mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-01-26 08:06:30 -06:00
f3e1171564
OpenLDAP 2.4 sets minimum version with SSL_CTX_set_options(). The system-wide crypto-policies for TLS minimum version are applied with SSL_CTX_set_min_proto_version(). The set_option() call cannot not enable lower versions than allowed by crypto-policy, e.g. openssl.cnf MinProtocol=TLS1.2 + OPT_X_TLS_PROTOCOL_MIN=TLS1.0 result in TLS 1.2 as minimum protocol version. Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com> |
||
---|---|---|
.. | ||
install | ||
__init__.py | ||
admintool.py | ||
certdb.py | ||
config.py | ||
cookie.py | ||
directivesetter.py | ||
dn_ctypes.py | ||
dn.py | ||
dnsutil.py | ||
dogtag.py | ||
errors.py | ||
graph.py | ||
ipa_log_manager.py | ||
ipachangeconf.py | ||
ipaldap.py | ||
ipautil.py | ||
ipavalidate.py | ||
kerberos.py | ||
kernel_keyring.py | ||
Makefile.am | ||
nsslib.py | ||
README | ||
session_storage.py | ||
setup.cfg | ||
setup.py | ||
ssh.py | ||
version.py.in |
This is a set of libraries common to IPA clients and servers though mostly geared currently towards command-line tools. A brief overview: config.py - identify the IPA server domain and realm. It uses python-dns to try to detect this information first and will fall back to /etc/ipa/default.conf if that fails. ipautil.py - helper functions entity.py - entity is the main data type. User and Group extend this class (but don't add anything currently). ipavalidate.py - basic data validation routines