freeipa/ipalib/plugins
Fraser Tweedale ec7e5e0cac cert-request: enforce caacl for principals in SAN
cert-request currently does not enforce caacls for principals
included in the subjectAltName requestExtension.  Enforce for any
dNSName values recognised as hosts/services known to FreeIPA.

Fixes: https://fedorahosted.org/freeipa/ticket/5096
Reviewed-By: David Kupka <dkupka@redhat.com>
2015-07-08 17:13:25 +02:00
..
__init__.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
aci.py aci plugin: Fix internal error when ACIs are not readable 2014-05-29 16:22:37 +02:00
automember.py Fix error message for nonexistent members and add tests. 2014-11-24 16:04:57 +01:00
automount.py Add several CRUD default permissions 2014-06-24 13:53:41 +02:00
baseldap.py include more information in metadata 2015-07-03 10:42:16 +02:00
baseuser.py ipalib: Load ipaserver plugins when api.env.in_server is True 2015-07-01 13:05:30 +00:00
batch.py Update all remaining plugins to the new Registry API 2014-06-11 09:24:22 +02:00
caacl.py caacl: fix incorrect construction of HbacRequest for hosts 2015-07-08 17:13:25 +02:00
cert.py cert-request: enforce caacl for principals in SAN 2015-07-08 17:13:25 +02:00
certprofile.py certprofile: add ability to update profile config in Dogtag 2015-07-08 00:25:46 +02:00
config.py Expose the disabled User Auth Type 2015-02-12 10:31:24 +01:00
delegation.py Update all remaining plugins to the new Registry API 2014-06-11 09:24:22 +02:00
dns.py DNS: Do not traceback if DNS is not installed 2015-07-01 20:19:01 +02:00
domainlevel.py Hide topology and domainlevel features 2015-07-08 00:09:09 +02:00
group.py idviews: Remove ID overrides for permanently removed users and groups 2015-07-01 13:06:40 +02:00
hbacrule.py Convert HBAC Rule default permissions to managed 2014-06-24 13:53:40 +02:00
hbacsvc.py Convert HBAC Service default permissions to managed 2014-06-24 13:53:40 +02:00
hbacsvcgroup.py Do not require description in UI. 2014-09-29 12:53:43 +02:00
hbactest.py Update all remaining plugins to the new Registry API 2014-06-11 09:24:22 +02:00
host.py new commands to manage user/host/service certificates 2015-07-02 14:43:44 +00:00
hostgroup.py hostgroup: Selected PEP8 fixes for the hostgroup plugin 2014-09-30 10:42:06 +02:00
idrange.py idrange: include raw range type in output 2014-11-11 10:56:16 +01:00
idviews.py idviews: Fallback to AD DC LDAP only if specifically allowed 2015-07-02 13:23:21 +02:00
internal.py webui: caacl 2015-07-08 17:12:29 +02:00
kerberos.py Update all remaining plugins to the new Registry API 2014-06-11 09:24:22 +02:00
krbtpolicy.py Make 'permission' the default bind type for managed permissions 2014-06-11 13:21:29 +02:00
migration.py plugable: Pass API to plugins on initialization rather than using set_api 2015-07-01 13:05:30 +00:00
misc.py plugable: Pass API to plugins on initialization rather than using set_api 2015-07-01 13:05:30 +00:00
netgroup.py Do not require description in UI. 2014-09-29 12:53:43 +02:00
otpconfig.py Fix TOTP Synchronization Window label 2015-02-17 08:26:42 +01:00
otptoken_yubikey.py Create an OTP help topic 2014-12-05 13:44:51 +01:00
otptoken.py Fix OTP token URI generation 2015-06-17 16:46:25 +02:00
passwd.py ipa-passwd: add OTP support 2014-06-26 12:37:38 +02:00
permission.py Server Upgrade: use debug log level for upgrade instead of info 2015-07-03 07:47:59 +00:00
ping.py Allow API plugin registration via a decorator 2013-08-14 12:08:27 +02:00
pkinit.py Update all remaining plugins to the new Registry API 2014-06-11 09:24:22 +02:00
privilege.py Do not require description in UI. 2014-09-29 12:53:43 +02:00
pwpolicy.py pwpolicy-add: Added better error handling 2014-09-02 10:40:12 +02:00
radiusproxy.py Split long docstrings that were recently modified 2014-06-10 13:19:32 +02:00
realmdomains.py Add Modify Realm Domains permission 2014-07-04 12:17:04 +02:00
role.py speed up indirect member processing 2015-04-27 05:55:04 +00:00
rpcclient.py Switch client to JSON-RPC 2013-11-26 16:59:59 +01:00
selfservice.py Update all remaining plugins to the new Registry API 2014-06-11 09:24:22 +02:00
selinuxusermap.py Convert SELinux User Map default permissions to managed 2014-06-24 13:53:41 +02:00
server.py server: add "del" command 2015-06-15 16:06:48 +02:00
service.py new commands to manage user/host/service certificates 2015-07-02 14:43:44 +00:00
servicedelegation.py Add plugin to manage service constraint delegations 2015-06-03 09:47:40 +00:00
stageuser.py Display the wrong attribute name when mandatory attribute is missing 2015-07-02 12:01:07 +02:00
sudocmd.py Convert Sudo Command default permissions to managed 2014-06-24 13:53:41 +02:00
sudocmdgroup.py Do not require description in UI. 2014-09-29 12:53:43 +02:00
sudorule.py Sudorule RunAsUser should work with external groups 2014-10-02 11:06:47 +02:00
topology.py Hide topology and domainlevel features 2015-07-08 00:09:09 +02:00
trust.py trust: support retrieving POSIX IDs with one-way trust during trust-add 2015-07-08 01:56:52 +02:00
user.py new commands to manage user/host/service certificates 2015-07-02 14:43:44 +00:00
vault.py Added vault access control. 2015-07-08 06:30:23 +00:00
virtual.py Internationalization for public errors 2012-09-03 18:16:12 +02:00