Bug 1777129: Birthday attack against 64-bit block ciphers [Release-4.4]

[benjaminapetersen]

Update tls.Config with DefaultCiphers() from library-go.

library-go file:
https://github.com/openshift/library-go/blob/11013d437d762f00827c7e80d18b0a7b0abc07bd/pkg/crypto/crypto.go#L242

Note that Bug 1745431 is for 3.11, but I assume we want to apply to current console & backport?

Will require backports 4.4,4.3,4.2,4.1, 3.11.

/assign @spadgett

[openshift-ci-robot]

@benjaminapetersen: This pull request references Bugzilla bug 1745431, which is invalid:

• expected the bug to target the "4.3.0" release, but it targets "3.11.z" instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

Details

In response to this:

Bug 1745431: Birthday attack against 64-bit block ciphers

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci-robot]

@benjaminapetersen: This pull request references Bugzilla bug 1745431, which is invalid:

• expected the bug to target the "4.3.0" release, but it targets "3.11.z" instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

Details

In response to this:

Bug 1745431: Birthday attack against 64-bit block ciphers

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci-robot]

@benjaminapetersen: This pull request references Bugzilla bug 1745431, which is invalid:

• expected the bug to target the "4.3.0" release, but it targets "3.11.z" instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

Details

In response to this:

Bug 1745431: Birthday attack against 64-bit block ciphers

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[benjaminapetersen]

expected the bug to target the "4.3.0" release, but it targets "3.11.z" instead

Assuming this may be relevant to 4.x as well, not sure why the bug only targets 3.11.

[spadgett]

/bugzilla refresh

[openshift-ci-robot]

@spadgett: This pull request references Bugzilla bug 1745431, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[spadgett]

Needs gofmt

[benjaminapetersen]

fmt'd

[benjaminapetersen]

Added a unit test.
I think this is the only test 😛 😮

[benjaminapetersen]

gofmt checking failed:
cmd/bridge/main.go

Grrrr GoLand you fail me!

[benjaminapetersen]

/retest

 A Jasmine spec timed out. Resetting the WebDriver Control Flow. 

[benjaminapetersen]

/retest

Jasmine timeout

[openshift-bot]

/retest

Please review the full test history for this PR and help us cut down flakes.

[openshift-bot]

/retest

Please review the full test history for this PR and help us cut down flakes.

[openshift-bot]

/retest

Please review the full test history for this PR and help us cut down flakes.

[openshift-bot]

/retest

Please review the full test history for this PR and help us cut down flakes.

[openshift-bot]

/retest

Please review the full test history for this PR and help us cut down flakes.

[openshift-bot]

/retest

Please review the full test history for this PR and help us cut down flakes.

[openshift-ci-robot]

@benjaminapetersen: All pull requests linked via external trackers have merged. Bugzilla bug 1777129 has been moved to the MODIFIED state.

Details

In response to this:

Bug 1777129: Birthday attack against 64-bit block ciphers

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-cherrypick-robot]

@benjaminapetersen: failed to push cherry-picked changes in GitHub: pushing failed, output: "remote: Not Found\nfatal: repository 'https://openshift-cherrypick-robot:CENSORED@github.com/openshift-cherrypick-robot/openshift/console/' not found\n", error: exit status 128

Details

In response to this:

/cherry-pick release-4.3
/cherry-pick release-4.2
/cherry-pick release-4.1
/cherry-pick release-3.11

I forget if you need these in separate comments, and if it has to wait for a complete merge.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-cherrypick-robot]

@benjaminapetersen: failed to push cherry-picked changes in GitHub: pushing failed, output: "remote: Not Found\nfatal: repository 'https://openshift-cherrypick-robot:CENSORED@github.com/openshift-cherrypick-robot/openshift/console/' not found\n", error: exit status 128

Details

In response to this:

/cherry-pick release-4.2

looks like 1 per comment

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-cherrypick-robot]

@benjaminapetersen: #3389 failed to apply on top of branch "release-4.1":

