Project

Profile

Help

Story #4009

Updated by bmbouter about 6 years ago

In RPM for Pulp2, there is a WSGIAccessScript that uses the client script to verify the client's right to access a specific URL. This should be a RPM-specific guard that is provided by the RPM plugin. 

 In Pulp2 here are some links that are related: 

 https://github.com/pulp/pulp/tree/2-master/repoauth/pulp/repoauth     <--- the actual checking code itself 
 https://github.com/pulp/pulp_rpm/blob/2-master/plugins/etc/httpd/conf.d/pulp_rpm.conf#L48      <---- the httpd WSGIAccessScript 

 We need to get some test data posted on here that can be used for development. 

 For crypto the Red Hat security team has recommended:    https://pypi.org/project/cryptography/ as a portable crypto library for Python. 

 This should inherit from ContentGuard and be discoverable by core as an available ContentGuard. 

 Here are some field names: 

 class OidContentGuard(ContentGuard): 

 * name 32 Charfield 
 * CA certificate - TextFile (not a path)       <------ note this is uploaded by the user

Back