IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
585e0d1b8c
freeipa/ipapython
History
Fraser Tweedale 4660bb7ff0 Add custodia store for lightweight CA key replication 
Due to limitations in Dogtag's use of NSSDB, importing private keys
must be done by the Dogtag Java process itself.  This requires a
PKIArchiveOptions format (signing key wrapped with host CA key) -
PKCS #12 cannot be used because that would require decrypting the
key in Dogtag's memory, albeit temporarily.

Add a new custodia store that executes a 'pki' command to acquire
the wrapped key.

Part of: https://fedorahosted.org/freeipa/ticket/4559

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
2016-06-09 09:04:27 +02:00
..
dnssec Cosmetic changes to the code 2016-02-24 09:21:30 +01:00
install Py3: do not use dict.iteritems() 2016-02-23 17:14:33 +01:00
secrets Add custodia store for lightweight CA key replication 2016-06-09 09:04:27 +02:00
__init__.py Rename ipa-python directory to ipapython so it is a real python library 2009-02-09 14:35:15 -05:00
admintool.py admintool: Add error message with path to log on failure. 2015-10-15 13:32:13 +02:00
certdb.py certdb: never use the -r option of certutil 2016-03-16 09:35:44 +01:00
certmonger.py Move freeipa certmonger helpers to libexecdir. 2016-02-26 08:29:44 +01:00
config.py Fix: catch Exception instead of more specific exception types 2016-03-22 17:33:02 +01:00
cookie.py cookie parser: do not fail on cookie with empty value 2016-03-01 14:16:08 +01:00
dn.py ipapython.dn: Use rich comparisons 2015-10-07 10:27:20 +02:00
dnsutil.py DNS upgrade: change global forwarding policy in LDAP to "only" if private IPs are used 2016-05-30 20:14:32 +02:00
dogtag.py Remove workaround for CA running check 2016-01-21 14:09:44 +01:00
errors.py Replace StandardError with Exception 2015-09-30 10:51:36 +02:00
graph.py Use Python3-compatible dict method names 2015-09-01 11:42:01 +02:00
ipa_log_manager.py Use absolute imports 2015-08-12 18:17:23 +02:00
ipa.conf Rename ipa-python directory to ipapython so it is a real python library 2009-02-09 14:35:15 -05:00
ipaldap.py ipaldap: Convert dict items to list before iterating 2016-05-30 16:44:08 +02:00
ipautil.py Move check_zone_overlap() from ipapython.ipautil to ipapython.dnsutil 2016-05-30 20:14:32 +02:00
ipavalidate.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
kernel_keyring.py ipautil.run, kernel_keyring: Encoding fixes for Python 3 2016-02-17 10:41:29 +01:00
log_manager.py pylint: remove bare except 2016-03-22 10:20:51 +01:00
Makefile ipapython: port p11helper C code to Python 2016-01-21 10:21:32 +01:00
MANIFEST.in Rename ipa-python directory to ipapython so it is a real python library 2009-02-09 14:35:15 -05:00
nsslib.py Pylint: remove unnecessary-semicolon 2016-03-22 10:20:51 +01:00
p11helper.py p11helper: Port to Python 3 2016-02-17 10:41:29 +01:00
README Replace DNS client based on acutil with python-dns 2012-05-24 13:55:56 +02:00
setup.py.in Remove unused imports 2015-12-23 07:59:22 +01:00
ssh.py Remove unused imports 2015-12-23 07:59:22 +01:00
sysrestore.py sysrestore: Iterate over a list of dict keys 2016-04-28 16:22:07 +02:00
version.py.in ipalib.version: Add VENDOR_VERSION 2014-05-27 12:08:54 +02:00

README 

This is a set of libraries common to IPA clients and servers though mostly
geared currently towards command-line tools.

A brief overview:

config.py - identify the IPA server domain and realm. It uses python-dns to
            try to detect this information first and will fall back to
            /etc/ipa/default.conf if that fails.

ipautil.py - helper functions

entity.py - entity is the main data type. User and Group extend this class
            (but don't add anything currently).

ipavalidate.py - basic data validation routines