| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
This also fixes command logging in general, it wasn't working in most
cases as a regression in ticket 1322.
https://fedorahosted.org/freeipa/ticket/1598
|
| |
|
|
|
|
|
| |
If a JSON decoding error was found we were still trying to call the
XML-RPC function, losing the original error.
https://fedorahosted.org/freeipa/ticket/1322
|
| |
|
|
|
|
|
|
|
| |
We should more gracefully handle if the TGT has not been forwarded
than returning a 500 error.
Also catch and display KerberosErrors from ping() in the client better.
ticket 1101
|
| | |
|
| |
|
|
|
| |
Fix #904
Fix #917
|
| |
|
|
|
|
|
|
|
|
| |
Request logging on the server only happened if you added verbose=True
or debug=True to the IPA config file. We should log the basics at
least: who, what, result.
Move a lot of entries from info to debug logging as well.
Related to ticket 873
|
| |
|
|
|
|
|
|
|
| |
This patch removes some individual work-arounds of converting strings
to unicode, they only masked the problem. String values are not
passed to the validator or normalizers so things like adding the
realm automatically to services weren't happening.
ticket 941
|
| |
|
|
|
|
|
| |
This can include a full exception which cannot be marshalled. This
value contains duplicate information and isn't used by the client.
ticket 905
|
| |
|
|
|
|
|
|
|
|
| |
The changes include:
* Change license blobs in source files to mention GPLv3+ not GPLv2 only
* Add GPLv3+ license text
* Package COPYING not LICENSE as the license blobs (even the old ones)
mention COPYING specifically, it is also more common, I think
https://fedorahosted.org/freeipa/ticket/239
|
| |
|
|
| |
Now parsing the list of languages set in the http header, and selecting the first. Handles weighting as well.
|
| |
|
|
|
|
| |
Uses the HTTP header to perform set the LANG environment variable in Python, used for the gettext translations
Author: adam <ayoung@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When using the dogtag CA we can control what the subject of an issued
certificate is regardless of what is in the CSR, we just use the CN value.
The selfsign CA does not have this capability. The subject format must
match the configured format or certificate requests are rejected.
The default format is CN=%s,O=IPA. certmonger by default issues requests
with just CN so all requests would fail if using the selfsign CA.
This subject base is stored in cn=ipaconfig so we can just fetch that
value in the enrollment process and pass it to certmonger to request
the right thing.
Note that this also fixes ipa-join to work with the new argument passing
mechanism.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Traverse the objects passed to JSON for encoding and decoding.
When binary data is seen during encode replace the binary
data with a dict {'__base64__' : base64_encoding_of_binary_value}.
On decode if a dict is seen whose single key is '__base64__' replace
that dict with the base64 decoded value of the key's value.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
output_for_cli(); enable more webUI stuff
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We want to only allow a machine to request a certificate for itself, not for
other machines. I've added a new taksgroup which will allow this.
The requesting IP is resolved and compared to the subject of the CSR to
determine if they are the same host. The same is done with the service
principal. Subject alt names are not queried yet.
This does not yet grant machines actual permission to request certificates
yet, that is still limited to the taskgroup request_certs.
|
| | |
|
| | |
|
| |
|
|
|
| |
Python 2.6's cgi module calls the parse_qs in urlparse for backwards
compatibility
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
of errors
|
| |
|
|
| |
xmlclient.forward() now handles socket error; fixed some Python 2.4 problems in lite-xmlrpc2.py
|
| |
|
|
| |
Fault.faultString; fixed problem where ServerProxy method was not called correctly
|
| |
|
|
| |
tests
|
| | |
|
| | |
|
| | |
|
| |
|
