[Freeipa-devel] [freeipa PR#874][synchronized] Changing cert-find to go through the proxy instead of using the port 8080

Wed, 14 Jun 2017 14:20:58 -0700 

   URL: https://github.com/freeipa/freeipa/pull/874
Author: felipevolpone
 Title: #874: Changing cert-find to go through the proxy instead of using the 
port 8080
Action: synchronized

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/874/head:pr874
git checkout pr874

From 433b4db62d335e955aa99c2f4031bf6162adaa2b Mon Sep 17 00:00:00 2001
From: Felipe Volpone <felipevolp...@gmail.com>
Date: Wed, 14 Jun 2017 18:19:41 -0300
Subject: [PATCH] Changing cert-find to go through the proxy instead of using
 the port 8080

The cert-find command now uses the proxy to reach Dogtag, instead of using
the port 8080. In order to accomplish that, it's necessary to change the
proxy configuration including the URL called.

https://pagure.io/freeipa/issue/6966
---
 install/conf/ipa-pki-proxy.conf | 4 ++--
 ipaserver/plugins/dogtag.py     | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/conf/ipa-pki-proxy.conf b/install/conf/ipa-pki-proxy.conf
index b48a3020d2..106ddc4fa7 100644
--- a/install/conf/ipa-pki-proxy.conf
+++ b/install/conf/ipa-pki-proxy.conf
@@ -1,4 +1,4 @@
-# VERSION 10 - DO NOT REMOVE THIS LINE
+# VERSION 11 - DO NOT REMOVE THIS LINE
 
 ProxyRequests Off
 
@@ -27,7 +27,7 @@ ProxyRequests Off
 </LocationMatch>
 
 # matches for CA REST API
-<LocationMatch "^/ca/rest/account/login|^/ca/rest/account/logout|^/ca/rest/installer/installToken|^/ca/rest/securityDomain/domainInfo|^/ca/rest/securityDomain/installToken|^/ca/rest/profiles|^/ca/rest/authorities|^/ca/rest/certrequests|^/ca/rest/admin/kraconnector/remove">
+<LocationMatch "^/ca/rest/account/login|^/ca/rest/account/logout|^/ca/rest/installer/installToken|^/ca/rest/securityDomain/domainInfo|^/ca/rest/securityDomain/installToken|^/ca/rest/profiles|^/ca/rest/authorities|^/ca/rest/certrequests|^/ca/rest/admin/kraconnector/remove|^/ca/rest/certs/search">
     NSSOptions +StdEnvVars +ExportCertData +StrictRequire +OptRenegotiate
     NSSVerifyClient optional
     ProxyPassMatch ajp://localhost:$DOGTAG_PORT
diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py
index bddaab58a5..0e68de6219 100644
--- a/ipaserver/plugins/dogtag.py
+++ b/ipaserver/plugins/dogtag.py
@@ -1903,7 +1903,7 @@ def convert_time(value):
         self.debug('%s.find(): request: %s', type(self).__name__, payload)
 
         url = 'http://%s/ca/rest/certs/search?size=%d' % (
-            ipautil.format_netloc(self.ca_host, 8080),
+            ipautil.format_netloc(self.ca_host, 80),
             options.get('sizelimit', 0x7fffffff))
 
         opener = urllib.request.build_opener()

_______________________________________________
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org

Reply via email to