freeipa.git/tests/test_xmlrpc/test_service_plugin.py, branch hbactest FreeIPA project Fix invalid issuer in unit tests 2011-07-28T00:56:16+00:00 Martin Kosek mkosek@redhat.com 2011-07-27T09:02:00+00:00 18aa73e06e30939b6b8d0a2c6def41fb6bd4eef8 Fix several test failures when issuer does not match the one generated by make-testcert (CN=Certificate Authority,O=<realm>). https://fedorahosted.org/freeipa/ticket/1527 
Fix several test failures when issuer does not match the one
generated by make-testcert (CN=Certificate Authority,O=<realm>).

https://fedorahosted.org/freeipa/ticket/1527
Require an imported certificate's issuer to match our issuer. 2011-06-16T23:27:17+00:00 Rob Crittenden rcritten@redhat.com 2011-04-26T20:45:19+00:00 a2a3782efb386f18689faf35a069c4da1085e87d The goal is to not import foreign certificates. This caused a bunch of tests to fail because we had a hardcoded server certificate. Instead a developer will need to run make-testcert to create a server certificate generated by the local CA to test against. ticket 1134 
The goal is to not import foreign certificates.

This caused a bunch of tests to fail because we had a hardcoded server
certificate. Instead a developer will need to run make-testcert to
create a server certificate generated by the local CA to test against.

ticket 1134
Ignore case when removing group members. 2011-02-14T15:22:28+00:00 Rob Crittenden rcritten@redhat.com 2011-02-11T15:54:13+00:00 cb48ec3508a131f95f215831bf220aac3fb33928 ticket 944 
ticket 944
Display the entries that failed when deleting with --continue. 2011-01-10T15:32:10+00:00 Rob Crittenden rcritten@redhat.com 2011-01-07T16:17:55+00:00 6f58f38748085e6a104de6f9e992469d3b685d5a We collected the failures but didn't report it back. This changes the API of most delete commands so rather than returning a boolean it returns a dict with the only current key as failed. This also adds a new parameter flag, suppress_empty. This will try to not print values that are empty if included. This makes the output of the delete commands a bit prettier. ticket 687 
We collected the failures but didn't report it back. This changes the
API of most delete commands so rather than returning a boolean it returns
a dict with the only current key as failed.

This also adds a new parameter flag, suppress_empty. This will try to
not print values that are empty if included. This makes the output of
the delete commands a bit prettier.

ticket 687
Change FreeIPA license to GPLv3+ 2010-12-20T22:19:53+00:00 Jakub Hrozek jhrozek@redhat.com 2010-12-09T12:59:11+00:00 7493d781dfcaa7995f7864a09ad39ba6a89f1a9c The changes include: * Change license blobs in source files to mention GPLv3+ not GPLv2 only * Add GPLv3+ license text * Package COPYING not LICENSE as the license blobs (even the old ones) mention COPYING specifically, it is also more common, I think https://fedorahosted.org/freeipa/ticket/239 
The changes include:
 * Change license blobs in source files to mention GPLv3+ not GPLv2 only
 * Add GPLv3+ license text
 * Package COPYING not LICENSE as the license blobs (even the old ones)
   mention COPYING specifically, it is also more common, I think

 https://fedorahosted.org/freeipa/ticket/239
Add managedby to Host entries 2010-11-19T15:31:42+00:00 Rob Crittenden rcritten@redhat.com 2010-11-10T21:47:29+00:00 d4f25453e116ca132208e99d5e320500efbe5d9c This will allow others to provision on behalf of the host. ticket 280 
This will allow others to provision on behalf of the host.

ticket 280
Revoke a host's certificate (if any) when it is deleted or disabled. 2010-11-19T15:31:42+00:00 Rob Crittenden rcritten@redhat.com 2010-11-05T19:16:53+00:00 2046eddb7ab3e56f57f9decd172f6354f0a945aa Disable any services when its host is disabled. This also adds displaying the certificate attributes (subject, etc) a bit more universal and centralized in a single function. ticket 297 
Disable any services when its host is disabled.

This also adds displaying the certificate attributes (subject, etc)
a bit more universal and centralized in a single function.

ticket 297
Fix two failing tests. 2010-10-23T01:45:37+00:00 Rob Crittenden rcritten@redhat.com 2010-10-20T17:14:22+00:00 0e4e1f4bbd8c6e5dd52995b059a87b3c3b3d8bda The first test is a mismatch in the sample output of an exception. The second test adds certificate information output to the service plugin. 
The first test is a mismatch in the sample output of an exception.

The second test adds certificate information output to the service plugin.
Accept an incoming certificate as either DER or base64 in the service plugin. 2010-10-08T17:15:03+00:00 Rob Crittenden rcritten@redhat.com 2010-10-08T17:15:03+00:00 d2a9ccf407709aa7a2a2378f758fb4db40181684 The plugin required a base64-encoded certificate and always decoded it before processing. This doesn't work with the UI because the json module decodes binary values already. Try to detect if the incoming value is base64-encoded and decode if necessary. Finally, try to pull the cert apart to validate it. This will tell us for sure that the data is a certificate, regardless of the format it came in as. ticket 348 
The plugin required a base64-encoded certificate and always decoded it
before processing. This doesn't work with the UI because the json module
decodes binary values already.

Try to detect if the incoming value is base64-encoded and decode if
necessary. Finally, try to pull the cert apart to validate it. This will
tell us for sure that the data is a certificate, regardless of the format
it came in as.

ticket 348
Enable a host to retrieve a keytab for all its services. 2010-08-16T21:13:56+00:00 Rob Crittenden rcritten@redhat.com 2010-08-06T02:41:32+00:00 2f4f9054aac8bef83272d690a4868653a3a5bd0d Using the host service principal one should be able to retrieve a keytab for other services for the host using ipa-getkeytab. This required a number of changes: - allow hosts in the service's managedby to write krbPrincipalKey - automatically add the host to managedby when a service is created - fix ipa-getkeytab to return the entire prinicpal and not just the first data element. It was returning "host" from the service tgt and not host/ipa.example.com - fix the display of the managedby attribute in the service plugin This led to a number of changes in the service unit tests. I took the opportunity to switch to the Declarative scheme and tripled the number of tests we were doing. This shed some light on a few bugs in the plugin: - if a service had a bad usercertificate it was impossible to delete the service. I made it a bit more flexible. - I added a summary for the mod and find commands - has_keytab wasn't being set in the find output ticket 68 
Using the host service principal one should be able to retrieve a keytab
for other services for the host using ipa-getkeytab. This required a number
of changes:

- allow hosts in the service's managedby to write krbPrincipalKey
- automatically add the host to managedby when a service is created
- fix ipa-getkeytab to return the entire prinicpal and not just the
  first data element. It was returning "host" from the service tgt
  and not host/ipa.example.com
- fix the display of the managedby attribute in the service plugin

This led to a number of changes in the service unit tests. I took the
opportunity to switch to the Declarative scheme and tripled the number
of tests we were doing. This shed some light on a few bugs in the plugin:

- if a service had a bad usercertificate it was impossible to delete the
  service. I made it a bit more flexible.
- I added a summary for the mod and find commands
- has_keytab wasn't being set in the find output

ticket 68