Issue #962
closedbasic auth for repo sync does not work
Description
When creating repos with pulp-admin, the password sanitization appears to be incorrectly replacing the basic auth password with the string '*****' when passing the value down to nectar. This should only occur when returning the password via API.
To repro:
- create an upstream repository that is protected by basic auth
- pulp-admin rpm repo create --repo-id basicauth --feed <path-to-upstream-repo> --basicauth-user user --basicauth-pass pass
- attempt to sync repo
expected result: repo will sync
actual result: repo will not sync, importer will get a 403
note: commenting out password sanitization works around this issue. The password sanitizer needs to move closer to where Pulp creates and returns json in order to avoid this.
Updated by jortel@redhat.com almost 9 years ago
- Priority changed from Normal to High
- Triaged changed from No to Yes
Updated by mhrivnak almost 9 years ago
- Platform Release set to 2.7.0
I'm putting this on 2.7.0 so we aren't releasing a new feature that's immediately broken.
Updated by bcourt almost 9 years ago
- Status changed from NEW to ASSIGNED
- Assignee set to bcourt
Updated by bcourt almost 9 years ago
- Status changed from ASSIGNED to POST
Added by bcourt almost 9 years ago
Added by bcourt almost 9 years ago
Revision 846195ce | View on GitHub
Move password masking & serialization of the importer out of the controller and into the views
fixes #962
Updated by bcourt almost 9 years ago
- Status changed from POST to MODIFIED
- % Done changed from 0 to 100
Applied in changeset pulp|846195cece5eec90ac210b823ece75b7bf787032.
Updated by dkliban@redhat.com almost 9 years ago
- Status changed from MODIFIED to 5
Updated by pthomas@redhat.com over 8 years ago
- Status changed from 5 to 6
verified
[root@mgmt4 ~]# pulp-admin rpm repo create --repo-id basic-auth --feed http://file.rdu.redhat.com/~cduryee/protected/ --basicauth-user testuser --basicauth-pass testpass
Successfully created repository [basic-auth]
[root@mgmt4 ~]#
[root@mgmt4 ~]#
[root@mgmt4 ~]#
[root@mgmt4 ~]# pulp-admin rpm repo sync run --repo-id basic-auth
--------------------------------------------------------------------
Synchronizing Repository [basic-auth]
--------------------------------------------------------------------
This command may be exited via ctrl+c without affecting the request.
Downloading metadata...
[|]
... completed
Downloading repository content...
[==================================================] 100%
RPMs: 0/0 items
Delta RPMs: 0/0 items
... completed
Downloading distribution files...
[==================================================] 100%
Distributions: 0/0 items
... completed
Importing errata...
[-]
... completed
Importing package groups/categories...
[-]
... completed
Task Succeeded
Initializing repo metadata
[-]
... completed
Publishing Distribution files
[-]
... completed
Publishing RPMs
[==================================================] 100%
2 of 2 items
... completed
Publishing Delta RPMs
... skipped
Publishing Errata
[-]
... completed
Publishing Comps file
[-]
... completed
Publishing Metadata.
[-]
... completed
Closing repo metadata
[-]
... completed
Generating sqlite files
... skipped
Publishing files to web
[-]
... completed
Writing Listings File
[-]
... completed
Task Succeeded
Updated by amacdona@redhat.com over 8 years ago
- Status changed from 6 to CLOSED - CURRENTRELEASE
Move password masking & serialization of the importer out of the controller and into the views
fixes #962