custodia.git/custodia/store, branch master Unnamed repository; edit this file 'description' to name the repository. etcdstore: prevent path traversal attacks 2015-10-19T16:17:58+00:00 Christian Heimes christian@python.org 2015-10-01T11:30:13+00:00 785fc87f38b4811bc4ce43a0a9b2267ee7d500b4 A new internal method _absolute_key() is used to join key name and name space. etcd treats the key space like a file system so the method checks the key for '//', '.', and '..' to prevent invalid paths and path traversal attacks. Signed-off-by: Christian Heimes <cheimes@redhat.com> Signed-off-by: Simo Sorce <simo@redhat.com> 
A new internal method _absolute_key() is used to join key name and name
space. etcd treats the key space like a file system so the method checks
the key for '//', '.', and '..' to prevent invalid paths and path traversal
attacks.

Signed-off-by: Christian Heimes <cheimes@redhat.com>
Signed-off-by: Simo Sorce <simo@redhat.com>
Implement ETCD based Store 2015-10-19T16:17:48+00:00 Simo Sorce simo@redhat.com 2015-09-25T02:26:45+00:00 0ca07419bbc2c4e499b4c37d2183d82b2640e816 Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Christian Heimes <cheimes@redhat.com> 
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Christian Heimes <cheimes@redhat.com>
Extend store interface to create namespaces 2015-10-19T16:17:42+00:00 Simo Sorce simo@redhat.com 2015-09-28T14:23:24+00:00 1d813cc53b9c03636967600f0e31e0cafb14813c Use a new verb, "span" to create namespaces/containers. This will be needed for the Etcd plugin which need to distinguish between a directory and a key. The sqlite/enclite just pass the request to their set() method. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Christian Heimes <cheimes@redhat.com> 
Use a new verb, "span" to create namespaces/containers.
This will be needed for the Etcd plugin which need to distinguish between
a directory and a key.
The sqlite/enclite just pass the request to their set() method.

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Christian Heimes <cheimes@redhat.com>
Better error handling for enclite store 2015-10-19T16:17:24+00:00 Simo Sorce simo@redhat.com 2015-10-01T15:29:25+00:00 0d94624968e00cfc9b85a90ffe3f3032fa510538 The store as throwing an exception in case of an unesisting key. Now it returns None as expected on missing keys, and properly wraps encoding exceptions if the JWE can't be decoded. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Christian Heimes <cheimes@redhat.com> 
The store as throwing an exception in case of an unesisting key.
Now it returns None as expected on missing keys, and properly
wraps encoding exceptions if the JWE can't be decoded.

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Christian Heimes <cheimes@redhat.com>
Remove filter option for directory listings 2015-10-19T16:17:07+00:00 Simo Sorce simo@redhat.com 2015-10-07T17:50:15+00:00 ed3dd0d4c63b424bd5e6d7ba79779caf42f3de7b This commit removes the option to pas a filter parameter. It also changes the way database plugins are expected to return results, results are now expected to be relative to the path requested. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Christian Heimes <cheimes@redhat.com> 
This commit removes the option to pas a filter parameter.
It also changes the way database plugins are expected to return
results, results are now expected to be relative to the path
requested.

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Christian Heimes <cheimes@redhat.com>
Make tox pep8 happy 2015-10-19T16:16:52+00:00 Simo Sorce simo@redhat.com 2015-09-29T15:20:38+00:00 5fceed2d9be1001fc486d801e0a0f923d8dd3159 Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Christian Heimes <cheimes@redhat.com> 
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Christian Heimes <cheimes@redhat.com>
Add basic debugging capabilities 2015-06-05T14:56:29+00:00 Simo Sorce simo@redhat.com 2015-06-05T14:56:29+00:00 eff99ee7a065e6e122dbd7cee136a2651073d224 If debug is set to True, then custodia's own Exception handlers will print a stack trace to standard output to aid debugging. Signed-off-by: Simo Sorce <simo@redhat.com> 
If debug is set to True, then custodia's own Exception handlers will
print a stack trace to standard output to aid debugging.

Signed-off-by: Simo Sorce <simo@redhat.com>
Remove pylint star-args exceptions 2015-05-26T19:05:01+00:00 Simo Sorce simo@redhat.com 2015-05-26T19:04:34+00:00 41d2241a038f2b0ddf797cf9a60ec52d1e96d3c7 Newer pylint version completely removed the star-args warning, including recognizing the exception in the source code. Remove it from all source code to avoid annoyinf pylint errors about unrecognized exceptions, and add a general exception in the pylint makefile invocation, as apparently it is ok there. This will avoid warnings if older versions of pylint are used. Signed-off-by: Simo Sorce <simo@redhat.com> 
Newer pylint version completely removed the star-args warning, including
recognizing the exception in the source code.
Remove it from all source code to avoid annoyinf pylint errors about
unrecognized exceptions, and add a general exception in the pylint makefile
invocation, as apparently it is ok there. This will avoid warnings if older
versions of pylint are used.

Signed-off-by: Simo Sorce <simo@redhat.com>
Add Simple encrypted store. 2015-04-15T21:44:10+00:00 Simo Sorce simo@redhat.com 2015-04-15T21:44:10+00:00 974837af648f2fbc80f3468e7a90fca7d11f8e29 This uses JWCrypto to encrypt any key stored in the sqlite database with a master key. The master key is stored in a file and must be provided by the configuration. A sample key and configuration is provided too. Signed-off-by: Simo Sorce <simo@redhat.com> 
This uses JWCrypto to encrypt any key stored in the sqlite database
with a master key.
The master key is stored in a file and must be provided by the
configuration.

A sample key and configuration is provided too.

Signed-off-by: Simo Sorce <simo@redhat.com>
Return only key/containers names on LIST operation 2015-04-08T13:19:59+00:00 Simo Sorce simo@redhat.com 2015-04-08T13:00:37+00:00 575efc8bd229cfa5ef7d73c4b53c1e27f6f267d5