freeipa.git - FreeIPA project

	Commit message (Collapse)	Author	Age	Files	Lines
*	Try to register DNS name through a DNS Update on install.	Simo Sorce	2011-02-17	1	-1/+1
\| \| \| \|	Fixes: https://fedorahosted.org/freeipa/ticket/935
*	Change FreeIPA license to GPLv3+	Jakub Hrozek	2010-12-20	1	-5/+5
\| \| \| \| \| \| \| \| \| \|	The changes include: * Change license blobs in source files to mention GPLv3+ not GPLv2 only * Add GPLv3+ license text * Package COPYING not LICENSE as the license blobs (even the old ones) mention COPYING specifically, it is also more common, I think https://fedorahosted.org/freeipa/ticket/239
*	Use the certificate subject base in IPA when requesting certs in certmonger.	Rob Crittenden	2010-04-23	1	-0/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	When using the dogtag CA we can control what the subject of an issued certificate is regardless of what is in the CSR, we just use the CN value. The selfsign CA does not have this capability. The subject format must match the configured format or certificate requests are rejected. The default format is CN=%s,O=IPA. certmonger by default issues requests with just CN so all requests would fail if using the selfsign CA. This subject base is stored in cn=ipaconfig so we can just fetch that value in the enrollment process and pass it to certmonger to request the right thing. Note that this also fixes ipa-join to work with the new argument passing mechanism.
*	localize doc strings	John Dennis	2010-03-08	1	-4/+5
\| \| \| \| \| \| \| \| \| \| \| \|	A number of doc strings were not localized, wrap them in _(). Some messages were not localized, wrap them in _() Fix a couple of failing tests: The method name in RPC should not be unicode. The doc attribute must use the .msg attribute for comparison. Also clean up imports of _() The import should come from ipalib or ipalib.text, not ugettext from request.
*	Make hosts more like real services so we can issue certs for host principals	Rob Crittenden	2009-12-16	1	-4/+7
\| \| \| \| \|	This patch should make joining a client to the domain and using certmonger to get an initial certificate work.
*	Take 2: Extensible return values and validation; steps toward a single ↵	Jason Gerard DeRose	2009-12-10	1	-0/+3
\| \| \| \|	output_for_cli(); enable more webUI stuff
*	Remove a bunch of unused imports, general cleanup	Rob Crittenden	2009-10-25	1	-13/+4
\|
*	Enrollment for a host in an IPA domain	Rob Crittenden	2009-09-24	1	-0/+120
	This will create a host service principal and may create a host entry (for admins). A keytab will be generated, by default in /etc/krb5.keytab If no kerberos credentails are available then enrollment over LDAPS is used if a password is provided. This change requires that openldap be used as our C LDAP client. It is much easier to do SSL using openldap than mozldap (no certdb required). Otherwise we'd have to write a slew of extra code to create a temporary cert database, import the CA cert, ...