You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Abhinandan Prateek (JIRA)" <ji...@apache.org> on 2013/09/04 12:45:52 UTC
[jira] [Updated] (CLOUDSTACK-4493) registerSSHKeyPair API doc
contains wrong API response (private key)
[ https://issues.apache.org/jira/browse/CLOUDSTACK-4493?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Abhinandan Prateek updated CLOUDSTACK-4493:
-------------------------------------------
Priority: Critical (was: Major)
> registerSSHKeyPair API doc contains wrong API response (private key)
> --------------------------------------------------------------------
>
> Key: CLOUDSTACK-4493
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-4493
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Components: Doc, Management Server
> Reporter: Harikrishna Patnala
> Assignee: Harikrishna Patnala
> Priority: Critical
> Fix For: 4.2.1
>
>
> registerSSHKeyPair API returns only name and fingerprint of the ssh keypair (sets null to private key parameter).
> Our API doc http://cloudstack.apache.org/docs/api/apidocs-4.1/user/registerSSHKeyPair.html
> has an extra parameter private key in response which anyway we return null.
> Response Name : Description
> -------------------------------------------------
> fingerprint : Fingerprint of the public key
> name : Name of the keypair
> privatekey : Private key
> This is because we use same response object for all ssh key pair related APIs.
> In this case it is misleading and seems like CS API leaks implementation details.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira