mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 23:50:03 -06:00
e07aefb886
Unfortunately the MIT krb5 library has a severe limitation with FILE ccaches when retrieving config data. It will always only search until the first entry is found and return that one. For FILE caches MIT krb5 does not support removing old entries when a new one is stored, and storage happens only in append mode, so the end result is that even if an update is stored it is never returned with the standard krb5_cc_get_config() call. To work around this issue we simply implement what krb5_cc_get_config() does under the hood with the difference that we do not stop at the first match but keep going until all ccache entries have been checked. Related https://pagure.io/freeipa/issue/6775 Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-By: Christian Heimes <cheimes@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com> |
||
---|---|---|
.. | ||
install | ||
__init__.py | ||
admintool.py | ||
certdb.py | ||
config.py | ||
cookie.py | ||
dn.py | ||
dnsutil.py | ||
dogtag.py | ||
errors.py | ||
graph.py | ||
ipa_log_manager.py | ||
ipaldap.py | ||
ipautil.py | ||
ipavalidate.py | ||
kerberos.py | ||
kernel_keyring.py | ||
log_manager.py | ||
Makefile.am | ||
nsslib.py | ||
README | ||
session_storage.py | ||
setup.cfg | ||
setup.py | ||
ssh.py | ||
version.py.in |
This is a set of libraries common to IPA clients and servers though mostly geared currently towards command-line tools. A brief overview: config.py - identify the IPA server domain and realm. It uses python-dns to try to detect this information first and will fall back to /etc/ipa/default.conf if that fails. ipautil.py - helper functions entity.py - entity is the main data type. User and Group extend this class (but don't add anything currently). ipavalidate.py - basic data validation routines