Project

Profile

Help

Task #7537

closed

Pulp - Task #7960: FIPS and support for ALLOWED_CONTENT_CHECKSUMS

Add support for ALLOWED_CONTENT_CHECKSUMS

Added by daviddavis over 3 years ago. Updated about 3 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
High
Assignee:
Sprint/Milestone:
Start date:
Due date:
% Done:

100%

Estimated time:
(Total: 0:00 h)
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Sprint 90
Quarter:

Description

The pulp_rpm should honor ALLOWED_CONTENT_CHECKSUMS. Some areas that might be affected (that I know of) include syncing (and verifying content), upload, and when publishing content.

Test these repos

All repos need to be tested with md5 only being disallowed, and then again with both 'md5' and 'sha1' being disallowed.

https://cdn.redhat.com/content/dist/rhel/server/6/6Server/x86_64/extras/os
https://cdn.redhat.com/content/dist/rhel/server/6/6Server/x86_64/optional/os
https://cdn.redhat.com/content/dist/rhel/server/6/6Server/x86_64/supplementary/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/extras/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/optional/os
https://cdn.redhat.com/content/dist/rhel/server/6/6Server/x86_64/rhscl/1/os
http://mirror.centos.org/centos-7/7/extras/x86_64/
http://mirror.centos.org/centos-7/7/sclo/x86_64/sclo/
https://cdn.redhat.com/content/eus/rhel/server/6/6.6/x86_64/optional/os
https://cdn.redhat.com/content/dist/rhel/server/7/7.7/x86_64/kickstart
https://cdn.redhat.com/content/dist/rhel8/8.0/x86_64/baseos/kickstart
https://mirrors.kernel.org/fedora-epel/7/x86_64/
https://cdn.redhat.com/content/dist/rhel/server/6/6.7/x86_64/kickstart
https://cdn.redhat.com/content/eus/rhel/server/6/6.6/x86_64/rhscl/1/os
https://cdn.redhat.com/content/eus/rhel/server/6/6.6/x86_64/os
https://cdn.redhat.com/content/dist/rhel/server/7/7.3/x86_64/kickstart
https://cdn.redhat.com/content/dist/rhel8/8.0/x86_64/appstream/kickstart
https://cdn.redhat.com/content/eus/rhel/server/7/7.3/x86_64/optional/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.3/x86_64/supplementary/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.3/x86_64/rhscl/1/os
http://mirror.centos.org/centos-6/6/os/x86_64/
https://cdn.redhat.com/content/dist/rhel/server/6/6Server/x86_64/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/ansible/2.5/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/rhgs-server-nfs/3.1/os
https://cdn.redhat.com/content/dist/rhel/server/7/7.6/x86_64/kickstart
https://cdn.redhat.com/content/dist/rhel/workstation/7/7.5/x86_64/kickstart
https://mirrors.kernel.org/fedora-epel/8/Everything/x86_64/
https://cdn.redhat.com/content/dist/rhel/workstation/7/7Workstation/x86_64/insights/3/os
https://cdn.redhat.com/content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os
https://cdn.redhat.com/content/dist/rhel/workstation/7/7Workstation/x86_64/rh-common/os
https://cdn.redhat.com/content/dist/rhel/workstation/7/7Workstation/x86_64/os
https://cdn.redhat.com/content/dist/rhel/workstation/7/7Workstation/x86_64/extras/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/rh-gluster-samba/3.1/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/rhgs-server/3.1/os
https://cdn.redhat.com/content/dist/rhel/server/6/6.10/x86_64/kickstart
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/rhgs-nagios/3.1/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/rhscon-agent/2/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/rhscon-installer/2/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/rhscon-main/2/os
http://mirror.centos.org/centos-6/6/updates/x86_64/
https://cdn.redhat.com/content/dist/rhel/server/6/6Server/x86_64/rhs-client/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/rhs-client/os
http://mirror.centos.org/centos-7/7/sclo/x86_64/rh/
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/supplementary/os
https://cdn.redhat.com/content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os
https://cdn.redhat.com/content/dist/rhel/workstation/7/7.6/x86_64/kickstart
http://mirror.centos.org/centos-7/7/updates/x86_64/
https://cdn.redhat.com/content/dist/rhel/server/6/6.8/x86_64/kickstart
https://cdn.redhat.com/content/dist/rhel/server/6/6.9/x86_64/kickstart
https://cdn.redhat.com/content/eus/rhel/server/6/6.6/x86_64/sat-tools/6.2/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os
http://mirror.centos.org/centos-7/7/os/x86_64/
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/ansible/2.7/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.3/x86_64/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.6/x86_64/os
https://cdn.redhat.com/content/dist/rhel/server/7/7.4/x86_64/kickstart
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/sat-maintenance/6/os
https://cdn.redhat.com/content/dist/rhel/server/7/7.5/x86_64/kickstart
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/rhgs-server-bigdata/3.1/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/rhgs-server-splunk/3.1/os
https://cdn.redhat.com/content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/ansible/2.6/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/dotnet/1/os
https://cdn.redhat.com/content/dist/rhel/server/6/6.10/x86_64/optional/os
https://cdn.redhat.com/content/eus/rhel/server/7/7Server/x86_64/sat-tools/6.5/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.5/x86_64/sat-tools/6.5/os
