freeipa

mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00

Files

Fraser Tweedale 4660bb7ff0 Add custodia store for lightweight CA key replication

Due to limitations in Dogtag's use of NSSDB, importing private keys
must be done by the Dogtag Java process itself.  This requires a
PKIArchiveOptions format (signing key wrapped with host CA key) -
PKCS #12 cannot be used because that would require decrypting the
key in Dogtag's memory, albeit temporarily.

Add a new custodia store that executes a 'pki' command to acquire
the wrapped key.

Part of: https://fedorahosted.org/freeipa/ticket/4559

Reviewed-By: Jan Cholasta <jcholast@redhat.com>

2016-06-09 09:04:27 +02:00

dnssec

Cosmetic changes to the code

2016-02-24 09:21:30 +01:00

install

Py3: do not use dict.iteritems()

2016-02-23 17:14:33 +01:00

secrets

Add custodia store for lightweight CA key replication

2016-06-09 09:04:27 +02:00

__init__.py

Rename ipa-python directory to ipapython so it is a real python library

2009-02-09 14:35:15 -05:00

admintool.py

admintool: Add error message with path to log on failure.

2015-10-15 13:32:13 +02:00

certdb.py

certdb: never use the -r option of certutil

2016-03-16 09:35:44 +01:00

certmonger.py

Move freeipa certmonger helpers to libexecdir.

2016-02-26 08:29:44 +01:00

config.py

Fix: catch Exception instead of more specific exception types

2016-03-22 17:33:02 +01:00

cookie.py

cookie parser: do not fail on cookie with empty value

2016-03-01 14:16:08 +01:00

dn.py

ipapython.dn: Use rich comparisons

2015-10-07 10:27:20 +02:00

dnsutil.py

DNS upgrade: change global forwarding policy in LDAP to "only" if private IPs are used

2016-05-30 20:14:32 +02:00

dogtag.py

Remove workaround for CA running check

2016-01-21 14:09:44 +01:00

errors.py

Replace StandardError with Exception

2015-09-30 10:51:36 +02:00

graph.py

Use Python3-compatible dict method names

2015-09-01 11:42:01 +02:00

ipa_log_manager.py

Use absolute imports

2015-08-12 18:17:23 +02:00

ipa.conf

Rename ipa-python directory to ipapython so it is a real python library

2009-02-09 14:35:15 -05:00

ipaldap.py

ipaldap: Convert dict items to list before iterating

2016-05-30 16:44:08 +02:00

ipautil.py

Move check_zone_overlap() from ipapython.ipautil to ipapython.dnsutil

2016-05-30 20:14:32 +02:00

ipavalidate.py

Change FreeIPA license to GPLv3+

2010-12-20 17:19:53 -05:00

kernel_keyring.py

ipautil.run, kernel_keyring: Encoding fixes for Python 3

2016-02-17 10:41:29 +01:00

log_manager.py

pylint: remove bare except

2016-03-22 10:20:51 +01:00

Makefile

ipapython: port p11helper C code to Python

2016-01-21 10:21:32 +01:00

MANIFEST.in

Rename ipa-python directory to ipapython so it is a real python library

2009-02-09 14:35:15 -05:00

nsslib.py

Pylint: remove unnecessary-semicolon

2016-03-22 10:20:51 +01:00

p11helper.py

p11helper: Port to Python 3

2016-02-17 10:41:29 +01:00

README

Replace DNS client based on acutil with python-dns

2012-05-24 13:55:56 +02:00

setup.py.in

Remove unused imports

2015-12-23 07:59:22 +01:00

ssh.py

Remove unused imports

2015-12-23 07:59:22 +01:00

sysrestore.py

sysrestore: Iterate over a list of dict keys

2016-04-28 16:22:07 +02:00

version.py.in

ipalib.version: Add VENDOR_VERSION

2014-05-27 12:08:54 +02:00

README

This is a set of libraries common to IPA clients and servers though mostly
geared currently towards command-line tools.

A brief overview:

config.py - identify the IPA server domain and realm. It uses python-dns to
            try to detect this information first and will fall back to
            /etc/ipa/default.conf if that fails.

ipautil.py - helper functions

entity.py - entity is the main data type. User and Group extend this class
            (but don't add anything currently).

ipavalidate.py - basic data validation routines