lp:~vcs-imports/freeipa/master
- Get this branch:
- bzr branch lp:~vcs-imports/freeipa/master
Branch merges
Branch information
Import details
This branch is an import of the HEAD branch of the Git repository at git://git.fedorahosted.org/git/freeipa.git.
Last successful import was .
Recent revisions
- 9792. By Christian Heimes <email address hidden>
-
C compilation fixes and hardening
Fix "implicit declaration of function ‘strlen’" in ipa_pwd_ntlm.c,
credits to Lukas.Add -Werror=
implicit- function- declaration to CFLAGS to point developers
to missing includes. It causes compilation to fail when a developer
forgets to add a required include. The problem is no longer hidden in a
massive wall of text from make.Silence a harmless error from 389-DS slapi.h until the bug is fixed in
downstream, https://pagure. io/389- ds-base/ issue/48979 Signed-off-by: Christian Heimes <email address hidden>
Reviewed-By: Stanislav Laznicka <email address hidden> - 9791. By Stanislav Laznicka <email address hidden>
-
Moving ipaCert from HTTPD_ALIAS_DIR
The "ipaCert" nicknamed certificate is not required to be
in /var/lib/ipa/radb NSSDB anymore as we were keeping a copy
of this file in a separate file anyway. Remove it from there
and track only the file. Remove the IPA_RADB_DIR as well as
it is not required anymore.https:/
/fedorahosted. org/freeipa/ ticket/ 5695
https://fedorahosted. org/freeipa/ ticket/ 6680 Reviewed-By: Jan Cholasta <email address hidden>
- 9790. By Stanislav Laznicka <email address hidden>
-
Added a PEMFileHandler for Custodia store
This is a preparation step to be able to handle sending RA agent
certificate over Custodia during domain level 1 replica installation.https:/
/fedorahosted. org/freeipa/ ticket/ 5695 Reviewed-By: Jan Cholasta <email address hidden>
- 9789. By Stanislav Laznicka <email address hidden>
-
Refactor certmonger for OpenSSL certificates
Currently, it was only possible to request an NSS certificate
via certmonger. Merged start_tracking methods and refactored them
to allow for OpenSSL certificates tracking.https:/
/fedorahosted. org/freeipa/ ticket/ 5695 Reviewed-By: Jan Cholasta <email address hidden>
- 9788. By Stanislav Laznicka <email address hidden>
-
Workaround for certmonger's "Subject" representations
If an OpenSSL certificate is requested in Certmonger
(CERT_STORAGE == "FILE") the "Subject" field of such Certificate
is ordered as received. However, when an NSS certificate is
requested, the "Subject" field takes the LDAP order
(components get reversed). This is a workaround so that the behavior
stays the same.The workaround should be removed when
https://pagure. io/certmonger/ issue/62 gets fixed. https:/
/fedorahosted. org/freeipa/ ticket/ 5695 Reviewed-By: Jan Cholasta <email address hidden>
- 9787. By Stanislav Laznicka <email address hidden>
-
Remove ipapython.nsslib as it is not used anymore
Previous changes allowed the removal of nsslib.
So long, and thanks for all the fish.
https:/
/fedorahosted. org/freeipa/ ticket/ 5695 Reviewed-By: Jan Cholasta <email address hidden>
- 9786. By Stanislav Laznicka <email address hidden>
-
Remove NSSConnection from otptoken plugin
Replace NSSConnection with httplib.
HTTPSConenction to be able to remove
NSSConnection for good.https:/
/fedorahosted. org/freeipa/ ticket/ 5695 Reviewed-By: Jan Cholasta <email address hidden>
- 9785. By Stanislav Laznicka <email address hidden>
-
Remove pkcs12 handling functions from CertDB
These functions don't require anything from the CertDB instance,
move them out so no needless instantiation of CertDB is performed
in order to use them.https:/
/fedorahosted. org/freeipa/ ticket/ 5695 Reviewed-By: Jan Cholasta <email address hidden>
- 9784. By Stanislav Laznicka <email address hidden>
-
Remove NSSConnection from Dogtag
Replaced NSSConnection with Python's httplib.
HTTPSConnection .
This class is OpenSSL-based.A client certificate with a private key is required to authenticate
against the certificate server. We facilitate the RA_AGENT_PEM which
already exists.https:/
/fedorahosted. org/freeipa/ ticket/ 5695 Reviewed-By: Jan Cholasta <email address hidden>
- 9783. By Stanislav Laznicka <email address hidden>
-
Move publishing of CA cert to cainstance creation on master
IPAHTTPSConnection which is set up first time in certificate profiles
migration to LDAP requires CA cert to be stored in a file.https:/
/fedorahosted. org/freeipa/ ticket/ 5695 Reviewed-By: Jan Cholasta <email address hidden>
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)