https://cdn.redhat.com/content/dist/rhel/server/7/7.7/x86_64/optional/os
https://cdn.redhat.com/content/dist/rhel/server/7/7.4/x86_64/optional/os
https://cdn.redhat.com/content/eus/rhel/server/6/6.7/x86_64/supplementary/os
https://cdn.redhat.com/content/eus/rhel/server/6/6.7/x86_64/optional/os
https://cdn.redhat.com/content/eus/rhel/server/6/6.7/x86_64/rhscl/1/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.5/x86_64/rhscl/1/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.5/x86_64/os
https://cdn.redhat.com/content/dist/rhel/server/6/6.7/x86_64/optional/os
https://cdn.redhat.com/content/dist/rhel/server/6/6.10/x86_64/os
https://cdn.redhat.com/content/dist/rhel/server/6/6.8/x86_64/os
https://cdn.redhat.com/content/dist/rhel/server/6/6.6/x86_64/os
https://cdn.redhat.com/content/eus/rhel/server/6/6.7/x86_64/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.5/x86_64/supplementary/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.5/x86_64/sat-tools/6.4/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.5/x86_64/optional/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.3/x86_64/sat-tools/6.4/os
https://cdn.redhat.com/content/dist/rhel8/8/x86_64/appstream/os
https://cdn.redhat.com/content/dist/rhel8/8/x86_64/baseos/os
https://cdn.redhat.com/content/dist/rhel8/8/x86_64/supplementary/os
https://cdn.redhat.com/content/dist/rhel8/8/x86_64/baseos/kickstart
https://cdn.redhat.com/content/dist/rhel8/8/x86_64/appstream/kickstart
https://mirrors.kernel.org/fedora-epel/6Server/x86_64/
https://cdn.redhat.com/content/dist/rhel/server/7/7.6/x86_64/optional/os
https://cdn.redhat.com/content/dist/rhel/server/7/7.3/x86_64/optional/os
https://cdn.redhat.com/content/dist/rhel/server/6/6.9/x86_64/os
https://cdn.redhat.com/content/dist/rhel/server/6/6.8/x86_64/optional/os
https://cdn.redhat.com/content/dist/rhel/server/6/6.7/x86_64/os
https://cdn.redhat.com/content/dist/rhel/server/6/6.9/x86_64/optional/os
https://cdn.redhat.com/content/dist/rhel/server/7/7.5/x86_64/optional/os
https://cdn.redhat.com/content/dist/rhel/server/7/7.2/x86_64/optional/os
https://cdn.redhat.com/content/dist/rhel/server/7/7.6/x86_64/os
https://cdn.redhat.com/content/dist/rhel/server/7/7.5/x86_64/os
https://cdn.redhat.com/content/dist/rhel/server/7/7.3/x86_64/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.6/x86_64/sat-tools/6.5/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.6/x86_64/optional/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/sat-capsule/6.6/os
https://cdn.redhat.com/content/dist/rhel/server/6/6Server/x86_64/sat-tools/6.6/os
https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/sat-tools/6.6/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/ansible/2.8/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.6/x86_64/sat-tools/6.6/os
https://cdn.redhat.com/content/dist/rhel/server/7/7.7/x86_64/os
https://cdn.redhat.com/content/dist/rhel8/8.1/x86_64/appstream/kickstart
https://cdn.redhat.com/content/dist/rhel/server/7/7.4/x86_64/os
https://cdn.redhat.com/content/dist/rhel/server/7/7.2/x86_64/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.6/x86_64/supplementary/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.6/x86_64/rhscl/1/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/sat-tools/6.6/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.5/x86_64/sat-tools/6.6/os
https://cdn.redhat.com/content/dist/rhel8/8.1/x86_64/baseos/kickstart
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/highavailability/os
https://packages.vmware.com/tools/releases/10.3.5/rhel6/x86_64/
https://cdn.redhat.com/content/dist/rhel/server/7/7.8/x86_64/kickstart
https://cdn.redhat.com/content/eus/rhel/server/7/7.7/x86_64/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.7/x86_64/supplementary/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.7/x86_64/rhscl/1/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.7/x86_64/optional/os
https://cdn.redhat.com/content/eus/rhel/server/7/7.7/x86_64/sat-tools/6.6/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/sat-capsule/6.7/os
https://cdn.redhat.com/content/dist/rhel/server/6/6Server/x86_64/sat-tools/6.7/os
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/sat-tools/6.7/os
https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/sat-tools/6.7/os
https://cdn.redhat.com/content/dist/rhel8/8.2/x86_64/appstream/kickstart
https://cdn.redhat.com/content/dist/rhel8/8.2/x86_64/baseos/kickstart
http://mirror.centos.org/centos-8/8/BaseOS/x86_64/os/
http://mirror.centos.org/centos-8/8/AppStream/x86_64/os/

Sub-issues 1 (0 open1 closed)

Story #7855: FIPS: Serializer needs to build checksum-algorithm-choice from Artifact.DIGEST_FIELDS, not its own constantsCLOSED - CURRENTRELEASEppicka

Actions

Related issues

Related to Pulp - Story #5216: As a user, I can configure which checksum types I want to use in PulpCLOSED - CURRENTRELEASEggainey

Actions
Related to Pulp - Story #3778: [Epic] As a user, I can run Pulp 3 in a FIPS-enabled environmentCLOSED - CURRENTRELEASE

Actions
Related to Pulp - Issue #7836: Import fails when ArtifactResource.json has blank checksumsCLOSED - CURRENTRELEASEdaviddavisActions
Has duplicate RPM Support - Story #5188: As a user, I can run Pulp 3 with pulp_rpm in FIPS modeCLOSED - DUPLICATE

Actions

Also available in: Atom PDF