freeipa/install at fb748666801b569ae0c56b8d78b96f32b8b30343 - freeipa - Git Repository of IntenseWebs.com, IF.Finance, IWeb.City, NuKVM.org, OilfieldTools Network, Spartan International Drilling, Green Polymer Products & more

IntenseWebs/freeipa

mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00

Files

History

Florence Blanc-Renaud fb74866680 CA-less install: non-ASCII chars in CA cert subject

In a CA-less install, if the CA cert subject contains
non-ascii characters, ipa-server-install fails when
configuring SSL for httpd.

The issue happens when calling ipautil.run to extract the keys
from a p12file. The code is using the raw output of the command
and doesn't need to specify capture_output=True, as this option
breaks if the output contains non-ascii characters.
The raw_output contains bytes, the output is a str built by decoding
the raw_output and may fail if non-ascii characters are present.

Fixes: https://pagure.io/freeipa/issue/8880
Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Francois Cami <fcami@redhat.com>

2021-06-16 11:25:08 -04:00

..

Move constants, document timeout loop

2021-05-12 13:29:31 -04:00

LDAP autobind authenticateAsDN for BIND named

2021-06-15 14:13:16 +03:00

__init__.py

Remove __all__ specifications in ipaclient and ipaserver.install

2013-09-06 15:42:33 +02:00

adtrust.py

Use api.env.container_sysaccounts

2020-04-28 11:28:29 +02:00

adtrustinstance.py

uninstall: Don't fail on missing /var/lib/samba

2020-08-17 10:46:23 +02:00

bindinstance.py

LDAP autobind authenticateAsDN for BIND named

2021-06-15 14:13:16 +03:00

ca.py

Remove the option stop_certmonger from stop_tracking_*

2021-02-15 17:13:53 +02:00

cainstance.py

pkispawn: override AJP connector address

2021-05-26 17:04:56 +03:00

certs.py

CA-less install: non-ASCII chars in CA cert subject

2021-06-16 11:25:08 -04:00

conncheck.py

install: introduce installer class hierarchy

2016-11-11 12:17:25 +01:00

custodiainstance.py

Add user and group wrappers

2020-09-22 09:23:18 -04:00

dns.py

Change FreeIPA references to IPA and Identity Management

2021-01-21 13:51:45 +01:00

dnskeysyncinstance.py

dnskeysyncinstance: use late binding for UID/GID resolution

2020-12-22 14:05:13 +02:00

dogtag.py

Verify pki ini override early

2019-04-10 13:43:23 +02:00

dogtaginstance.py

pkispawn: Make timeout consistent with IPA's startup_timeout

2021-05-06 11:05:14 -04:00

dsinstance.py

ds: Support renaming of a replication plugin in 389-ds

2021-06-01 17:09:28 +03:00

httpinstance.py

cleanup: Drop never used path for httpd's ccache

2021-03-04 14:17:01 +02:00

installutils.py

Avoid comparing 'max' with 'max\n'.

2021-03-23 08:35:32 +01:00

ipa_acme_manage.py

ipa-acme-manage: user a cookie created for the communication with dogtag REST endpoints

2020-11-17 18:48:24 +02:00

ipa_backup.py

BIND: Setup logging

2021-05-25 10:45:49 +03:00

ipa_cacert_manage.py

ipa-cacert-manage: add prune option

2021-02-12 14:08:11 -05:00

ipa_cert_fix.py

ipa-cert-fix man page: add note about certmonger renewal

2021-06-10 20:59:27 +02:00

ipa_crlgen_manage.py

CRL generation master: new utility to enable|disable

2019-03-14 09:39:55 +01:00

ipa_kra_install.py

Change FreeIPA references to IPA and Identity Management

2021-01-21 13:51:45 +01:00

ipa_ldap_updater.py

Remove -s option from ipa-ldap-updater usage

2021-05-20 14:45:27 -04:00

ipa_otptoken_import.py

Py3: Remove subclassing from object

2018-09-27 11:49:04 +02:00

ipa_pkinit_manage.py

PKINIT: fix ipa-pkinit-manage enable|disable

2018-12-05 11:06:21 +01:00

ipa_replica_install.py

Enable replica install info logging to match ipa-server-install

2018-11-01 13:08:58 +01:00

ipa_restore.py

LDAP autobind authenticateAsDN for BIND named

2021-06-15 14:13:16 +03:00

ipa_server_certinstall.py

Require an ipa-ca SAN on 3rd party certs if ACME is enabled

2020-11-02 14:01:05 -05:00

ipa_server_install.py

Improve console logging for ipa-server-install

2018-06-20 08:38:03 +02:00

ipa_server_upgrade.py

ipa commands: print 'IPA is not configured' when ipa is not setup

2018-08-23 12:08:45 +02:00

ipa_trust_enable_agent.py

ipa-adtrust-install: run remote configuration for new agents

2020-03-05 14:40:58 +01:00

ipa_winsync_migrate.py

ipa commands: print 'IPA is not configured' when ipa is not setup

2018-08-23 12:08:45 +02:00

ipactl.py

Ensure IPA is running (ideally) before uninstalling the KRA

2021-02-04 01:29:53 +01:00

kra.py

Ensure IPA is running (ideally) before uninstalling the KRA

2021-02-04 01:29:53 +01:00

krainstance.py

Change KRA profiles in certmonger tracking so they can renew

2020-12-01 12:56:03 +01:00

krbinstance.py

Ensure that KDC cert has SAN DNS entry

2021-01-29 13:36:41 -05:00

ldapupdate.py

LDAP autobind authenticateAsDN for BIND named

2021-06-15 14:13:16 +03:00

odsexporterinstance.py

odsexporterinstance: use late binding for UID/GID resolution

2020-12-22 14:05:13 +02:00

opendnssecinstance.py

opendnssecinstance: use late binding for UID/GID resolution

2020-12-22 14:05:13 +02:00

otpdinstance.py

Enable pylint missing-final-newline check

2015-12-23 07:59:22 +01:00

replication.py

ds: Support renaming of a replication plugin in 389-ds

2021-06-01 17:09:28 +03:00

schemaupdate.py

Unify access to FQDN

2020-10-26 17:11:19 +11:00

service.py

LDAP autobind authenticateAsDN for BIND named

2021-06-15 14:13:16 +03:00

sysupgrade.py

Add absolute_import future imports

2018-04-20 09:43:37 +02:00

upgradeinstance.py

ds: Support renaming of a replication plugin in 389-ds

2021-06-01 17:09:28 +03:00