Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue #5 - Implement BIND-level authentication #6

Merged
merged 5 commits into from
Apr 30, 2018
Merged

Issue #5 - Implement BIND-level authentication #6

merged 5 commits into from
Apr 30, 2018

Conversation

lorsposto
Copy link
Contributor

Resolves #5

  • Adds ans.1 types for ISP1Credentials and HashInput
  • Updates config.yaml to include credential/auth level config
  • Updates BIND logic to do credentials for auth levels BIND/ALL
  • Update other references to where credential logic should happen (but return handler logic will need to be implemented for auth level ALL)
  • Fix examples and update with auth level config

@lorsposto lorsposto requested a review from MJJoyce April 26, 2018 15:44
MJJoyce
MJJoyce requested changes Apr 26, 2018
View reviewed changes
bliss/sle/bin/examples/rcf_api_test.py Outdated
spacecraft_id=250,
trans_frame_ver_num=1,
auth_level="bind",
peer_auth_level="bind"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We shouldn't need both of these. The auth level should cover outgoing/inbound auth in all 3 cases. I.e., 'Bind' level auth means the outgoing bind request is auth'ed and the receipt has auth info from the harness that we should decode

bliss/sle/cltu.py Outdated
@@ -148,8 +148,8 @@ def start(self):
'''
start_invoc = CltuUserToProviderPdu()

if self._credentials:
pass
if self._auth_level in ['all']:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we set this to be _auth_level == 'all' instead of doing membership checks?

bliss/sle/cltu.py
@@ -327,7 +327,29 @@ def decode(self, message):
def _bind_return_handler(self, pdu):
''''''
result = pdu['cltuBindReturn']['result']
responder_identifier = pdu['cltuBindReturn']['responderIdentifier']
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If this is the same across the 3 interfaces let's move the bulk of the logic to the common class between the 3. I realize there was probably a lot of duplication before as well though =)

@lorsposto
Copy link
Contributor Author

@MJJoyce Updated to remove "peer auth level." I created #7 to handler duplicated logic across the classes.

@lorsposto lorsposto merged commit 6701a5c into master Apr 30, 2018
@lorsposto lorsposto deleted the issue-5 branch April 30, 2018 18:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MJJoyce MJJoyce MJJoyce approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@lorsposto @MJJoyce