Task #7853
Story #7960: FIPS and support for ALLOWED_CONTENT_CHECKSUMS
FIPS: downloader needs to notice if expected-digest-algorithm is FORBIDDEN
Start date:
Due date:
% Done:
0%
Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:
Description
See https://github.com/pulp/pulpcore/blob/master/pulpcore/app/models/repository.py#L302
If a RemoteArtifact has a digest-algorithm specified that is NOT in Artifact.DIGEST_FIELDS, current behavior is to ignore it and just build the rest of the digests. We need instead to notice an empty expected_digests, check for specified-algorithms in Artifact.FORBIDDEN_DIGESTS, and raise an exception when that happens.
See https://hackmd.io/d5y1IaW_QaSJ-DsosMDkjg?view for more discussion.
History
#1
Updated by fao89 about 2 months ago
- Tracker changed from Issue to Task
- % Done set to 0
- Severity deleted (
2. Medium) - Triaged deleted (
No)
#2
Updated by ppicka about 2 months ago
- Status changed from NEW to ASSIGNED
- Assignee set to ppicka
#3
Updated by daviddavis about 1 month ago
- Parent task set to #7960
#4
Updated by pulpbot about 1 month ago
- Status changed from ASSIGNED to POST
Please register to edit this issue