This change fixes a minor bug with the client shutdown routine,
where an error would get thrown when attempting to call shutdown
on an unconnected socket. This error is now caught and suppressed,
since the client is already shutting down. A new client unit test
is included to cover this change.
This change adds support for dynamic operation policy loading.
The server config file now supports a 'policy_path' option that
points to a filesystem directory. Each file in the directory
should contain a JSON policy object. The KMIP server will scan
this directory and attempt to load all valid policies it finds.
The results of this process will be logged.
This change adds enforcement of KMIP operation policies to the
server engine, specifically to the Get and Destroy operations.
Explicit object ownership is enforced as a result, with ownership
now a tracked internal server property of managed objects. Tests
for this new functionality are included.
This change updates the KMIP engine to process and persist the
value of the operation policy name attribute when creating or
registering new managed objects. Tests are included for these
changes.
This change adds operation policy name support to the pie client,
allowing you to optionally specify the policy name when creating
new symmetric keys and asymmetric key pairs. The operation policy
name can also be set on any pie object and will be sent with the
corresponding register request for new objects. Tests for these
additions are included.
This change fixes a bug in the KMIP server engine where a missing
request credential would cause the session to prematurely
terminate. Credential handling may require session termination
for missing credentials, but that decision should be made by
credential processing not request processing.
Fixes#193
This change updates the KmipSession, allowing it to extract client
identity from the client certificate of a TLS connection. The
certificate subject common name is used as the client identity if
the certificate has client authentication set in the extended key
usage extension.
This change breaks backwards compatibility. If a client certificate
does not define a client identity, the session will reject it and
shutdown the connection. Any client certificates used to connect
with the software server in the past will need to be replaced with
certificates that define a suitable client identity.
This change adds some additional logging statements when processing
individual KMIP operations, providing additional information on
operation input and output. The associated tests have been updated
accordingly.
An issue with local daylight savings time causes a comparison error in
some locales when checking against a hard-coded expected time string.
The DateTime primitive string representation has been updated to output
only UTC time strings.
Fixes#124
This change fixes a bug with the KmipSession connection handling logic
that would terminate the connection before actually receiving a
termination from the client. The corresponding unit tests have been
updated to reflect this fix.
This change adds KmipEngine support to the KmipSession. The session will
now pass on received requests for processing by the engine, handling any
results or errors that occur. The KmipSession test suite has been
updated to reflect this change.
This change adds the KmipServer, the front-end of the KMIP software
server. The KmipServer is in charge of loading configuration settings,
creating all major server components, and serving and managing client
connections. A KmipServerConfig tool is included to handle configuration
settings. Test cases for all new code are included.
When KmipSession instantiated without session name there is error:
File ".../PyKMIP/kmip/services/server/session.py", line 57, in __init__
self._logger = logging.getLogger('.'.join((__name__, name)))
TypeError: sequence item 1: expected str instance, NoneType found
This change adds a policy system that will be used by the KmipEngine to
track and organize rules for individual KMIP attributes. Comparison
operators for the Integer primitive and ProtocolVersion struct are added
to support the AttributePolicy. Tests for all new changes are included.
This change adds a policy system that will be used by the KmipEngine to
track and organize rules for individual KMIP attributes. Comparison
operators for the Integer primitive and ProtocolVersion struct are added
to support the AttributePolicy. Tests for all new changes are included.
This change adds the KmipEngine, the core processing component of the
KmipServer. The KmipEngine contains the KMIP application logic and
handles process request messages by batch. The engine handles logging
and error handling throughout the processing stack.
New server exceptions are added to handle new error cases. A test suite
is included.
This pull request:
- Adds the comparison operators to the following classes:
-- Attribute.AttributeName class
- Fixes bug in the "_create_cryptographic_parameters" function when "None" type parameters are used
- Adds read, write, and comparator unit tests for the Attribute class in the /kmip/core/objects.py file
Signed-off-by: Hadi Esiely <hadi.esiely-barrera@jhuapl.edu>
... to gently indicate the end of request processing
Introduce 'RequestLengthMismatch' exception dedicated for the
unexpected result of 'read' request operation
Unit tests for kmip-protocol
The code for persisting symmetric keys in a database has been added
along with the corresponding unit tests.
The usage mask list for cryptographic objects is stored as an integer bitmask.
The conversion takes place with a new SQLAlchemy type.
Switched ManagedObject value type to VARBINARY. This prevents errors from
occuring when trying to convert to a string.
Added the ORM code to be able to persist OpaqueData in a database.
This added the code to the base class ManagedObject as well. Unit
tests are added to demonstrate the code is working correctly.
This change adds a KmipSession class that manages individual
client/server connections in a thread of execution separate from the
main thread. A test suite is included.
Peter Hamilton
Peter Hamilton
Peter
Viktor Tarasov
Hadi Esiely
Nathan Reller