Guest

Preview Tool

Cisco Bug: CSCuq68930 - clustershow cmd gives traceback and thrown out of CLI in FIPS mode

Last Modified

Nov 12, 2016

Products (1)

  • Cisco Email Security Appliance

Known Affected Releases

8.0.2-055 8.0.2-063

Description (partial)

This issue is related to FIPS version only. Currently we have all of high visibility who use FIPS. Trace back and boot of CLI panic the customer.

Symptom:
The sshconfig -> CLUSTERSHOW command on Fips versions, generate trace back error and boot out of CLI session instead of showing configuration.

Traceback (most recent call last):
  File "/usr/build/iproot/ap/ipoe/ipoe/bootstrap.py";, line 55, in <module>
  File "/data/lib/python2.6_8_amd64_nothr/runpy.py";, line 128, in _run_module_as_main
    "__main__", fname, loader, pkg_name)
  File "/data/lib/python2.6_8_amd64_nothr/runpy.py";, line 34, in _run_code
    exec code in run_globals
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 42134, in <module>
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 30481, in main
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 863, in command_loop
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 38651, in do_command
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 38902, in main_input_run
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 38664, in run_func
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 33063, in sshconfig
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 38902, in main_input_run
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 38664, in run_func
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 33047, in _sshd_config
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 38902, in main_input_run
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 38664, in run_func
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 39807, in clustershow

Conditions:
Repro:
install Fips version 8.0.2-055 or 8.0.2-063
create a cluster
run sshconfig
switch to Cluster Mode
enter CLUSTERSHOW
trace back and boot out of CLI session

Expected results:
show configuration

Actual result:

Traceback (most recent call last):
  File "/usr/build/iproot/ap/ipoe/ipoe/bootstrap.py";, line 55, in <module>
  File "/data/lib/python2.6_8_amd64_nothr/runpy.py";, line 128, in _run_module_as_main
    "__main__", fname, loader, pkg_name)
  File "/data/lib/python2.6_8_amd64_nothr/runpy.py";, line 34, in _run_code
    exec code in run_globals
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 42134, in <module>
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 30481, in main
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 863, in command_loop
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 38651, in do_command
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 38902, in main_input_run
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 38664, in run_func
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 33063, in sshconfig
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 38902, in main_input_run
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 38664, in run_func
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 33047, in _sshd_config
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 38902, in main_input_run
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 38664, in run_func
  File "build/bdist.freebsd-8.2-RELEASE-amd64/egg/cli.py";, line 39807, in clustershow
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.