Task #7853
Task #7960: FIPS and support for ALLOWED_CONTENT_CHECKSUMS
FIPS: downloader needs to notice if expected-digest-algorithm is FORBIDDEN
Start date:
Due date:
% Done:
0%
Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:
Description
See https://github.com/pulp/pulpcore/blob/master/pulpcore/app/models/repository.py#L302
If a RemoteArtifact has a digest-algorithm specified that is NOT in Artifact.DIGEST_FIELDS, current behavior is to ignore it and just build the rest of the digests. We need instead to notice an empty expected_digests, check for specified-algorithms in Artifact.FORBIDDEN_DIGESTS, and raise an exception when that happens.
See https://hackmd.io/d5y1IaW_QaSJ-DsosMDkjg?view for more discussion.
History
#3
Updated by daviddavis 10 months ago
- Parent task set to #7960
#6
Updated by daviddavis 7 months ago
- Sprint/Milestone set to 3.11.0
#7
Updated by daviddavis 7 months ago
- Assignee changed from ppicka to daviddavis
#8
Updated by daviddavis 7 months ago
- Sprint/Milestone changed from 3.11.0 to 3.12.0
#9
Updated by daviddavis 6 months ago
- Status changed from ASSIGNED to NEW
- Assignee deleted (
daviddavis)
#10
Updated by daviddavis 6 months ago
- Status changed from NEW to ASSIGNED
- Assignee set to daviddavis
#12
Updated by daviddavis 6 months ago
Closing in favor of #8435
#13
Updated by daviddavis 6 months ago
- Status changed from POST to CLOSED - WONTFIX
Please register to edit this issue
.