IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-26 00:41:25 -06:00
Code Issues Packages Projects Releases Wiki Activity
e537686bcc
freeipa/ipaplatform/redhat
History
Stanislav Laznicka e537686bcc Don't write p11-kit EKU extension object if no EKU 
b5732efd introduced a regression because it tries to write EKU
that's actually in the CA cert instead of using the LDAP information.
However, when no EKU is available,
IPACertificate.extended_key_usage_bytes still returned at least
EKU_PLACEHOLDER OID to keep the behavior the same as in previous
versions. This caused the EKU_PLACEHOLDER to be written in the
ipa.p11-kit file which made Firefox report FreeIPA Web UI as
improperly configured.

https://pagure.io/freeipa/issue/7119

Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
2017-09-19 09:42:07 +02:00
..
__init__.py Split off generic Red Hat-like platform code from Fedora platform code 2014-10-09 15:37:24 +02:00
authconfig.py Fix for handling CalledProcessError in authconfig 2017-01-18 08:51:38 +01:00
constants.py ipaplatform: Add constants submodule 2015-07-21 17:29:33 +02:00
paths.py named.conf template: update API for bind 9.11 2017-02-09 16:34:53 +01:00
services.py logging: do not log into the root logger 2017-07-14 15:55:59 +02:00
tasks.py Don't write p11-kit EKU extension object if no EKU 2017-09-19 09:42:07 +02:00