Project

Profile

Help

Issue #962

basic auth for repo sync does not work

Added by cduryee over 6 years ago. Updated about 2 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
High
Assignee:
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Master
Platform Release:
2.7.0
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:

Description

When creating repos with pulp-admin, the password sanitization appears to be incorrectly replacing the basic auth password with the string '*****' when passing the value down to nectar. This should only occur when returning the password via API.

To repro:

  • create an upstream repository that is protected by basic auth
  • pulp-admin rpm repo create --repo-id basicauth --feed <path-to-upstream-repo> --basicauth-user user --basicauth-pass pass
  • attempt to sync repo

expected result: repo will sync

actual result: repo will not sync, importer will get a 403

note: commenting out password sanitization works around this issue. The password sanitizer needs to move closer to where Pulp creates and returns json in order to avoid this.

Associated revisions

Revision 846195ce View on GitHub
Added by bcourt over 6 years ago

Move password masking & serialization of the importer out of the controller and into the views

fixes #962

Revision 846195ce View on GitHub
Added by bcourt over 6 years ago

Move password masking & serialization of the importer out of the controller and into the views

fixes #962

History

#1 Updated by jortel@redhat.com over 6 years ago

  • Priority changed from Normal to High
  • Triaged changed from No to Yes

#2 Updated by mhrivnak over 6 years ago

  • Platform Release set to 2.7.0

I'm putting this on 2.7.0 so we aren't releasing a new feature that's immediately broken.

#3 Updated by bcourt over 6 years ago

  • Status changed from NEW to ASSIGNED
  • Assignee set to bcourt

#4 Updated by bcourt over 6 years ago

  • Status changed from ASSIGNED to POST

#5 Updated by bcourt over 6 years ago

  • Status changed from POST to MODIFIED
  • % Done changed from 0 to 100

#6 Updated by dkliban@redhat.com over 6 years ago

  • Status changed from MODIFIED to 5

#7 Updated by pthomas@redhat.com over 6 years ago

  • Status changed from 5 to 6

verified

[root@mgmt4 ~]# pulp-admin rpm repo create --repo-id basic-auth --feed http://file.rdu.redhat.com/~cduryee/protected/ --basicauth-user testuser --basicauth-pass testpass
Successfully created repository [basic-auth]

[root@mgmt4 ~]#
[root@mgmt4 ~]#
[root@mgmt4 ~]#
[root@mgmt4 ~]# pulp-admin rpm repo sync run --repo-id basic-auth
--------------------------------------------------------------------
Synchronizing Repository [basic-auth]
--------------------------------------------------------------------

This command may be exited via ctrl+c without affecting the request.

Downloading metadata...
[|]
... completed

Downloading repository content...
[==================================================] 100%
RPMs: 0/0 items
Delta RPMs: 0/0 items

... completed

Downloading distribution files...
[==================================================] 100%
Distributions: 0/0 items
... completed

Importing errata...
[-]
... completed

Importing package groups/categories...
[-]
... completed

Task Succeeded

Initializing repo metadata
[-]
... completed

Publishing Distribution files
[-]
... completed

Publishing RPMs
[==================================================] 100%
2 of 2 items
... completed

Publishing Delta RPMs
... skipped

Publishing Errata
[-]
... completed

Publishing Comps file
[-]
... completed

Publishing Metadata.
[-]
... completed

Closing repo metadata
[-]
... completed

Generating sqlite files
... skipped

Publishing files to web
[-]
... completed

Writing Listings File
[-]
... completed

Task Succeeded

#8 Updated by amacdona@redhat.com almost 6 years ago

  • Status changed from 6 to CLOSED - CURRENTRELEASE

#10 Updated by bmbouter over 2 years ago

  • Tags Pulp 2 added

Please register to edit this issue

Also available in: Atom PDF