ureport.conf |  4 +---

 3 files changed, 3 insertions(+), 18 deletions(-)

diff --git a/doc/reporter-ureport.txt b/doc/reporter-ureport.txt

index 807f1e1..1a67441 100644

--- a/doc/reporter-ureport.txt

+++ b/doc/reporter-ureport.txt

@@ -35,10 +35,8 @@ Configuration file lines should have 'PARAM = VALUE' format. The parameters are:

    Possible values are:

    'rhsm';;

-      Uses the system certificate that is used for Red Hat subscription management.

-

-   'rhsm-entitlement';;

-      Same as 'rhsm' but uses the V3 RHSM entitlement certificates.

+      Uses the system V3 entitlement certificate that is used for Red Hat

+      subscription management.

    'puppet';;

       Uses the certificate that is used by the Puppet configuration management tool.

diff --git a/src/lib/ureport.c b/src/lib/ureport.c

index 99e84ef..5782b4e 100644

--- a/src/lib/ureport.c

+++ b/src/lib/ureport.c

@@ -32,9 +32,6 @@

 #define RHSM_WEB_SERVICE_URL "https://api.access.redhat.com/rs/telemetry/abrt"

-#define RHSM_CERT_PATH "/etc/pki/consumer/cert.pem"

-#define RHSM_KEY_PATH "/etc/pki/consumer/key.pem"

-

 #define RHSMENT_PEM_DIR_PATH "/etc/pki/entitlement"

 #define RHSMENT_ENT_DATA_BEGIN_TAG "-----BEGIN ENTITLEMENT DATA-----"

 #define RHSMENT_ENT_DATA_END_TAG "-----END ENTITLEMENT DATA-----"

@@ -94,14 +91,6 @@ ureport_server_config_set_client_auth(struct ureport_server_config *config,

         if (config->ur_url == NULL)

             ureport_server_config_set_url(config, xstrdup(RHSM_WEB_SERVICE_URL));

-        config->ur_client_cert = xstrdup(RHSM_CERT_PATH);

-        config->ur_client_key = xstrdup(RHSM_KEY_PATH);

-    }

-    else if (strcmp(client_auth, "rhsm-entitlement") == 0)

-    {

-        if (config->ur_url == NULL)

-            ureport_server_config_set_url(config, xstrdup(RHSM_WEB_SERVICE_URL));

-

         GList *certs = get_file_list(RHSMENT_PEM_DIR_PATH, "pem");

         if (g_list_length(certs) < 2)

         {

diff --git a/src/plugins/ureport.conf b/src/plugins/ureport.conf

index e7bd66b..9e0415f 100644

--- a/src/plugins/ureport.conf

+++ b/src/plugins/ureport.conf

@@ -22,10 +22,8 @@ AuthDataItems = hostname, machineid

 # 'IncludeAuthData' to 'yes'.

 # None (default):

 # SSLClientAuth =

-# Using RH subscription management certificate:

-# SSLClientAuth = rhsm

 # Using RH subscription management entitlement certificate:

-# SSLClientAuth = rhsm-entitlement

+# SSLClientAuth = rhsm

 # Using Puppet certificate:

 # SSLClientAuth = puppet

 # Using custom certificate:

-- 

1.8.3.1