[Freeipa-devel] [freeipa PR#430][+ack] [py3] tests_xmlrpc: do not call str() on bytes

2017-02-02 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/430 Title: #430: [py3] tests_xmlrpc: do not call str() on bytes Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa PR#393][+ack] [Py3] allow to run wsgi - part1

2017-01-31 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/393 Title: #393: [Py3] allow to run wsgi - part1 Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [freeipa PR#407][synchronized] New lite-server implementation

2017-02-06 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/407 Author: tiran Title: #407: New lite-server implementation Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/407/head:pr407 git checkout pr407 From

[Freeipa-devel] [freeipa PR#436][comment] x509: allow leading text in PEM files

2017-02-06 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/436 Title: #436: x509: allow leading text in PEM files tiran commented: """ NACK The ^ is correct because the regular expression must search for a line that starts with ```-BEGIN CERTIFICATE-```. I cannot reproduce the

[Freeipa-devel] [freeipa PR#436][+ack] x509: allow leading text in PEM files

2017-02-06 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/436 Title: #436: x509: allow leading text in PEM files Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa PR#436][comment] x509: allow leading text in PEM files

2017-02-06 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/436 Title: #436: x509: allow leading text in PEM files tiran commented: """ Yes, please keep the test. It should pass with the current regular expression, too. """ See the full comment at https://github.com/freeipa

[Freeipa-devel] [freeipa PR#364][comment] Client-only builds with --disable-server

2017-02-08 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/364 Title: #364: Client-only builds with --disable-server tiran commented: """ @tomaskrizek @lslebodn Although I don't need ```make dist```, you made me aware of a bug in ```Makefile.am```. automake and ```+=``` do not mix well. I

[Freeipa-devel] [freeipa PR#364][synchronized] Client-only builds with --disable-server

2017-02-08 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/364 Author: tiran Title: #364: Client-only builds with --disable-server Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/364/head:pr364 git checkout pr364 From

[Freeipa-devel] [freeipa PR#364][synchronized] Client-only builds with --disable-server

2017-02-08 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/364 Author: tiran Title: #364: Client-only builds with --disable-server Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/364/head:pr364 git checkout pr364 From

[Freeipa-devel] [freeipa PR#441][opened] Print test env information

2017-02-08 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/441 Author: tiran Title: #441: Print test env information Action: opened PR body: """ Print api.env, uname, euid/egid, cwd and Python version when tests are run with -v (e.g. ipa-run-tests -v). Signed-off-by: Christian Heimes <

[Freeipa-devel] [freeipa PR#442][synchronized] Add option to run tests in-tree and out-of-tree mode

2017-02-08 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/442 Author: tiran Title: #442: Add option to run tests in-tree and out-of-tree mode Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/442/head:pr442 git checkout

[Freeipa-devel] [freeipa PR#442][opened] Add option to run tests in-tree and out-of-tree mode

2017-02-08 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/442 Author: tiran Title: #442: Add option to run tests in-tree and out-of-tree mode Action: opened PR body: """ By default ipa-run-tests and pytest auto-detect the presence of ../ipasetup.py.in and run tests in-tree mode when

[Freeipa-devel] [freeipa PR#432][comment] build: Add missing dependency on libxmlrpc{, _util}

2017-02-06 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/432 Title: #432: build: Add missing dependency on libxmlrpc{,_util} tiran commented: """ ACK ipa-join uses functions from ```libxmlrpc.so``` (e.g. ```xmlrpc_string_new```) and from ```libxmlrpc_util.so``` (e.g. ```xmlrpc_env_init``

[Freeipa-devel] [freeipa PR#364][synchronized] Client-only builds with --disable-server

2017-02-06 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/364 Author: tiran Title: #364: Client-only builds with --disable-server Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/364/head:pr364 git checkout pr364 From

[Freeipa-devel] [freeipa PR#407][synchronized] New lite-server implementation

2017-02-06 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/407 Author: tiran Title: #407: New lite-server implementation Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/407/head:pr407 git checkout pr407 From

