IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-11 08:41:55 -06:00
Code Issues Packages Projects Releases Wiki Activity
fb74866680
freeipa/ipaserver/install
History
Florence Blanc-Renaud fb74866680 CA-less install: non-ASCII chars in CA cert subject 
In a CA-less install, if the CA cert subject contains
non-ascii characters, ipa-server-install fails when
configuring SSL for httpd.

The issue happens when calling ipautil.run to extract the keys
from a p12file. The code is using the raw output of the command
and doesn't need to specify capture_output=True, as this option
breaks if the output contains non-ascii characters.
The raw_output contains bytes, the output is a str built by decoding
the raw_output and may fail if non-ascii characters are present.

Fixes: https://pagure.io/freeipa/issue/8880
Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Francois Cami <fcami@redhat.com>
2021-06-16 11:25:08 -04:00
..
plugins Move constants, document timeout loop 2021-05-12 13:29:31 -04:00
server LDAP autobind authenticateAsDN for BIND named 2021-06-15 14:13:16 +03:00
__init__.py Remove __all__ specifications in ipaclient and ipaserver.install 2013-09-06 15:42:33 +02:00
adtrust.py Use api.env.container_sysaccounts 2020-04-28 11:28:29 +02:00
adtrustinstance.py uninstall: Don't fail on missing /var/lib/samba 2020-08-17 10:46:23 +02:00
bindinstance.py LDAP autobind authenticateAsDN for BIND named 2021-06-15 14:13:16 +03:00
ca.py Remove the option stop_certmonger from stop_tracking_* 2021-02-15 17:13:53 +02:00
cainstance.py pkispawn: override AJP connector address 2021-05-26 17:04:56 +03:00
certs.py CA-less install: non-ASCII chars in CA cert subject 2021-06-16 11:25:08 -04:00
conncheck.py install: introduce installer class hierarchy 2016-11-11 12:17:25 +01:00
custodiainstance.py Add user and group wrappers 2020-09-22 09:23:18 -04:00
dns.py Change FreeIPA references to IPA and Identity Management 2021-01-21 13:51:45 +01:00
dnskeysyncinstance.py dnskeysyncinstance: use late binding for UID/GID resolution 2020-12-22 14:05:13 +02:00
dogtag.py Verify pki ini override early 2019-04-10 13:43:23 +02:00
dogtaginstance.py pkispawn: Make timeout consistent with IPA's startup_timeout 2021-05-06 11:05:14 -04:00
dsinstance.py ds: Support renaming of a replication plugin in 389-ds 2021-06-01 17:09:28 +03:00
httpinstance.py cleanup: Drop never used path for httpd's ccache 2021-03-04 14:17:01 +02:00
installutils.py Avoid comparing 'max' with 'max\n'. 2021-03-23 08:35:32 +01:00
ipa_acme_manage.py ipa-acme-manage: user a cookie created for the communication with dogtag REST endpoints 2020-11-17 18:48:24 +02:00
ipa_backup.py BIND: Setup logging 2021-05-25 10:45:49 +03:00
ipa_cacert_manage.py ipa-cacert-manage: add prune option 2021-02-12 14:08:11 -05:00
ipa_cert_fix.py ipa-cert-fix man page: add note about certmonger renewal 2021-06-10 20:59:27 +02:00
ipa_crlgen_manage.py CRL generation master: new utility to enable|disable 2019-03-14 09:39:55 +01:00
ipa_kra_install.py Change FreeIPA references to IPA and Identity Management 2021-01-21 13:51:45 +01:00
ipa_ldap_updater.py Remove -s option from ipa-ldap-updater usage 2021-05-20 14:45:27 -04:00
ipa_otptoken_import.py Py3: Remove subclassing from object 2018-09-27 11:49:04 +02:00
ipa_pkinit_manage.py PKINIT: fix ipa-pkinit-manage enable|disable 2018-12-05 11:06:21 +01:00
ipa_replica_install.py Enable replica install info logging to match ipa-server-install 2018-11-01 13:08:58 +01:00
ipa_restore.py LDAP autobind authenticateAsDN for BIND named 2021-06-15 14:13:16 +03:00
ipa_server_certinstall.py Require an ipa-ca SAN on 3rd party certs if ACME is enabled 2020-11-02 14:01:05 -05:00
ipa_server_install.py Improve console logging for ipa-server-install 2018-06-20 08:38:03 +02:00
ipa_server_upgrade.py ipa commands: print 'IPA is not configured' when ipa is not setup 2018-08-23 12:08:45 +02:00
ipa_trust_enable_agent.py ipa-adtrust-install: run remote configuration for new agents 2020-03-05 14:40:58 +01:00
ipa_winsync_migrate.py ipa commands: print 'IPA is not configured' when ipa is not setup 2018-08-23 12:08:45 +02:00
ipactl.py Ensure IPA is running (ideally) before uninstalling the KRA 2021-02-04 01:29:53 +01:00
kra.py Ensure IPA is running (ideally) before uninstalling the KRA 2021-02-04 01:29:53 +01:00
krainstance.py Change KRA profiles in certmonger tracking so they can renew 2020-12-01 12:56:03 +01:00
krbinstance.py Ensure that KDC cert has SAN DNS entry 2021-01-29 13:36:41 -05:00
ldapupdate.py LDAP autobind authenticateAsDN for BIND named 2021-06-15 14:13:16 +03:00
odsexporterinstance.py odsexporterinstance: use late binding for UID/GID resolution 2020-12-22 14:05:13 +02:00
opendnssecinstance.py opendnssecinstance: use late binding for UID/GID resolution 2020-12-22 14:05:13 +02:00
otpdinstance.py Enable pylint missing-final-newline check 2015-12-23 07:59:22 +01:00
replication.py ds: Support renaming of a replication plugin in 389-ds 2021-06-01 17:09:28 +03:00
schemaupdate.py Unify access to FQDN 2020-10-26 17:11:19 +11:00
service.py LDAP autobind authenticateAsDN for BIND named 2021-06-15 14:13:16 +03:00
sysupgrade.py Add absolute_import future imports 2018-04-20 09:43:37 +02:00
upgradeinstance.py ds: Support renaming of a replication plugin in 389-ds 2021-06-01 17:09:28 +03:00