IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
a90a113b66
freeipa/ipapython
History
Fraser Tweedale bc6d499514 Add Subject Key Identifier to CA cert validity check 
CA certificates MUST have the Subject Key Identifier extension to
facilitiate certification path construction.  Not having this
extension on the IPA CA certificate will cause failures in Dogtag
during signing; it tries to copy the CA's Subject Key Identifier to
the new certificate's Authority Key Identifier extension, which
fails.

When installing an externally-signed CA, check that the Subject Key
Identifier extension is present in the CA certificate.

Fixes: https://pagure.io/freeipa/issue/6976
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
2017-05-30 12:39:15 +02:00
..
install Fix Python 3 pylint errors 2017-03-15 19:11:32 +01:00
__init__.py Rename ipa-python directory to ipapython so it is a real python library 2009-02-09 14:35:15 -05:00
admintool.py Python3 pylint fixes 2016-11-25 16:18:22 +01:00
certdb.py Add Subject Key Identifier to CA cert validity check 2017-05-30 12:39:15 +02:00
config.py pylint_plugins: add forbidden import checker 2017-03-10 13:04:59 +01:00
cookie.py pylint_plugins: add forbidden import checker 2017-03-10 13:04:59 +01:00
dn.py Support for Certificate Identity Mapping 2017-03-02 15:09:42 +01:00
dnsutil.py Py3: Fix ToASCII method 2017-01-06 12:48:10 +01:00
dogtag.py ca_status: add HTTP timeout 30 seconds 2017-05-04 14:09:50 +02:00
errors.py Replace StandardError with Exception 2015-09-30 10:51:36 +02:00
graph.py Remove unused variables in the code 2016-09-27 13:35:58 +02:00
ipa_log_manager.py install: allow specifying verbosity and console log format in CLI 2016-11-11 12:17:25 +01:00
ipaldap.py pylint_plugins: add forbidden import checker 2017-03-10 13:04:59 +01:00
ipautil.py ipapython.ipautil.run: Add option to set umask before executing command 2017-05-19 12:31:24 +02:00
ipavalidate.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
kerberos.py Principal: validate type of input parameter 2017-01-31 18:33:27 +01:00
kernel_keyring.py Fix session cookies 2016-07-22 16:30:32 +02:00
log_manager.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
Makefile.am ipapython: fix DEFAULT_PLUGINS in version.py 2017-03-09 18:39:48 +01:00
nsslib.py Remove ipapython.nsslib as it is not used anymore 2017-03-01 09:43:41 +00:00
README Replace DNS client based on acutil with python-dns 2012-05-24 13:55:56 +02:00
session_storage.py Fix libkrb5 filename for macOS 2017-05-17 14:07:13 +02:00
setup.cfg Port all setup.py to setuptools 2016-10-20 18:43:37 +02:00
setup.py Correct PyPI package dependencies 2017-04-26 12:31:11 +02:00
ssh.py py3: fingerprint_hex_sha256: fix encoding/decoding 2017-01-31 18:33:27 +01:00
version.py.in ipapython: fix DEFAULT_PLUGINS in version.py 2017-03-09 18:39:48 +01:00

README 

This is a set of libraries common to IPA clients and servers though mostly
geared currently towards command-line tools.

A brief overview:

config.py - identify the IPA server domain and realm. It uses python-dns to
            try to detect this information first and will fall back to
            /etc/ipa/default.conf if that fails.

ipautil.py - helper functions

entity.py - entity is the main data type. User and Group extend this class
            (but don't add anything currently).

ipavalidate.py - basic data validation routines