-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue #5 - Implement BIND-level authentication #6
Conversation
- Add credentials to config - Add credential algorithm
- update rcf/cltu examples
spacecraft_id=250, | ||
trans_frame_ver_num=1, | ||
auth_level="bind", | ||
peer_auth_level="bind" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We shouldn't need both of these. The auth level should cover outgoing/inbound auth in all 3 cases. I.e., 'Bind' level auth means the outgoing bind request is auth'ed and the receipt has auth info from the harness that we should decode
bliss/sle/cltu.py
Outdated
@@ -148,8 +148,8 @@ def start(self): | |||
''' | |||
start_invoc = CltuUserToProviderPdu() | |||
|
|||
if self._credentials: | |||
pass | |||
if self._auth_level in ['all']: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we set this to be _auth_level == 'all'
instead of doing membership checks?
@@ -327,7 +327,29 @@ def decode(self, message): | |||
def _bind_return_handler(self, pdu): | |||
'''''' | |||
result = pdu['cltuBindReturn']['result'] | |||
responder_identifier = pdu['cltuBindReturn']['responderIdentifier'] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If this is the same across the 3 interfaces let's move the bulk of the logic to the common class between the 3. I realize there was probably a lot of duplication before as well though =)
Resolves #5
config.yaml
to include credential/auth level config