freeipa/install/tools
Nathaniel McCallum 5baa941317 Implement OTP token importing
This patch adds support for importing tokens using RFC 6030 key container
files. This includes decryption support. For sysadmin sanity, any tokens
which fail to add will be written to the output file for examination. The
main use case here is where a small subset of a large set of tokens fails
to validate or add. Using the output file, the sysadmin can attempt to
recover these specific tokens.

This code is implemented as a server-side script. However, it doesn't
actually need to run on the server. This was done because importing is an
odd fit for the IPA command framework:
1. We need to write an output file.
2. The operation may be long-running (thousands of tokens).
3. Only admins need to perform this task and it only happens infrequently.

https://fedorahosted.org/freeipa/ticket/4261

Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2014-06-25 12:55:02 +02:00
..
man Implement OTP token importing 2014-06-25 12:55:02 +02:00
ipa-adtrust-install admin tools: Log IPA version 2014-05-27 12:08:55 +02:00
ipa-advise Use /usr/bin/python2 2014-01-03 09:46:05 +01:00
ipa-backup Use /usr/bin/python2 2014-01-03 09:46:05 +01:00
ipa-ca-install ipaplatform: Remove redundant imports of ipaservices 2014-06-16 19:48:20 +02:00
ipa-compat-manage Convert remaining installer code to LDAPEntry API. 2014-01-24 20:29:31 +01:00
ipa-csreplica-manage Move CACERT definition to a single place. 2014-03-25 16:54:54 +01:00
ipa-dns-install admin tools: Log IPA version 2014-05-27 12:08:55 +02:00
ipa-ldap-updater Use /usr/bin/python2 2014-01-03 09:46:05 +01:00
ipa-managed-entries Move CACERT definition to a single place. 2014-03-25 16:54:54 +01:00
ipa-nis-manage ipaplatform: Remove redundant imports of ipaservices 2014-06-16 19:48:20 +02:00
ipa-otptoken-import Implement OTP token importing 2014-06-25 12:55:02 +02:00
ipa-replica-conncheck admin tools: Log IPA version 2014-05-27 12:08:55 +02:00
ipa-replica-install ipaplatform: Remove redundant imports of ipaservices 2014-06-16 19:48:20 +02:00
ipa-replica-manage Move CACERT definition to a single place. 2014-03-25 16:54:54 +01:00
ipa-replica-prepare Use /usr/bin/python2 2014-01-03 09:46:05 +01:00
ipa-restore Use /usr/bin/python2 2014-01-03 09:46:05 +01:00
ipa-server-certinstall Use /usr/bin/python2 2014-01-03 09:46:05 +01:00
ipa-server-install ipaplatform: Remove redundant imports of ipaservices 2014-06-16 19:48:20 +02:00
ipa-upgradeconfig Allow SAN in IPA certificate profile. 2014-06-24 12:10:01 +02:00
ipactl ipaplatform: Remove redundant imports of ipaservices 2014-06-16 19:48:20 +02:00
Makefile.am Implement OTP token importing 2014-06-25 12:55:02 +02:00