Actions
Issue #6694
closed
RHSM CertGuard needs to only verify the path of the Distribution.base_path
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Platform Release:
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Sprint 73
Quarter:
Updated by fao89 almost 4 years ago
- Project changed from Pulp to CertGuard
- Triaged changed from No to Yes
- Sprint set to Sprint 72
Updated by bmbouter almost 4 years ago
- Status changed from NEW to ASSIGNED
- Assignee set to bmbouter
Updated by pulpbot almost 4 years ago
- Status changed from ASSIGNED to POST
Added by bmbouter almost 4 years ago
Updated by bmbouter almost 4 years ago
- Status changed from POST to MODIFIED
Applied in changeset ff4fd03dea3b8863e0a4331ffa73e5afcb0682d4.
Added by bmbouter almost 4 years ago
Revision 50e42a32 | View on GitHub
Unskip test and RHSM path check and debug docs
This PR add:
- Docs with examples of how the RHSM path authorization works
- A debugging section on how to inspect RHSM certificates for authorized paths
- unskips a test that was failing on Travis
- A few very small fixes that did not affect users but could have been better
Updated by bmbouter almost 4 years ago
Applied in changeset 50e42a320be515026998d9a0a378b820d95b3efe.
Updated by bmbouter over 3 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
Actions
.
Adjust RHSM cert checking to only use base_path
The
RHSMCertGuardwas requiring thesettings.CONTENT_PATH_PREFIXto also be one of the authorized urls in the certificate. This is not desirable due to compatability with a huge number of certificates already deployed to clients.This PR removes the
settings.CONTENT_PATH_PREFIXfrom therequest.pathsoRHSMCertGuardauthorization check. Now only theDistribution.base_pathis expected in the client RHSM certificate.The test are also updated with new certificates and base_paths due to authorized urls changing for RHSMCertGuard.
https://pulp.plan.io/issues/6694 closes #6694