This change updates how the built-in open function is mocked in
the PyKMIP server test suite. On some platforms the old approach
was insufficient. This change explicitly references the builtins
module for Python3+, removing the old module-based mock.
This change fixes a bug that could occur when accessing the server
with multiple threads or processes. The SQLite backend by default
does not support multithreading. This change updates how the
SQLite backend is instantiated, preventing error generation when
using multiple clients simultaenously. The server unit test suite
has been updated to cover the change.
This change fixes a bug in the ProxyKmipClient, specifically in
the register method. The client would create attributes for the
object to register, regardless if those attributes were set on
the object. This could cause attribute value overwrites, deleting
valid default values with empty values. This change adds checks
to ensure these attributes are not created with the request if
they are not set on the object. The client unit tests have been
updated to reflect this change.
This change updates the server to better handle exceptions thrown
while looking up the value of different attributes on managed
objects. Some managed objects in PyKMIP don't currently support
attributes they are supposed to. This can cause lookup errors
when using GetAttributes. This change suppresses any exceptions
and simply returns None for the missing attribute value. The
server unit tests have been updated to account for this change.
This change adds support for the GetAttributes operation to the
PyKMIP clients. Demo scripts showing how to use the new operation
will be included in a future update. Client test cases have been
added and updated to reflect the new operation.
This change adds server support for the GetAttributes operation.
The user can specify an object ID and an attribute list to get
the values of the attributes listed from the specified object.
The user can also omit either argument; the server will default
to using the ID placeholder and all viable attributes respectively.
Only a subset of the standard attributes are supported right now.
New tests have been added to cover the new feature.
Closes#185Closes#211Closes#218
This change updates the attribute value factory to allow for the
creation of ObjectType attributes with values provided by the
caller. Unit tests have been added to cover this change.
The ProxyKmipClient now allows you to optionally provide a name
when performing a `Create` or a `Create Key Pair`. If not specified,
the name is excluded from the request.
* For `create`, users specify `name`
* For `create_key_pair`, users specify `private_name` and `public_name`
Resolves#208
This change fixes a bug with the server where the server would
prematurely shutdown upon receiving a client connection using an
invalid certificate. The server will now withstand bad client
connections. The impacted server unit tests have been updated to
reflect the bug fix.
This change updates the payload factories, adding placeholder
support for operations added in KMIP 1.3. It also updates old
placeholders with now supported payloads. The corresponding
unit test suites have been updated to match the additions.
This change updates the server, updating how it processes config
values and allowing it to handle optional or ommitted policy_path
values. This fixes a bug where users could not leave the
policy_path config file unset, in addition to a bug that forced
users to use '/etc/pykmip/policies' as their policy directory.
Fixes#210
This change adds str and repr utilities to the Attribute object. A
new test suite for Attribute object tests is included, however only
the tests for the string utilities are included with this patch.
The remaining Attribute tests will be implemented in a later patch.
This change adds some utility methods, including equality operators
and string methods, to the ApplicationSpecificInformation attribute.
Unit tests covering the changes are included.
This change adds support for the Activate operation to the server,
including additional server unit tests, a new IllegalOperation
exception, and updated state attribute support in Pie objects.
Fixes#186
This change fixes a minor bug with the client shutdown routine,
where an error would get thrown when attempting to call shutdown
on an unconnected socket. This error is now caught and suppressed,
since the client is already shutting down. A new client unit test
is included to cover this change.
This change adds support for dynamic operation policy loading.
The server config file now supports a 'policy_path' option that
points to a filesystem directory. Each file in the directory
should contain a JSON policy object. The KMIP server will scan
this directory and attempt to load all valid policies it finds.
The results of this process will be logged.
This change adds enforcement of KMIP operation policies to the
server engine, specifically to the Get and Destroy operations.
Explicit object ownership is enforced as a result, with ownership
now a tracked internal server property of managed objects. Tests
for this new functionality are included.
This change updates the KMIP engine to process and persist the
value of the operation policy name attribute when creating or
registering new managed objects. Tests are included for these
changes.
This change adds operation policy name support to the pie client,
allowing you to optionally specify the policy name when creating
new symmetric keys and asymmetric key pairs. The operation policy
name can also be set on any pie object and will be sent with the
corresponding register request for new objects. Tests for these
additions are included.
This change fixes a bug in the KMIP server engine where a missing
request credential would cause the session to prematurely
terminate. Credential handling may require session termination
for missing credentials, but that decision should be made by
credential processing not request processing.
Fixes#193
This change updates the KmipSession, allowing it to extract client
identity from the client certificate of a TLS connection. The
certificate subject common name is used as the client identity if
the certificate has client authentication set in the extended key
usage extension.
This change breaks backwards compatibility. If a client certificate
does not define a client identity, the session will reject it and
shutdown the connection. Any client certificates used to connect
with the software server in the past will need to be replaced with
certificates that define a suitable client identity.
This change adds some additional logging statements when processing
individual KMIP operations, providing additional information on
operation input and output. The associated tests have been updated
accordingly.
An issue with local daylight savings time causes a comparison error in
some locales when checking against a hard-coded expected time string.
The DateTime primitive string representation has been updated to output
only UTC time strings.
Fixes#124
This change fixes a bug with the KmipSession connection handling logic
that would terminate the connection before actually receiving a
termination from the client. The corresponding unit tests have been
updated to reflect this fix.
This change adds KmipEngine support to the KmipSession. The session will
now pass on received requests for processing by the engine, handling any
results or errors that occur. The KmipSession test suite has been
updated to reflect this change.
This change adds the KmipServer, the front-end of the KMIP software
server. The KmipServer is in charge of loading configuration settings,
creating all major server components, and serving and managing client
connections. A KmipServerConfig tool is included to handle configuration
settings. Test cases for all new code are included.
When KmipSession instantiated without session name there is error:
File ".../PyKMIP/kmip/services/server/session.py", line 57, in __init__
self._logger = logging.getLogger('.'.join((__name__, name)))
TypeError: sequence item 1: expected str instance, NoneType found
Peter Hamilton
Charles Stephens
Peter Hamilton
Jonathan Seawright
Peter
Viktor Tarasov