IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
b57c818fab
freeipa/ipalib
History
Christian Heimes b57c818fab Use only TLS 1.2 by default 
TLS 1.3 is causing some trouble with client cert authentication.
Conditional client cert authentication requires post-handshake
authentication extension on TLS 1.3. The new feature is not fully
implemented yet.

TLS 1.0 and 1.1 are no longer state of the art and now disabled by
default.

TLS 1.2 works everywhere and supports PFS.

Related: https://pagure.io/freeipa/issue/7667

Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2019-07-01 14:55:29 +02:00
..
install Pass token_name to certmonger 2019-04-25 08:57:58 +02:00
__init__.py Use expanduser instead of HOME env var 2019-01-29 12:44:19 +01:00
aci.py Py3: Replace six.string_types with str 2018-09-27 16:11:18 +02:00
backend.py Fix Pylint 2.0 violations 2018-07-14 12:04:19 +02:00
base.py Py3: Replace six.string_types with str 2018-09-27 16:11:18 +02:00
capabilities.py Replace LooseVersion 2016-11-24 15:46:40 +01:00
cli.py make sure IPA_CONFDIR is used to check that client is configured 2019-01-10 11:24:08 +01:00
config.py Use only TLS 1.2 by default 2019-07-01 14:55:29 +02:00
constants.py Use only TLS 1.2 by default 2019-07-01 14:55:29 +02:00
crud.py ipalib, ipaserver: fix incorrect API.register calls in docstrings 2016-05-25 16:06:26 +02:00
dns.py dnsrecord-mod: allow to modify ttl without passing the record 2019-07-01 09:16:21 +02:00
errors.py Require UTF-8 fs encoding 2017-11-21 16:13:28 +01:00
frontend.py Fix pylint 2.0 return-related violations 2018-07-11 10:11:38 +02:00
krb_utils.py Allow login to WebUI using Kerberos aliases/enterprise principals 2017-03-08 15:56:11 +01:00
Makefile.am Build: Makefiles for Python packages 2016-11-09 13:08:32 +01:00
messages.py Handle missing LWCA certificate or chain 2019-06-18 10:36:24 +10:00
misc.py Add fix for ipa plugins command 2017-02-17 10:22:07 +01:00
output.py Generate same API.txt under Python 2 and 3 2018-02-15 09:41:30 +01:00
parameters.py Py3: Replace six.moves imports 2018-10-05 12:06:19 +02:00
pkcs10.py Remove pkcs10 module contents 2017-10-25 09:46:41 +02:00
plugable.py Remove deprecated object logger 2019-04-23 12:55:35 +02:00
request.py Py3: Remove subclassing from object 2018-09-27 11:49:04 +02:00
rpc.py rpc: always read response 2018-11-07 08:39:42 +01:00
setup.cfg Port all setup.py to setuptools 2016-10-20 18:43:37 +02:00
setup.py Cleanup shebang and executable bit 2018-07-05 19:46:42 +02:00
text.py Py3: Remove subclassing from object 2018-09-27 11:49:04 +02:00
util.py Use only TLS 1.2 by default 2019-07-01 14:55:29 +02:00
x509.py Use PKCS#8 instead of traditional privkey format 2019-05-14 17:11:54 +02:00