IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-26 00:41:25 -06:00
Code Issues Packages Projects Releases Wiki Activity
11,749 Commits 11 Branches 59 Tags 60 MiB
4069c129ea
Commit Graph

5 Commits

Author SHA1 Message Date
Martin Babinsky
0c68c27e51 extend ipa-getkeytab to support other LDAP bind methods 
ipa-getkeytab command was augmented in a way that allows more flexible
selection of bind mechanisms:

   * -H <LDAP_URI> option was added to specify full LDAP uri. By default the
     URI will be constructed from retrieved server name as is done now.
     Specifying this options precludes use of -s.

   * -Y <EXTERNAL|GSSAPI> specifes SASL bind mechanism if no bind DN
     was given (which implies simple bind)

This allows the command to be used also locally via LDAPI, eliminating the
need to provide any credentials at all as root (e.g. in installers)

https://fedorahosted.org/freeipa/ticket/6409

Reviewed-By: Simo Sorce <ssorce@redhat.com>
 2016-11-08 17:02:44 +01:00
Martin Babinsky
294fc3dc56 ipa-getkeytab: expose CA cert path as option 
get rid of hardcoded CA cert path and allow the caller to use supplied custom
paths instead

https://fedorahosted.org/freeipa/ticket/6409

Reviewed-By: Simo Sorce <ssorce@redhat.com>
 2016-11-08 17:02:44 +01:00
Martin Basti
deb99c11d4 Increase ipa-getkeytab LDAP timeout to 100sec 
On slower machines, the original time 10s is not enough. Raising timeout
to 100sec should help.

https://fedorahosted.org/freeipa/ticket/5842

Reviewed-By: Petr Spacek <pspacek@redhat.com>
 2016-06-27 09:33:02 +02:00
Tomas Babej
d53c2f6b80 ipa-getkeytab: Handle the possibility of not obtaining a result 
The ldap_result operation can time out, returning a NULL result,
which in turn causes the parsing operation to crash.

https://fedorahosted.org/freeipa/ticket/5642

Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
 2016-01-27 17:08:57 +01:00
Petr Viktorin
840de9bb48 Split ipa-client/ into ipaclient/ (Python library) and client/ (C, scripts) 
Make ipaclient a Python library like ipapython, ipalib, etc.
Use setup.py instead of autotools for installing it.

Move C client tools, Python scripts, and man pages, to client/.

Remove old, empty or outdated, boilerplate files (NEWS, README, AUTHORS).
Remove /setup-client.py (ipalib/setup.py should be used instead).

Update Makefiles and the spec file accordingly.

https://fedorahosted.org/freeipa/ticket/5638

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
 2016-01-27 12:09:02 +01:00