freeipa.git - FreeIPA patches

diff options

author	Fraser Tweedale <ftweedal@redhat.com>	2015-08-09 03:25:58 -0400
committer	Jan Cholasta <jcholast@redhat.com>	2015-08-11 12:25:51 +0200
commit	aafc0e980be43c4956308a39d2ca45c7e50fa3ab (patch)
tree	83582906390170343106b7efbb3bb88bf0f3739e /ipalib/request.py
parent	6f8b0ed4fa8cb20a89915e74d805d4e7db90b6f9 (diff)
download	freeipa-aafc0e980be43c4956308a39d2ca45c7e50fa3ab.tar.gz freeipa-aafc0e980be43c4956308a39d2ca45c7e50fa3ab.tar.xz freeipa-aafc0e980be43c4956308a39d2ca45c7e50fa3ab.zip

Allow SAN extension for cert-request self-service

Users cannot self-issue a certificate with a subjectAltName extension (e.g. with rfc822Name altNames). Suppress the cert-request "request certificate with subjectaltname" permission check when the bind principal is the target principal (i.e. cert-request self-service). Fixes: https://fedorahosted.org/freeipa/ticket/5190 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>

Diffstat (limited to 'ipalib/request.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: