On Tue, 2009-12-01 at 17:23 -0500, Rob Crittenden wrote:
> This deprecates a similar patch from John last month. The server-side
> baseclass rabase defines a framework for CA plugins. When I added this
> code I set it up to return errors.NotImplementedError but didn't
> actually include that err
On Tue, 2009-12-01 at 17:20 -0500, Rob Crittenden wrote:
> Add a type argument (PEM or DER) for x509.load_certificate(). Certs are
> coming out of LDAP as binary so we need to be able to handle that too.
> Seems more sane to add an argument that to base64-encode it.
>
> rob
ack. pushed to mast
On Tue, 2009-12-01 at 14:04 -0500, Rob Crittenden wrote:
> Update the spec to set minimum version of python-pyasn1 to 0.0.9a so we
> can have the ASN.1 Any type needed by the PKCS#10 parser.
>
> rob
nack. This introduces a bug in the spec:
error: line 89: Unknown tag: pequires: libcap
__
An extremely basic test for the cert plugin. Only tests the cert-request
command but it's a start.
rob
freeipa-325-certtest.patch
Description: application/mbox
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/lis
This deprecates a similar patch from John last month. The server-side
baseclass rabase defines a framework for CA plugins. When I added this
code I set it up to return errors.NotImplementedError but didn't
actually include that error class in the commit.
I'm adding that in now, favoring it ove
Add a type argument (PEM or DER) for x509.load_certificate(). Certs are
coming out of LDAP as binary so we need to be able to handle that too.
Seems more sane to add an argument that to base64-encode it.
rob
freeipa-323-cert.patch
Description: application/mbox
Martin Nagy wrote:
On Tue, 2009-12-01 at 10:15 -0500, Rob Crittenden wrote:
Martin Nagy wrote:
Martin
ack.
As an aside, it might be nice if the actual package name(s) were used to
make it easier for the user to know exactly what they are missing for
BIND and the BIND LDAP plug-in.
Yeah,
Martin Nagy wrote:
On Tue, 2009-12-01 at 10:17 -0500, Rob Crittenden wrote:
Martin Nagy wrote:
Martin
Should there be a validator on idnsUpdatePolicy to ensure that each
policy is terminated by a ;? If one wants to have multiple policies is
it set with idnspolicy="policy1;policy2;policy3;"?
Update the spec to set minimum version of python-pyasn1 to 0.0.9a so we
can have the ASN.1 Any type needed by the PKCS#10 parser.
rob
freeipa-322-pyasn1.patch
Description: application/mbox
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https
On Mon, 2009-11-30 at 15:50 -0500, Rob Crittenden wrote:
> This improves the LDAP exception handling in the client. The existing
> code spit out a slew of deprecation errors because of the use of the
> message attribute.
>
> rob
ack. pushed to master.
_
On Tue, 2009-12-01 at 10:36 -0500, Rob Crittenden wrote:
> Jason Gerard DeRose wrote:
> > On Wed, 2009-11-25 at 17:43 -0500, Rob Crittenden wrote:
> >> The configuration file /etc/ipa/ipa.conf was used by the v1 clients and
> >> servers to manually set realm, domain and server(s). This has been
>
On Tue, 2009-12-01 at 10:15 -0500, Rob Crittenden wrote:
> Martin Nagy wrote:
> > Martin
> >
>
> ack.
>
> As an aside, it might be nice if the actual package name(s) were used to
> make it easier for the user to know exactly what they are missing for
> BIND and the BIND LDAP plug-in.
Yeah, I
Pavel Zůna wrote:
Rob Crittenden wrote:
Pavel Zuna wrote:
Some groups created by default don't have ipaUserGroup and won't show
up in searches.
Pavel
nack, isn't the better approach to fix up the groups that are created
by default without the ipaUserGroup objectclass?
It is. Fixed patch
Pavel Zůna wrote:
Rob Crittenden wrote:
Pavel Zuna wrote:
Rob Crittenden wrote:
Pavel Zuna wrote:
Due to the format of accessTime (it has commas and spaces in it),
we can't use the List parameter type. I made it so that accessTime
values have to be entered one by one using new commands.
We
On Tue, 2009-12-01 at 10:17 -0500, Rob Crittenden wrote:
> Martin Nagy wrote:
> > Martin
> >
>
> Should there be a validator on idnsUpdatePolicy to ensure that each
> policy is terminated by a ;? If one wants to have multiple policies is
> it set with idnspolicy="policy1;policy2;policy3;"?
>
>
Jason Gerard DeRose wrote:
On Wed, 2009-11-25 at 17:43 -0500, Rob Crittenden wrote:
The configuration file /etc/ipa/ipa.conf was used by the v1 clients and
servers to manually set realm, domain and server(s). This has been
renamed to /etc/ipa/default.conf in v2.
Some old utilities still refer
Martin Nagy wrote:
Martin
Should there be a validator on idnsUpdatePolicy to ensure that each
policy is terminated by a ;? If one wants to have multiple policies is
it set with idnspolicy="policy1;policy2;policy3;"?
Should the formatting be included in the doc message, or an example of
us
Martin Nagy wrote:
Martin
ack.
As an aside, it might be nice if the actual package name(s) were used to
make it easier for the user to know exactly what they are missing for
BIND and the BIND LDAP plug-in.
rob
___
Freeipa-devel mailing list
Fre
Martin Nagy wrote:
Martin
ack
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Martin
>From 2831a904c8ab270e1f326ae300dc373361dcc8a4 Mon Sep 17 00:00:00 2001
From: Martin Nagy
Date: Tue, 10 Nov 2009 13:12:21 +0100
Subject: [PATCH] Add idnsUpdatePolicy into the dns plug-in
The idnsUpdatePolicy takes a list of BIND dynamic update policies, each
of which must be terminated by
Martin
>From 2ecd67588206abadeb992360c3cd6f0c31938edc Mon Sep 17 00:00:00 2001
From: Martin Nagy
Date: Fri, 13 Nov 2009 16:57:51 +0100
Subject: [PATCH] Ask the user before overwriting /etc/named.conf
---
install/tools/ipa-replica-install |6 ++
install/tools/ipa-server-install |6 ++
Martin
>From 96c64ff2a1051c1e8bdcad9e8aef9488f0e26e87 Mon Sep 17 00:00:00 2001
From: Martin Nagy
Date: Mon, 23 Nov 2009 08:42:30 +0100
Subject: [PATCH] Remove unnecessary "error: " prefixes
The parser.error() method prepends the "error: " prefix itself. Adding
it to the error string is not necess
Rob Crittenden wrote:
Jason Gerard DeRose wrote:
On Wed, 2009-11-25 at 12:05 -0500, Rob Crittenden wrote:
This is purely from reading the patch, I haven't applied and tested
it yet.
ipalib/output.py:
+primary_key = Output('primary_key', unicode,
+'The primary key of the deleted entry'
+)
Rob Crittenden wrote:
Pavel Zuna wrote:
Some groups created by default don't have ipaUserGroup and won't show
up in searches.
Pavel
nack, isn't the better approach to fix up the groups that are created by
default without the ipaUserGroup objectclass?
It is. Fixed patch attached.
rob
P
Rob Crittenden wrote:
Pavel Zuna wrote:
Rob Crittenden wrote:
Pavel Zuna wrote:
Due to the format of accessTime (it has commas and spaces in it), we
can't use the List parameter type. I made it so that accessTime
values have to be entered one by one using new commands.
We also agreed, that
25 matches
Mail list logo