[Freeipa-devel] [PATCH] 240 Fix LDAP effective rights control with python-ldap 2.4.x

Test instructions are attached to the ticket. --- The new version of python-ldap changed the way it created LDAPv3 extended controls. The API used in 2.4.x can no longer be used because it does not send the bind DN with effective rights control and LDAP server thus rejects it. This patch

Re: [Freeipa-devel] [PATCH] 985 no longer shell escape for pkisilent

On 20.3.2012 22:34, Rob Crittenden wrote: pkisilent now shell escapes its arguments so we no longer need to do so, and in fact, if we do it ends up with double-escaping breaking all installs of IPA with a dogtag CA. rob ACK. Honza -- Jan Cholasta

Re: [Freeipa-devel] [PATCH] 985 no longer shell escape for pkisilent

On Wed, 2012-03-21 at 10:01 +0100, Jan Cholasta wrote: On 20.3.2012 22:34, Rob Crittenden wrote: pkisilent now shell escapes its arguments so we no longer need to do so, and in fact, if we do it ends up with double-escaping breaking all installs of IPA with a dogtag CA. rob ACK.

Re: [Freeipa-devel] [PATCH] 240 Fix LDAP effective rights control with python-ldap 2.4.x

On 21.3.2012 09:57, Martin Kosek wrote: Test instructions are attached to the ticket. --- The new version of python-ldap changed the way it created LDAPv3 extended controls. The API used in 2.4.x can no longer be used because it does not send the bind DN with effective rights control and LDAP

Re: [Freeipa-devel] [PATCH] 240 Fix LDAP effective rights control with python-ldap 2.4.x

On Wed, 2012-03-21 at 10:16 +0100, Jan Cholasta wrote: On 21.3.2012 09:57, Martin Kosek wrote: Test instructions are attached to the ticket. --- The new version of python-ldap changed the way it created LDAPv3 extended controls. The API used in 2.4.x can no longer be used because it

[Freeipa-devel] [PATCH] 241 Fix precallback validators in DNS plugin

DNS plugin contains several RR type record validators run in pre_callback which cannot be used as standard param validator as it needs more data and resources that standard validators provide. However, the precallback validators are not run for DNS records created by new structured options and

Re: [Freeipa-devel] [PATCH] 0015 Only split CSV strings once

On 03/20/2012 10:08 PM, Rob Crittenden wrote: Petr Viktorin wrote: On 03/16/2012 12:55 PM, Petr Viktorin wrote: On 03/15/2012 08:55 PM, Rob Crittenden wrote: Petr Viktorin wrote: https://fedorahosted.org/freeipa/ticket/2227 (Unable to add certain sudo commands to groups). What an interesting

[Freeipa-devel] [PATCH] 19 Search allowed attributes in superior objectclasses

https://fedorahosted.org/freeipa/ticket/2293 This patch fixes regression caused by patch for ticket #2293. The function get_allowed_attributes was searching only through the specified objectclasses but not through their superior objectclasses. This patch adds such behaviour by recursive call