| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Christian Heimes <cheimes@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
All authorization modules need to be executed, we cannot bail at the
first one that returns a positive answer. Some authz modules attach
data to the requst as a side effect and they need to be run even if
others also authorize access.
Additionally if a later module returns an explicit Deny, then that
must override any previous granted access.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
| |
In the server case auditlog is used in the pipeline too, so make it public.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Christian Heimes <cheimes@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adda an 'origin' argument to the logger formatting that
coms from the configuration parser and ties a log entry to the
implementing class as well as the specific configuration facility
that instantiated it.
Also adds per configuration section debugging unless the global
debug statment is true, in which case all objects have debugging
forcibly turned on.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Christian Heimes <cheimes@redhat.com>
|
| |
|
|
|
|
|
| |
Use custom configuration and databases, do not rely on in-tree data.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Christian Heimes <cheimes@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Christian Heimes <cheimes@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Christian Heimes <cheimes@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
The custom logging and traceback functions as well as the audit logger
are replaced with Python's logging framework. For now the loggers are
hard-coded to use a StreamHandler(sys.stderr) as root handler and a
FileHandler for the audit log.
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The server can be now configured using a new parameter called
"server_url".
Setting server_url to "http://0.0.0.0:80/" will make the server listen
on TCP port 80, while setting it to "http+unix://%2fsocket" will make
the server listen on the unix socket named "/socket".
The backwards compatible "server_socket" is retained and used if no
server_url is provided.
The request dict has a new field "client_id" that contains either a
PID or a peer name. In the future the field can be augmented with a
TLS client cert DN or other similar identifier.
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Christian Heimes <cheimes@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Christian Heimes <cheimes@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Christian Heimes <cheimes@redhat.com>
|
| |
|
|
|
| |
Reviewed-by: Simo Sorce <simo@redhat.com>
Closes #9
|
| |
|
|
|
|
|
| |
This avoids issues where spaces get turned to %20 and then name
matching comparisons (like for KEMHandler) fail.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
If debug is set to True, then custodia's own Exception handlers will
print a stack trace to standard output to aid debugging.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
| |
Doesn't really make sense to have it on the server class,
just snatch the config from it.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Authenticators will not signal anymore validity by adding a request
attributes.
Instead they can return on of three values:
- True, indicates positive authentication
- False, indicate explicit failure
- None, inicates neither success nor failure, not applicable
|
| |
|
|
|
| |
Accept a maximum of 10 Megabytes and relies on proper Content-length
being set by the client
|
| |
|
|
|
|
|
|
| |
Silence pylint errors due to python3 imports
Switch to HTTP 1.0 by default, this terminates each request by
default which make it handier for manual testing with clients
like curl.
Properly handle a consumer returning nothing (None) as output.
|
| | |
|
| | |
|
|
|
This required the renaming of the http directory to avoid clashes with the
python3 own http/server module.
|
