-
Notifications
You must be signed in to change notification settings - Fork 1.7k
refactor(auth): replace pyOpenSSL with standard ssl and cryptography #16976
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
nbayati
wants to merge
25
commits into
googleapis:main
Choose a base branch
from
nbayati:remove-pyopenssl-dependency
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from all commits
Commits
Show all changes
25 commits
Select commit
Hold shift + click to select a range
baa87d9
refactor(auth): replace pyOpenSSL with standard ssl and cryptography
nbayati 7fd3559
fix: resolve mypy and lint issues
nbayati 4a4f582
fix: suppress interactive OpenSSL stdin passphrase prompts during mTL…
nbayati 19b29ab
add unit tests to mtls_helper
nbayati 648a9b0
refactor(auth): use os.fdopen for writing to memfd in mtls helper and…
nbayati 553b05c
test(auth): fix failing test by updating mock_mds_mtls_config asserti…
nbayati 91d0fe8
fix nox failures
nbayati 33c8377
test: add edge case and error handling tests for _mtls_helper functions
nbayati 03ab6ce
fix lint error, again!
nbayati 73e6e91
refactor(auth): address PR comments on imports, exit call, and safety…
nbayati 2d1bb5c
docs/refactor(auth): improve secure_cert_key_paths docstrings and ref…
nbayati 1e37bd6
refactor(auth): simplify fallback logic using custom exception and cl…
nbayati 2b14fbc
refactor: add type annotations to paths variable in _mtls_helper.py
nbayati 6e4d6b2
fix: unpack cryptography_base_require in DEPENDENCIES
nbayati c82de5c
fix(auth): wrap callback, certificate load and trust chain read error…
nbayati 4049975
verify certificate path readability to prevent AppArmor/LSM crashes
nbayati 0f53316
wrap secure_cert_key_paths inside transport exception handlers
nbayati 3fff58d
fix: catch ConnectionError in MDS client to allow HTTP fallback on co…
nbayati 38fb4f8
raise MutualTLSChannelError if custom TLS signer is used on unsupport…
nbayati 567b90a
fix lint and mypy failre
nbayati f86e926
fix(auth): handle FileNotFoundError for trust chain and mock os.acces…
nbayati fdebe2f
refactor(auth): remove redundant import and passphrase type fallback …
nbayati 342100a
docs(auth): document plaintext fallback behavior in mtls helper key e…
nbayati 13c4c77
fix(auth): call leaf cert callback outside of parse try block
nbayati f0e27ca
refactor: extract _encode_cert to module level in identity_pool
nbayati File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.