URL: https://github.com/freeipa/freeipa/pull/2554
Author: frasertweedale
Title: #2554: certdb: validate certificate signatures
Action: opened
PR body:
"""
When verifying a CA certificate, validate its signature. This causes
FreeIPA to reject certificate chains with bad signatures, signatures
URL: https://github.com/freeipa/freeipa/pull/2549
Author: tiran
Title: #2549: [Backport][ipa-4-7] certdb: ensure non-empty Subject Key
Identifier
Action: opened
PR body:
"""
This PR was opened automatically because PR #2548 was pushed to master and
backport to ipa-4-7 is required.
"""
To
URL: https://github.com/freeipa/freeipa/pull/2548
Author: frasertweedale
Title: #2548: certdb: ensure non-empty Subject Key Identifier
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/2548/head:pr2548
git
URL: https://github.com/freeipa/freeipa/pull/2502
Author: shaman007
Title: #2502: Fix behaviour when the random node is chosen during the replica
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/2502/head:pr2502
URL: https://github.com/freeipa/freeipa/pull/2549
Author: tiran
Title: #2549: [Backport][ipa-4-7] certdb: ensure non-empty Subject Key
Identifier
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/2549/head:pr2549
Hello,
There were couple questions about how a creation of template boxes
which are used in tests works, respectively how the boxes can be
amended. So I'll try to cover it in this mail so that it is reusable
in the future.
FreeIPA PR-CI is using vagrant to provision vms. So the base image is
URL: https://github.com/freeipa/freeipa/pull/2550
Author: flo-renaud
Title: #2550: ipatests: fix CA less expectations
Action: opened
PR body:
"""
The test TestServerInstall::test_ca_2_certs has a wrong expectation. Scenario:
install a CA-less master with `ipa-server-install --ca-cert-file
URL: https://github.com/freeipa/freeipa/pull/2538
Author: serg-cymbaluk
Title: #2538: Split Web UI test suite in nightly PR CI configuration
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/2538/head:pr2538
git
Writing the previous mail raised a question in me: "Is it the right
thing?" IMO, there is one bigger problem with it. The same box is used
for a builder job, IPA hosts in tests and a controller (the machine
which runs pytest). We have build dependencies and some packages from
pip installed on the
URL: https://github.com/freeipa/freeipa/pull/2552
Author: flo-renaud
Title: #2552: ipatests: add missing tests for test_caless
Action: opened
PR body:
"""
Two tests were missing from nightly definition:
- test_caless.py::TestReplicaCALessToCAFull
- test_caless.py::TestServerCALessToExternalCA
Hi,
While investigating why non-admin users having access to a shared
vault got an error that stemmed from them not being able to find the
KRA server to query (*), I found out that by changing the ldapsearch
query normal users could, in fact, get the list of KRA servers.
(*)
URL: https://github.com/freeipa/freeipa/pull/2553
Author: fcami
Title: #2553: dogtag.py: raise exception if select_any_master() fails
Action: opened
PR body:
"""
Standard users cannot determine services like KRA.
Using ldapsearch with (ipaConfigString=enabledService)
always fails.
Catch that.
12 matches
Mail list logo
