Issue #1667
closed
repo protection is not properling looking for client cert (causing ISE 500)
Description
This line here
https://github.com/pulp/pulp/blob/master/oid_validation/pulp/oid_validation/oid_validation.py#L32
seems to be not looking up the SSL client certificate properly. It throws an exception:
Exception Type: KeyError
Exception Value:
'mod_ssl.var_lookup'
on that line. This is through apache.
Updated by jcline@redhat.com about 7 years ago
- Status changed from NEW to ASSIGNED
- Assignee set to jcline@redhat.com
- Platform Release set to 2.8.0
Updated by jcline@redhat.com about 7 years ago
- Status changed from ASSIGNED to POST
- Triaged changed from No to Yes
Added by Jeremy Cline about 7 years ago
Added by Jeremy Cline about 7 years ago
Use SSL_CLIENT_CERT and fall back to mod_ssl.var_lookup.
Depending on how a request arrives and who is performing the
authentication, mod_ssl.var_lookup may not be present and
SSL_CLIENT_CERT is. This commit causes the authenticator to look in
both locations for the certificate and if neither can be found, it
returns False. Previously, it would cause an HTTP 500 by raising a
KeyError.
closes #1667
Updated by Anonymous about 7 years ago
- Status changed from POST to MODIFIED
- % Done changed from 0 to 100
Applied in changeset pulp|4ba83c87dc289c1f390e91ca7665a1d192f6c01b.
Updated by dkliban@redhat.com about 7 years ago
- Status changed from MODIFIED to 5
Updated by dkliban@redhat.com almost 7 years ago
- Status changed from 5 to CLOSED - CURRENTRELEASE
.
Use SSL_CLIENT_CERT and fall back to mod_ssl.var_lookup.
Depending on how a request arrives and who is performing the authentication,
mod_ssl.var_lookupmay not be present andSSL_CLIENT_CERTis. This commit causes the authenticator to look in both locations for the certificate and if neither can be found, it returnsFalse. Previously, it would cause an HTTP 500 by raising a KeyError.closes #1667