mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-01-14 02:11:56 -06:00
800f2690f5
Issue is linked to the ticket #3477 LDAP upload CA cert sometimes double-encodes the value In old FreeIPA releases (< 3.2), the upgrade plugin was encoding twice the value of the certificate in cn=cacert,cn=ipa,cn=etc,$BASEDN. The fix for 3477 is only partial as it prevents double-encoding when a new cert is uploaded but does not fix wrong values already present in LDAP. With this commit, the code first tries to read a der cert. If it fails, it logs a debug message and re-writes the value caCertificate;binary to repair the entry. Fixes https://pagure.io/freeipa/issue/7775 Signed-off-by: Florence Blanc-Renaud <flo@redhat.com> Reviewed-By: Christian Heimes <cheimes@redhat.com> |
||
|---|---|---|
| .. | ||
| __init__.py | ||
| adtrust.py | ||
| ca_renewal_master.py | ||
| dns.py | ||
| fix_replica_agreements.py | ||
| rename_managed.py | ||
| update_ca_topology.py | ||
| update_dna_shared_config.py | ||
| update_fix_duplicate_cacrt_in_ldap.py | ||
| update_idranges.py | ||
| update_ldap_server_list.py | ||
| update_managed_permissions.py | ||
| update_nis.py | ||
| update_pacs.py | ||
| update_passsync.py | ||
| update_ra_cert_store.py | ||
| update_referint.py | ||
| update_services.py | ||
| update_uniqueness.py | ||
| upload_cacrt.py | ||