IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-28 01:41:14 -06:00
Code Issues Packages Projects Releases Wiki Activity
2,892 Commits 11 Branches 59 Tags 60 MiB
c99fda0d1e
Commit Graph

6 Commits

Author SHA1 Message Date
Rob Crittenden
18476c9538 Use newer API in ipalib/x509 and add missing import. 
The import was only used when running the in-tree lite-server
 2010-07-15 11:17:58 -04:00
Rob Crittenden
8d2d7429be Clean up crypto code, take advantage of new nss-python capabilities 
This patch does the following:
- drops our in-tree x509v3 parser to use the python-nss one
- return more information on certificates
- make an API change, renaming cert-get to cert-show
- Drop a lot of duplicated code
 2010-07-15 10:51:49 -04:00
Rob Crittenden
28321f7a2c Correct some comment errors 2010-01-19 17:33:28 -05:00
John Dennis
ee909d871c rebase dogtag clean-up patch 2009-12-09 01:57:08 -07:00
Rob Crittenden
cb4c0d6caf Add type argument to x509.load_certificate() so it can handle binary certs 2009-12-01 23:17:55 -07:00
Rob Crittenden
ab1667f3c1 Use pyasn1-based PKCS#10 and X509v3 parsers instead of pyOpenSSL. 
The pyOpenSSL PKCS#10 parser doesn't support attributes so we can't identify
requests with subject alt names.

Subject alt names are only allowed if:
  - the host for the alt name exists in IPA
  - if binding as host principal, the host is in the services managedBy attr
 2009-11-30 18:10:09 -07:00