freeipa/ipaserver/plugins
Christian Heimes 5197422ef6 Vault: Explicitly default to 3DES CBC
The server-side plugin for IPA Vault relied on the fact that the default
oid for encryption algorithm is 3DES in CBC mode (DES-EDE3-CBC). Dogtag
10.4 has changed the default from 3DES to AES. Pass the correct
algorithm OID to KeyClient.archive_encrypted_data().

Closes: https://pagure.io/freeipa/issue/6899
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
2017-04-28 08:25:03 +02:00
..
__init__.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
aci.py wrap long line 2016-11-25 16:18:22 +01:00
automember.py allow 'value' output param in commands without primary key 2016-07-20 13:57:01 +02:00
automount.py Reworked the renaming mechanism 2017-03-27 19:08:26 +02:00
baseldap.py Update get_attr_filter in LDAPSearch to handle nsaccountlock user searches 2017-04-26 10:20:42 +00:00
baseuser.py Add --password-expiration to allow admin to force user password expiration 2017-03-31 12:19:40 +02:00
batch.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
ca.py Reworked the renaming mechanism 2017-03-27 19:08:26 +02:00
caacl.py Conditionally import pyhbac 2017-04-03 13:08:52 +02:00
cert.py cert: defer cert-find result post-processing 2017-04-19 11:28:27 +00:00
certmap.py Re-use trust domain retrieval code in certmap validators 2017-03-14 18:37:10 +01:00
certprofile.py Reuse self.api when executing ca_enabled_check 2017-01-11 15:26:20 +01:00
config.py Allow erasing ipaDomainResolutionOrder attribute 2017-03-30 13:19:11 +02:00
delegation.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
dns.py Reworked the renaming mechanism 2017-03-27 19:08:26 +02:00
dnsserver.py help: Add dnsserver commands to help topic 'dns' 2016-07-22 13:52:09 +02:00
dogtag.py cert: defer cert-find result post-processing 2017-04-19 11:28:27 +00:00
domainlevel.py Check for conflict entries before raising domain level 2016-12-13 12:25:07 +01:00
group.py Reworked the renaming mechanism 2017-03-27 19:08:26 +02:00
hbac.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
hbacrule.py Allow renaming of the HBAC rule objects 2017-03-27 19:08:26 +02:00
hbacsvc.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
hbacsvcgroup.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
hbactest.py Add an option to build ipaserver wheels 2017-04-03 13:08:52 +02:00
host.py Add SHA256 fingerprints for certs 2017-03-07 19:52:43 +01:00
hostgroup.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
idrange.py idrange-add: properly handle empty --dom-name option 2017-04-05 10:15:51 +02:00
idviews.py Reworked the renaming mechanism 2017-03-27 19:08:26 +02:00
internal.py WebUI: Add support for login for AD users 2017-03-27 08:55:41 +02:00
join.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
krbtpolicy.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
ldap2.py ldap2: use LDAP whoami operation to retrieve bind DN for current connection 2017-03-22 17:19:22 +01:00
location.py DNS Location: add list of roles and DNS servers to location-show 2016-06-17 18:05:03 +02:00
migration.py Fix ipa migrate-ds when it finds a search reference 2016-11-17 01:01:05 +01:00
misc.py Make env and plugins commands local again 2016-12-02 13:00:06 +01:00
netgroup.py netgroup: avoid extraneous LDAP search when retrieving primary key from DN 2016-09-09 16:27:53 +02:00
otp.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
otpconfig.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
otptoken.py Reworked the renaming mechanism 2017-03-27 19:08:26 +02:00
passwd.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
permission.py Reworked the renaming mechanism 2017-03-27 19:08:26 +02:00
ping.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
pkinit.py Use Anonymous user to obtain FAST armor ccache 2017-02-15 07:13:37 +01:00
privilege.py Reworked the renaming mechanism 2017-03-27 19:08:26 +02:00
pwpolicy.py pwpolicy: do not run klist on import 2016-10-24 14:11:08 +02:00
rabase.py rabase.get_certificate: make serial number arg mandatory 2017-03-07 13:24:16 +01:00
radiusproxy.py Reworked the renaming mechanism 2017-03-27 19:08:26 +02:00
realmdomains.py ipautil: remove get_domain_name() 2016-11-29 14:50:51 +01:00
role.py Reworked the renaming mechanism 2017-03-27 19:08:26 +02:00
schema.py schema: Fix subtopic -> topic mapping 2016-07-15 14:02:17 +02:00
selfservice.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
selinuxusermap.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
server.py Add check to prevent removal of last KRA 2017-03-13 16:10:28 +01:00
serverrole.py Fix minor typos 2016-06-16 08:47:20 +02:00
serverroles.py Do not update result of *-config-show with empty server attributes 2016-06-21 13:07:24 +02:00
service.py Add SHA256 fingerprints for certs 2017-03-07 19:52:43 +01:00
servicedelegation.py Reworked the renaming mechanism 2017-03-27 19:08:26 +02:00
session.py Fix session logout 2017-02-22 10:15:50 +01:00
stageuser.py Support for Certificate Identity Mapping 2017-03-02 15:09:42 +01:00
sudo.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
sudocmd.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
sudocmdgroup.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
sudorule.py Allow renaming of the sudorule objects 2017-03-27 19:08:26 +02:00
topology.py Fix regexp patterns in parameters to not enforce length 2016-09-20 17:35:28 +02:00
trust.py trust: always use oddjobd helper for fetching trust information 2017-04-11 14:16:39 +02:00
user.py Update get_attr_filter in LDAPSearch to handle nsaccountlock user searches 2017-04-26 10:20:42 +00:00
vault.py Vault: Explicitly default to 3DES CBC 2017-04-28 08:25:03 +02:00
virtual.py ipalib: move server-side plugins to ipaserver 2016-06-03 09:00:34 +02:00
whoami.py add whoami command 2017-03-09 14:10:02 +01:00
xmlserver.py Added new authentication method 2016-08-17 16:55:49 +02:00