freeipa/ipapython
Simo Sorce e07aefb886
Work around issues fetching session data
Unfortunately the MIT krb5 library has a severe limitation with FILE
ccaches when retrieving config data. It will always only search until
the first entry is found and return that one.

For FILE caches MIT krb5 does not support removing old entries when a
new one is stored, and storage happens only in append mode, so the end
result is that even if an update is stored it is never returned with the
standard krb5_cc_get_config() call.

To work around this issue we simply implement what krb5_cc_get_config()
does under the hood with the difference that we do not stop at the first
match but keep going until all ccache entries have been checked.

Related https://pagure.io/freeipa/issue/6775

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-By: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2017-03-28 13:36:30 +02:00
..
install Fix Python 3 pylint errors 2017-03-15 19:11:32 +01:00
__init__.py Rename ipa-python directory to ipapython so it is a real python library 2009-02-09 14:35:15 -05:00
admintool.py Python3 pylint fixes 2016-11-25 16:18:22 +01:00
certdb.py httpinstance: clean up /etc/httpd/alias on uninstall 2017-03-22 14:58:18 +01:00
config.py pylint_plugins: add forbidden import checker 2017-03-10 13:04:59 +01:00
cookie.py pylint_plugins: add forbidden import checker 2017-03-10 13:04:59 +01:00
dn.py Support for Certificate Identity Mapping 2017-03-02 15:09:42 +01:00
dnsutil.py Py3: Fix ToASCII method 2017-01-06 12:48:10 +01:00
dogtag.py pylint_plugins: add forbidden import checker 2017-03-10 13:04:59 +01:00
errors.py Replace StandardError with Exception 2015-09-30 10:51:36 +02:00
graph.py Remove unused variables in the code 2016-09-27 13:35:58 +02:00
ipa_log_manager.py install: allow specifying verbosity and console log format in CLI 2016-11-11 12:17:25 +01:00
ipaldap.py pylint_plugins: add forbidden import checker 2017-03-10 13:04:59 +01:00
ipautil.py ipapython.ipautil.nolog_replace: Do not replace empty value 2017-03-21 09:46:44 +01:00
ipavalidate.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
kerberos.py Principal: validate type of input parameter 2017-01-31 18:33:27 +01:00
kernel_keyring.py Fix session cookies 2016-07-22 16:30:32 +02:00
log_manager.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
Makefile.am ipapython: fix DEFAULT_PLUGINS in version.py 2017-03-09 18:39:48 +01:00
nsslib.py Remove ipapython.nsslib as it is not used anymore 2017-03-01 09:43:41 +00:00
README Replace DNS client based on acutil with python-dns 2012-05-24 13:55:56 +02:00
session_storage.py Work around issues fetching session data 2017-03-28 13:36:30 +02:00
setup.cfg Port all setup.py to setuptools 2016-10-20 18:43:37 +02:00
setup.py Adjustments for setup requirements 2016-11-30 13:32:30 +01:00
ssh.py py3: fingerprint_hex_sha256: fix encoding/decoding 2017-01-31 18:33:27 +01:00
version.py.in ipapython: fix DEFAULT_PLUGINS in version.py 2017-03-09 18:39:48 +01:00

This is a set of libraries common to IPA clients and servers though mostly
geared currently towards command-line tools.

A brief overview:

config.py - identify the IPA server domain and realm. It uses python-dns to
            try to detect this information first and will fall back to
            /etc/ipa/default.conf if that fails.

ipautil.py - helper functions

entity.py - entity is the main data type. User and Group extend this class
            (but don't add anything currently).

ipavalidate.py - basic data validation routines