IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
b12db924143cd6828c596c0b8a261325f3f589f3
freeipa/ipapython
History
Fraser Tweedale b12db92414 Create server and host certs with DNS altname 
Currently server (HTTP / LDAP) certs are created without a Subject
Alternative Name extension during server install, replica prepare
and host enrolment, a potentially problematic violation of RFC 2818.

Add the hostname as a SAN dNSName when these certs are created.

(Certmonger adds an appropriate request extension when renewing the
certificate, so nothing needs to be done for renewal).

Fixes: https://fedorahosted.org/freeipa/ticket/4970
Reviewed-By: Petr Spacek <pspacek@redhat.com>
2016-07-19 14:18:04 +02:00
..
dnssec
Fix minor typos
2016-06-20 13:49:32 +02:00
install
installer: index() raises ValueError
2016-06-13 18:04:40 +02:00
secrets
Add custodia store for lightweight CA key replication
2016-06-09 09:04:27 +02:00
__init__.py
Rename ipa-python directory to ipapython so it is a real python library
2009-02-09 14:35:15 -05:00
admintool.py
admintool: Add error message with path to log on failure.
2015-10-15 13:32:13 +02:00
certdb.py
certdb: never use the -r option of certutil
2016-03-16 09:35:44 +01:00
certmonger.py
Create server and host certs with DNS altname
2016-07-19 14:18:04 +02:00
config.py
Fix: catch Exception instead of more specific exception types
2016-03-22 17:33:02 +01:00
cookie.py
cookie parser: do not fail on cookie with empty value
2016-03-01 14:16:08 +01:00
dn.py
ipapython.dn: Use rich comparisons
2015-10-07 10:27:20 +02:00
dnsutil.py
Fix internal errors in host-add and other commands caused by DNS resolution
2016-07-01 10:35:39 +02:00
dogtag.py
Remove workaround for CA running check
2016-01-21 14:09:44 +01:00
errors.py
Replace StandardError with Exception
2015-09-30 10:51:36 +02:00
graph.py
Use Python3-compatible dict method names
2015-09-01 11:42:01 +02:00
ipa_log_manager.py
Use absolute imports
2015-08-12 18:17:23 +02:00
ipa.conf
Rename ipa-python directory to ipapython so it is a real python library
2009-02-09 14:35:15 -05:00
ipaldap.py
ipalib: introduce Principal parameter
2016-07-01 09:37:25 +02:00
ipautil.py
Fix internal errors in host-add and other commands caused by DNS resolution
2016-07-01 10:35:39 +02:00
ipavalidate.py
Change FreeIPA license to GPLv3+
2010-12-20 17:19:53 -05:00
kerberos.py
ipapython module for Kerberos principal manipulation and parsing
2016-07-01 09:37:25 +02:00
kernel_keyring.py
ipautil.run, kernel_keyring: Encoding fixes for Python 3
2016-02-17 10:41:29 +01:00
log_manager.py
Fix minor typos
2016-06-16 08:47:20 +02:00
Makefile
ipapython: port p11helper C code to Python
2016-01-21 10:21:32 +01:00
MANIFEST.in
Rename ipa-python directory to ipapython so it is a real python library
2009-02-09 14:35:15 -05:00
nsslib.py
Pylint: remove unnecessary-semicolon
2016-03-22 10:20:51 +01:00
p11helper.py
p11helper: Port to Python 3
2016-02-17 10:41:29 +01:00
README
Replace DNS client based on acutil with python-dns
2012-05-24 13:55:56 +02:00
setup.py.in
pylint: fix: multiple-statements
2016-06-21 13:51:28 +02:00
ssh.py
Remove unused imports
2015-12-23 07:59:22 +01:00
sysrestore.py
sysrestore: Iterate over a list of dict keys
2016-04-28 16:22:07 +02:00
version.py.in
plugable: support plugin versioning
2016-06-28 13:30:49 +02:00

README 

This is a set of libraries common to IPA clients and servers though mostly
geared currently towards command-line tools.

A brief overview:

config.py - identify the IPA server domain and realm. It uses python-dns to
            try to detect this information first and will fall back to
            /etc/ipa/default.conf if that fails.

ipautil.py - helper functions

entity.py - entity is the main data type. User and Group extend this class
            (but don't add anything currently).

ipavalidate.py - basic data validation routines