mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
a3934a211d
Replace get_ldap_uri() + LDAPClient() with new LDAPClient constructors like LDAPClient.from_realm(). Some places now use LDAPI with external bind instead of LDAP with simple bind. Although the FQDN *should* resolve to 127.0.0.1 / [::1], there is no hard guarantee. The draft https://tools.ietf.org/html/draft-west-let-localhost-be-localhost-04#section-5.1 specifies that applications must verify that the resulting IP is a loopback API. LDAPI is always local and a bit more efficient, too. The simple_bind() method also prevents the caller from sending a password over an insecure line. Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> |
||
---|---|---|
.. | ||
__init__.py | ||
0_reset.update | ||
1_add.update | ||
2_update.update | ||
3_update.update | ||
4_update.update | ||
5_update.update | ||
6_update.update | ||
8_badsyntax.update | ||
9_badsyntax.update | ||
test_changeconf.py | ||
test_install_checks.py | ||
test_updates.py |