freeipa

mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00

Files

Fraser Tweedale bc6d499514 Add Subject Key Identifier to CA cert validity check

CA certificates MUST have the Subject Key Identifier extension to
facilitiate certification path construction.  Not having this
extension on the IPA CA certificate will cause failures in Dogtag
during signing; it tries to copy the CA's Subject Key Identifier to
the new certificate's Authority Key Identifier extension, which
fails.

When installing an externally-signed CA, check that the Subject Key
Identifier extension is present in the CA certificate.

Fixes: https://pagure.io/freeipa/issue/6976
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>

2017-05-30 12:39:15 +02:00

install

Fix Python 3 pylint errors

2017-03-15 19:11:32 +01:00

__init__.py

Rename ipa-python directory to ipapython so it is a real python library

2009-02-09 14:35:15 -05:00

admintool.py

Python3 pylint fixes

2016-11-25 16:18:22 +01:00

certdb.py

Add Subject Key Identifier to CA cert validity check

2017-05-30 12:39:15 +02:00

config.py

pylint_plugins: add forbidden import checker

2017-03-10 13:04:59 +01:00

cookie.py

pylint_plugins: add forbidden import checker

2017-03-10 13:04:59 +01:00

dn.py

Support for Certificate Identity Mapping

2017-03-02 15:09:42 +01:00

dnsutil.py

Py3: Fix ToASCII method

2017-01-06 12:48:10 +01:00

dogtag.py

ca_status: add HTTP timeout 30 seconds

2017-05-04 14:09:50 +02:00

errors.py

Replace StandardError with Exception

2015-09-30 10:51:36 +02:00

graph.py

Remove unused variables in the code

2016-09-27 13:35:58 +02:00

ipa_log_manager.py

install: allow specifying verbosity and console log format in CLI

2016-11-11 12:17:25 +01:00

ipaldap.py

pylint_plugins: add forbidden import checker

2017-03-10 13:04:59 +01:00

ipautil.py

ipapython.ipautil.run: Add option to set umask before executing command

2017-05-19 12:31:24 +02:00

ipavalidate.py

Change FreeIPA license to GPLv3+

2010-12-20 17:19:53 -05:00

kerberos.py

Principal: validate type of input parameter

2017-01-31 18:33:27 +01:00

kernel_keyring.py

Fix session cookies

2016-07-22 16:30:32 +02:00

log_manager.py

remove trailing newlines form python modules

2016-10-12 10:38:52 +02:00

Makefile.am

ipapython: fix DEFAULT_PLUGINS in version.py

2017-03-09 18:39:48 +01:00

nsslib.py

Remove ipapython.nsslib as it is not used anymore

2017-03-01 09:43:41 +00:00

README

Replace DNS client based on acutil with python-dns

2012-05-24 13:55:56 +02:00

session_storage.py

Fix libkrb5 filename for macOS

2017-05-17 14:07:13 +02:00

setup.cfg

Port all setup.py to setuptools

2016-10-20 18:43:37 +02:00

setup.py

Correct PyPI package dependencies

2017-04-26 12:31:11 +02:00

ssh.py

py3: fingerprint_hex_sha256: fix encoding/decoding

2017-01-31 18:33:27 +01:00

version.py.in

ipapython: fix DEFAULT_PLUGINS in version.py

2017-03-09 18:39:48 +01:00

README

This is a set of libraries common to IPA clients and servers though mostly
geared currently towards command-line tools.

A brief overview:

config.py - identify the IPA server domain and realm. It uses python-dns to
            try to detect this information first and will fall back to
            /etc/ipa/default.conf if that fails.

ipautil.py - helper functions

entity.py - entity is the main data type. User and Group extend this class
            (but don't add anything currently).

ipavalidate.py - basic data validation routines