Project

Profile

Help

Issue #1667

repo protection is not properling looking for client cert (causing ISE 500)

Added by jsherril@redhat.com over 5 years ago. Updated over 2 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Master
Platform Release:
2.8.0
OS:
CentOS 7
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:

Description

This line here

https://github.com/pulp/pulp/blob/master/oid_validation/pulp/oid_validation/oid_validation.py#L32

seems to be not looking up the SSL client certificate properly. It throws an exception:

Exception Type: KeyError
Exception Value:
'mod_ssl.var_lookup'

on that line. This is through apache.

Associated revisions

Revision 4ba83c87 View on GitHub
Added by Jeremy Cline over 5 years ago

Use SSL_CLIENT_CERT and fall back to mod_ssl.var_lookup.

Depending on how a request arrives and who is performing the authentication, mod_ssl.var_lookup may not be present and SSL_CLIENT_CERT is. This commit causes the authenticator to look in both locations for the certificate and if neither can be found, it returns False. Previously, it would cause an HTTP 500 by raising a KeyError.

closes #1667

Revision 4ba83c87 View on GitHub
Added by Jeremy Cline over 5 years ago

Use SSL_CLIENT_CERT and fall back to mod_ssl.var_lookup.

Depending on how a request arrives and who is performing the authentication, mod_ssl.var_lookup may not be present and SSL_CLIENT_CERT is. This commit causes the authenticator to look in both locations for the certificate and if neither can be found, it returns False. Previously, it would cause an HTTP 500 by raising a KeyError.

closes #1667

History

#1 Updated by jcline@redhat.com over 5 years ago

  • Status changed from NEW to ASSIGNED
  • Assignee set to jcline@redhat.com
  • Platform Release set to 2.8.0

#2 Updated by jcline@redhat.com over 5 years ago

  • Status changed from ASSIGNED to POST
  • Triaged changed from No to Yes

#3 Updated by Anonymous over 5 years ago

  • Status changed from POST to MODIFIED
  • % Done changed from 0 to 100

#4 Updated by dkliban@redhat.com over 5 years ago

  • Status changed from MODIFIED to 5

#5 Updated by dkliban@redhat.com over 5 years ago

  • Status changed from 5 to CLOSED - CURRENTRELEASE

#6 Updated by bmbouter over 2 years ago

  • Tags Pulp 2 added

Please register to edit this issue

Also available in: Atom PDF