On 07/08/2010 02:57 PM, Rob Crittenden wrote:
Add API to delete a service principal key, service-disable. This is so
an admin can essentially revoke a service principal without deleting it.
I have to do some pretty low-level LDAP work to achieve this. Since we
can't read the key using our modlist generator won't work and lots of
tricks would be needed to use the LDAPUpdate object in any case. The
alternative is to add a function to the ldap2 backend that achieves
this, or something similar like 'delete_attrs'. I just didn't see a
general case for it.
I pulled usercertificate out of the global params and put into each
appropriate function because it makes no sense for service-disable.
I added tests to verify that the certificate we issue is found in the
service. This also double-checks that the service commands actually
return certificate data.
rob
_______________________________________________
Freeipa-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-devel
Well, it builds and deploys. How do I test?
_______________________________________________
Freeipa-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-devel
