URL: https://github.com/freeipa/freeipa/pull/5744
Author: simo5
Title: #5744: WIP: Convert HMAC to EVP interface
Action: opened
PR body:
"""
I haven't even compiled this yet, but I thought it would be better to post it
then forget in my branch
@abbra @tiran let me know if you'd like this c
URL: https://github.com/freeipa/freeipa/pull/3672
Author: simo5
Title: #3672: Make sure to have storage space for tag
Action: opened
PR body:
"""
ber_scanf expects a pointer to a ber_tag_t to return the tag pointed at
by "t", if that is not provided the pointer will be store in whatever
memory
URL: https://github.com/freeipa/freeipa/pull/892
Author: simo5
Title: #892: Always check peer has keys before connecting
Action: opened
PR body:
"""
When pulling the DM password we may have the same issues reported in
ticket #6838 for CA keys.
This commit makes sure we always check the peer ha
URL: https://github.com/freeipa/freeipa/pull/890
Author: simo5
Title: #890: Make sure we check ccaches in all rpcserver paths
Action: opened
PR body:
"""
We need to verify the ccache is avcailable in all cases or finalize
will cause us to acquire creds with the keytab which is not what we
want
URL: https://github.com/freeipa/freeipa/pull/855
Title: #855: Prevent issues with older clients
simo5 commented:
"""
Ok I added it to pylint_plugins, hopefully it is addressed fully now
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/855#issuecomment-306767611
URL: https://github.com/freeipa/freeipa/pull/855
Author: simo5
Title: #855: Prevent issues with older clients
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/855/head:pr855
git checkout pr855
From 03cbfdbbf
URL: https://github.com/freeipa/freeipa/pull/855
Title: #855: Prevent issues with older clients
simo5 commented:
"""
Change to used the correct bug number:
https://pagure.io/freeipa/issue/7001
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/855#issuecomment-306741024
__
URL: https://github.com/freeipa/freeipa/pull/855
Author: simo5
Title: #855: Prevent issues with older clients
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/855/head:pr855
git checkout pr855
From 0dfb66a82
URL: https://github.com/freeipa/freeipa/pull/855
Title: #855: Prevent issues with older clients
simo5 commented:
"""
I thought just defining it as None in the constants was enough ?
We do not want to set a kinit_lifetime entry in defaults.conf, I am ok with the
default being None for now I thin
URL: https://github.com/freeipa/freeipa/pull/855
Title: #855: Prevent issues with older clients
simo5 commented:
"""
In my test setup I verified the cookie does not have the MaxAge setting, and
that kinit_lifetime properly causes the session to expire after the lifetime
indicated.
"""
See the
URL: https://github.com/freeipa/freeipa/pull/855
Title: #855: Prevent issues with older clients
simo5 commented:
"""
Fixes https://pagure.io/freeipa/issue/6774
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/855#issuecomment-306538965
___
URL: https://github.com/freeipa/freeipa/pull/855
Author: simo5
Title: #855: Prevent issues with older clients
Action: opened
PR body:
"""
Older clients have issues parsing cookies, and cannot handle well the MaxAge
setting.
So the first patch is about removing it.
Unfortunately this means co
URL: https://github.com/freeipa/freeipa/pull/851
Title: #851: ipa-kdb: add pkinit authentication indicator in case of a
successful certauth
Label: +ack
___
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email
URL: https://github.com/freeipa/freeipa/pull/812
Title: #812: [WIP] Refactoring cert-find to use API call directly instead of
using
simo5 commented:
"""
So Iam for the very localized change still (to be clear)
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/812#issuecommen
URL: https://github.com/freeipa/freeipa/pull/812
Title: #812: [WIP] Refactoring cert-find to use API call directly instead of
using
simo5 commented:
"""
Ok one thing was in the back of my mind and came up now, we need to keep in
mind that krbprincipalname can be multivalued. It won't affect th
URL: https://github.com/freeipa/freeipa/pull/812
Title: #812: Refactoring cert-find to use API call directly instead of using
simo5 commented:
"""
Won't this cause it to not find certificates associated to users ?
Currently that works, this change is not replicating the same functionality of
th
URL: https://github.com/freeipa/freeipa/pull/805
Author: simo5
Title: #805: Fix rare race condition with missing ccache file
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/805/head:pr805
git checkout pr805
17 matches
Mail list logo