.git/rebase-apply/patch:155: trailing whitespace.
  else    
.git/rebase-apply/patch:159: trailing whitespace.
done 
.git/rebase-apply/patch:179: trailing whitespace.
    echo "invalid cipher suite used to connect to console (${CIPHER})"  
.git/rebase-apply/patch:180: trailing whitespace.
    exit 1  
.git/rebase-apply/patch:181: trailing whitespace.
  else    
warning: 5 lines add whitespace errors.
error: Failed to merge in the changes.
Using index info to reconstruct a base tree...
M	cmd/bridge/main.go
A	pkg/serverconfig/types.go
M	test-prow-e2e.sh
Falling back to patching base and 3-way merge...
Auto-merging test-prow-e2e.sh
CONFLICT (modify/delete): pkg/serverconfig/types.go deleted in HEAD and modified in Update tls.Config with DefaultCiphers() from library-go. Version Update tls.Config with DefaultCiphers() from library-go of pkg/serverconfig/types.go left in tree.
Auto-merging cmd/bridge/main.go
CONFLICT (content): Merge conflict in cmd/bridge/main.go
Patch failed at 0001 Update tls.Config with DefaultCiphers() from library-go

Details

In response to this:

/cherry-pick release-4.1

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-cherrypick-robot]

@benjaminapetersen: #3389 failed to apply on top of branch "release-3.11":

.git/rebase-apply/patch:155: trailing whitespace.
  else    
.git/rebase-apply/patch:159: trailing whitespace.
done 
.git/rebase-apply/patch:179: trailing whitespace.
    echo "invalid cipher suite used to connect to console (${CIPHER})"  
.git/rebase-apply/patch:180: trailing whitespace.
    exit 1  
.git/rebase-apply/patch:181: trailing whitespace.
  else    
warning: 5 lines add whitespace errors.
error: Failed to merge in the changes.
Using index info to reconstruct a base tree...
M	cmd/bridge/main.go
A	pkg/serverconfig/types.go
A	test-prow-e2e.sh
Falling back to patching base and 3-way merge...
CONFLICT (modify/delete): test-prow-e2e.sh deleted in HEAD and modified in Update tls.Config with DefaultCiphers() from library-go. Version Update tls.Config with DefaultCiphers() from library-go of test-prow-e2e.sh left in tree.
CONFLICT (modify/delete): pkg/serverconfig/types.go deleted in HEAD and modified in Update tls.Config with DefaultCiphers() from library-go. Version Update tls.Config with DefaultCiphers() from library-go of pkg/serverconfig/types.go left in tree.
Auto-merging cmd/bridge/main.go
CONFLICT (content): Merge conflict in cmd/bridge/main.go
Patch failed at 0001 Update tls.Config with DefaultCiphers() from library-go

Details

In response to this:

/cherry-pick release-3.11

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[spadgett]

/cherrypick release-4.3

[openshift-cherrypick-robot]

@spadgett: new pull request created: #3684

Details

In response to this:

/cherrypick release-4.3

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[spadgett]

/cherrypick release-4.2

[openshift-cherrypick-robot]

@spadgett: new pull request created: #3685

Details

In response to this:

/cherrypick release-4.2

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[benjaminapetersen]

Hmm. My first cherry picks didn't work, apparently.

[benjaminapetersen]

/cherrypick release-4.1

[openshift-cherrypick-robot]

@benjaminapetersen: #3389 failed to apply on top of branch "release-4.1":

.git/rebase-apply/patch:155: trailing whitespace.
  else    
.git/rebase-apply/patch:159: trailing whitespace.
done 
.git/rebase-apply/patch:179: trailing whitespace.
    echo "invalid cipher suite used to connect to console (${CIPHER})"  
.git/rebase-apply/patch:180: trailing whitespace.
    exit 1  
.git/rebase-apply/patch:181: trailing whitespace.
  else    
warning: 5 lines add whitespace errors.
error: Failed to merge in the changes.
Using index info to reconstruct a base tree...
M	cmd/bridge/main.go
A	pkg/serverconfig/types.go
M	test-prow-e2e.sh
Falling back to patching base and 3-way merge...
Auto-merging test-prow-e2e.sh
CONFLICT (modify/delete): pkg/serverconfig/types.go deleted in HEAD and modified in Update tls.Config with DefaultCiphers() from library-go. Version Update tls.Config with DefaultCiphers() from library-go of pkg/serverconfig/types.go left in tree.
Auto-merging cmd/bridge/main.go
CONFLICT (content): Merge conflict in cmd/bridge/main.go
Patch failed at 0001 Update tls.Config with DefaultCiphers() from library-go

Details

In response to this:

/cherrypick release-4.1

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[benjaminapetersen]

Ah, will have to manually do the 4.1 & 3.11.

[sdodson]

/bugzilla refresh

[openshift-ci-robot]

@sdodson: All pull requests linked via external trackers have merged. Bugzilla bug 1777129 has been moved to the MODIFIED state.

Details

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.