mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 15:40:01 -06:00
ba526c5cb0
usercertificate often has a subclass and both the plain and subclassed (binary) values are queried. I'm concerned that they are used more or less interchangably in places so not caching these entries is the safest path forward for now until we can dedicate the time to find all usages, determine their safety and/or perhaps handle this gracefully within the cache now. What we see in this bug is that usercertificate;binary holds the first certificate value but a user-mod is done with setattr usercertificate=<new_cert>. Since there is no usercertificate value (remember, it's usercertificate;binary) a replace is done and 389-ds wipes the existing value as we've asked it to. I'm not comfortable with simply treating them the same because in LDAP they are not. https://pagure.io/freeipa/issue/8986 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Francois Cami <fcami@redhat.com> Reviewed-By: Fraser Tweedale <ftweedal@redhat.com> |
||
---|---|---|
.. | ||
install | ||
__init__.py | ||
admintool.py | ||
certdb.py | ||
config.py | ||
cookie.py | ||
directivesetter.py | ||
dn_ctypes.py | ||
dn.py | ||
dnsutil.py | ||
dogtag.py | ||
errors.py | ||
fqdn.py | ||
graph.py | ||
ipa_log_manager.py | ||
ipachangeconf.py | ||
ipaldap.py | ||
ipautil.py | ||
ipavalidate.py | ||
kerberos.py | ||
kernel_keyring.py | ||
Makefile.am | ||
nsslib.py | ||
README | ||
session_storage.py | ||
setup.cfg | ||
setup.py | ||
ssh.py | ||
version.py.in |
This is a set of libraries common to IPA clients and servers though mostly geared currently towards command-line tools. A brief overview: config.py - identify the IPA server domain and realm. It uses python-dns to try to detect this information first and will fall back to /etc/ipa/default.conf if that fails. ipautil.py - helper functions entity.py - entity is the main data type. User and Group extend this class (but don't add anything currently). ipavalidate.py - basic data validation routines