IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
1251c15faef9800f3ef48105afe8df4f5c361dd0
freeipa/ipapython
History
Alexander Bokovoy ef955c9015 support more DateTime attributes in LDAP searches in IPA API 
LDAPSearch class constructs a filter from a set of attributes and their
values passed in by the command. During this construction process a
limited set of attributes gets converted to a special form, the rest is
simply taken as a string and escaped according to LDAP rules.

This means DateTime class would simply be converted to string using
str(DateTime) and that uses default formatting method. For LDAP we need
to apply a specific formatting method instead.

Following LDAP attributes now handled as datetime.datetime:

 ( 1.3.6.1.4.1.5322.21.2.5 NAME 'krbLastAdminUnlock' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE)
 ( 2.16.840.1.113719.1.301.4.6.1 NAME 'krbPrincipalExpiration' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE)
 ( 2.16.840.1.113719.1.301.4.37.1 NAME 'krbPasswordExpiration' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE)
 ( 2.16.840.1.113719.1.301.4.45.1 NAME 'krbLastPwdChange' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE)
 ( 2.16.840.1.113719.1.301.4.48.1 NAME 'krbLastSuccessfulAuth' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE)
 ( 2.16.840.1.113719.1.301.4.49.1 NAME 'krbLastFailedAuth' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE)
 ( 2.16.840.1.113730.3.8.16.1.3  NAME 'ipatokenNotBefore' DESC 'Token validity date' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE X-ORIGIN 'IPA OTP')
 ( 2.16.840.1.113730.3.8.16.1.4  NAME 'ipatokenNotAfter' DESC 'Token expiration date' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE X-ORIGIN 'IPA OTP')

Fixes: https://pagure.io/freeipa/issue/9395

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Antonio Torres <antorres@redhat.com>
2023-08-21 16:28:04 +02:00
..
install
pylint: Fix useless-object-inheritance
2023-01-10 08:30:58 +01:00
__init__.py
Rename ipa-python directory to ipapython so it is a real python library
2009-02-09 14:35:15 -05:00
admintool.py
pylint: Fix useless-suppression
2022-03-11 13:37:08 -05:00
certdb.py
python 3.12: utcnow function is deprecated
2023-08-09 18:31:03 +02:00
config.py
pylint: fix deprecated-class SafeConfigParser
2023-01-10 08:30:58 +01:00
cookie.py
python 3.12: utcnow function is deprecated
2023-08-09 18:31:03 +02:00
directivesetter.py
Grammar: whitespace is a word
2020-06-23 10:16:29 +02:00
dn_ctypes.py
ipapython: Support openldap 2.6
2022-10-06 10:22:26 +02:00
dn.py
Removes several pylint warnings.
2019-09-27 09:38:32 +02:00
dnsutil.py
dns: Fix support for dnspython 1.1x
2023-03-02 10:06:04 -05:00
dogtag.py
pylint: Fix useless-suppression
2022-03-11 13:37:08 -05:00
errors.py
Replace StandardError with Exception
2015-09-30 10:51:36 +02:00
fqdn.py
Easier to use ipa_gethostfqdn()
2020-10-26 17:11:19 +11:00
graph.py
Py3: Remove subclassing from object
2018-09-27 11:49:04 +02:00
ipa_log_manager.py
Remove deprecated object logger
2019-04-23 12:55:35 +02:00
ipachangeconf.py
pylint: Fix useless-suppression
2022-03-11 13:37:08 -05:00
ipaldap.py
support more DateTime attributes in LDAP searches in IPA API
2023-08-21 16:28:04 +02:00
ipautil.py
pylint: disable unnecessary-dunder-call message
2023-01-10 08:30:58 +01:00
ipavalidate.py
Change FreeIPA license to GPLv3+
2010-12-20 17:19:53 -05:00
kerberos.py
Py3: Replace six.bytes_type with bytes
2018-09-27 16:11:18 +02:00
kernel_keyring.py
Don't configure KEYRING ccache in containers
2019-01-18 11:33:11 +01:00
Makefile.am
Tolerate absence of PAC ticket signature depending of server capabilities
2023-05-24 13:20:38 +02:00
nsslib.py
Remove ipapython.nsslib as it is not used anymore
2017-03-01 09:43:41 +00:00
README
Replace DNS client based on acutil with python-dns
2012-05-24 13:55:56 +02:00
session_storage.py
Fix pylint warnings inconsistent-return-statements
2017-12-18 11:51:14 +01:00
setup.cfg
Port all setup.py to setuptools
2016-10-20 18:43:37 +02:00
setup.py
Add helpers for resolve1 and nameservers
2020-09-23 16:44:26 +02:00
ssh.py
pylint: Fix useless-suppression
2022-03-11 13:37:08 -05:00
version.py.in
Tolerate absence of PAC ticket signature depending of server capabilities
2023-05-24 13:20:38 +02:00

README 

This is a set of libraries common to IPA clients and servers though mostly
geared currently towards command-line tools.

A brief overview:

config.py - identify the IPA server domain and realm. It uses python-dns to
            try to detect this information first and will fall back to
            /etc/ipa/default.conf if that fails.

ipautil.py - helper functions

entity.py - entity is the main data type. User and Group extend this class
            (but don't add anything currently).

ipavalidate.py - basic data validation routines