FreeIPA packaging

lp:~vcs-imports/freeipa/master

Created by VCS imports on 2009-10-05 and last modified on 2017-03-01

Get this branch:: bzr branch lp:~vcs-imports/freeipa/master

Branch merges

This import branch has no branches proposed for merge into it.

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: VCS imports

Project:: FreeIPA packaging

Status:: Development

Import details

Import Status: Failed

This branch is an import of the HEAD branch of the Git repository at git://git.fedorahosted.org/git/freeipa.git.

The import has been suspended because it failed 5 or more times in succession.

Last successful import was on 2017-03-01.

Failure

Import started on 2017-03-05 on pear and finished on 2017-03-05 taking 20 seconds — see the log

Failure

Import started on 2017-03-03 on pear and finished on 2017-03-03 taking 20 seconds — see the log

Failure

Import started on 2017-03-02 on pear and finished on 2017-03-02 taking 20 seconds — see the log

Failure

Import started on 2017-03-02 on pear and finished on 2017-03-02 taking 30 seconds — see the log

Recent revisions

9792. By Christian Heimes <email address hidden> on 2017-03-01

C compilation fixes and hardening

Fix "implicit declaration of function ‘strlen’" in ipa_pwd_ntlm.c,
credits to Lukas.

Add -Werror=implicit-function-declaration to CFLAGS to point developers
to missing includes. It causes compilation to fail when a developer
forgets to add a required include. The problem is no longer hidden in a
massive wall of text from make.

Silence a harmless error from 389-DS slapi.h until the bug is fixed in
downstream, https://pagure.io/389-ds-base/issue/48979

Signed-off-by: Christian Heimes <email address hidden>
Reviewed-By: Stanislav Laznicka <email address hidden>

9791. By Stanislav Laznicka <email address hidden> on 2017-03-01

Moving ipaCert from HTTPD_ALIAS_DIR

The "ipaCert" nicknamed certificate is not required to be
in /var/lib/ipa/radb NSSDB anymore as we were keeping a copy
of this file in a separate file anyway. Remove it from there
and track only the file. Remove the IPA_RADB_DIR as well as
it is not required anymore.

https://fedorahosted.org/freeipa/ticket/5695
https://fedorahosted.org/freeipa/ticket/6680

Reviewed-By: Jan Cholasta <email address hidden>

9790. By Stanislav Laznicka <email address hidden> on 2017-03-01

Added a PEMFileHandler for Custodia store

This is a preparation step to be able to handle sending RA agent
certificate over Custodia during domain level 1 replica installation.

https://fedorahosted.org/freeipa/ticket/5695

Reviewed-By: Jan Cholasta <email address hidden>

9789. By Stanislav Laznicka <email address hidden> on 2017-03-01

Refactor certmonger for OpenSSL certificates

Currently, it was only possible to request an NSS certificate
via certmonger. Merged start_tracking methods and refactored them
to allow for OpenSSL certificates tracking.

https://fedorahosted.org/freeipa/ticket/5695

Reviewed-By: Jan Cholasta <email address hidden>

9788. By Stanislav Laznicka <email address hidden> on 2017-03-01

Workaround for certmonger's "Subject" representations

If an OpenSSL certificate is requested in Certmonger
(CERT_STORAGE == "FILE") the "Subject" field of such Certificate
is ordered as received. However, when an NSS certificate is
requested, the "Subject" field takes the LDAP order
(components get reversed). This is a workaround so that the behavior
stays the same.

The workaround should be removed when
https://pagure.io/certmonger/issue/62 gets fixed.

https://fedorahosted.org/freeipa/ticket/5695

Reviewed-By: Jan Cholasta <email address hidden>

9787. By Stanislav Laznicka <email address hidden> on 2017-03-01

Remove ipapython.nsslib as it is not used anymore

Previous changes allowed the removal of nsslib.

So long, and thanks for all the fish.

https://fedorahosted.org/freeipa/ticket/5695

Reviewed-By: Jan Cholasta <email address hidden>

9786. By Stanislav Laznicka <email address hidden> on 2017-03-01

Remove NSSConnection from otptoken plugin

Replace NSSConnection with httplib.HTTPSConenction to be able to remove
NSSConnection for good.

https://fedorahosted.org/freeipa/ticket/5695

Reviewed-By: Jan Cholasta <email address hidden>

9785. By Stanislav Laznicka <email address hidden> on 2017-03-01

Remove pkcs12 handling functions from CertDB

These functions don't require anything from the CertDB instance,
move them out so no needless instantiation of CertDB is performed
in order to use them.

https://fedorahosted.org/freeipa/ticket/5695

Reviewed-By: Jan Cholasta <email address hidden>

9784. By Stanislav Laznicka <email address hidden> on 2017-03-01

Remove NSSConnection from Dogtag

Replaced NSSConnection with Python's httplib.HTTPSConnection.
This class is OpenSSL-based.

A client certificate with a private key is required to authenticate
against the certificate server. We facilitate the RA_AGENT_PEM which
already exists.

https://fedorahosted.org/freeipa/ticket/5695

Reviewed-By: Jan Cholasta <email address hidden>

9783. By Stanislav Laznicka <email address hidden> on 2017-03-01

Move publishing of CA cert to cainstance creation on master

IPAHTTPSConnection which is set up first time in certificate profiles
migration to LDAP requires CA cert to be stored in a file.

https://fedorahosted.org/freeipa/ticket/5695

Reviewed-By: Jan Cholasta <email address hidden>

»

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

This branch contains Public information

Everyone can see this information.

Subscribers

No subscribers.