[Freeipa-devel] [freeipa PR#425][+ack] ipa-kra-install must create directory if it does not exist

2017-01-31 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/425 Title: #425: ipa-kra-install must create directory if it does not exist Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa PR#407][synchronized] New lite-server implementation

2017-01-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/407 Author: tiran Title: #407: New lite-server implementation Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/407/head:pr407 git checkout pr407 From

[Freeipa-devel] [freeipa PR#407][edited] New lite-server implementation

2017-01-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/407 Author: tiran Title: #407: New lite-server implementation Action: edited Changed field: body Original value: """ The new development server depends on werkzeug instead of paste. The werkzeug WSGI server comes with some addi

[Freeipa-devel] [freeipa PR#407][opened] New lite-server implementation

2017-01-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/407 Author: tiran Title: #407: New lite-server implementation Action: opened PR body: """ The new development server depends on werkzeug instead of paste. The werkzeug WSGI server comes with some additional features, most n

[Freeipa-devel] [freeipa PR#379][synchronized] Packaging: Add placeholder and IPA commands packages

2017-01-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/379 Author: tiran Title: #379: Packaging: Add placeholder and IPA commands packages Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/379/head:pr379 git checkout

[Freeipa-devel] [freeipa PR#379][comment] Packaging: Add placeholder and IPA commands packages

2017-01-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/379 Title: #379: Packaging: Add placeholder and IPA commands packages tiran commented: """ The ```ipa``` and ```freeipa``` packages are necessary to prevent typo squatting or name squatting attacks, e.g. http://arstechnica.com/s

[Freeipa-devel] [freeipa PR#397][synchronized] Improve wheel building and provide ipaserver wheel for local testing

2017-01-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/397 Author: tiran Title: #397: Improve wheel building and provide ipaserver wheel for local testing Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/397

[Freeipa-devel] [freeipa PR#382][+ack] [Py3] ipa-server-install fixes (working NTP, DS, CA install steps)

2017-01-24 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/382 Title: #382: [Py3] ipa-server-install fixes (working NTP, DS, CA install steps) Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa PR#404][comment] tests: Add LDAP URI to ldappasswd explicitly

2017-01-26 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/404 Title: #404: tests: Add LDAP URI to ldappasswd explicitly tiran commented: """ I stand corrected! Thanks David. """ See the full comment at https://github.com/freeipa/freeipa/pull/404#issuecomment-27536759

[Freeipa-devel] [freeipa PR#397][comment] Improve wheel building and provide ipaserver wheel for local testing

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/397 Title: #397: Improve wheel building and provide ipaserver wheel for local testing tiran commented: """ @pvoborni The main reason for this PR is explained in the initial PR message. I like to run an IPA framework server

[Freeipa-devel] [freeipa PR#490][comment] [WIP] certdb: use certutil and match_hostname for cert verification

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/490 Title: #490: [WIP] certdb: use certutil and match_hostname for cert verification tiran commented: """ Do we ensure that the function is always called with an IDN A-Label encoded hostname? ```ssl.match_hostname``` assumes

[Freeipa-devel] [freeipa PR#472][comment] Packaging: Add placeholder packages

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/472 Title: #472: Packaging: Add placeholder packages tiran commented: """ You requsted a dependency in the first place :) If you are going to add a special build or dependency flavor for PyPI packaging, please also add ```python[23]

[Freeipa-devel] [freeipa PR#489][+ack] Fix error in ca_cert_files validator

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/489 Title: #489: Fix error in ca_cert_files validator Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa PR#490][comment] [WIP] certdb: use certutil and match_hostname for cert verification

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/490 Title: #490: [WIP] certdb: use certutil and match_hostname for cert verification tiran commented: """ The hostname must be ASCII text. Something like ```hostname.encode('ascii')``` should catch non-ASCII text and Python 3

[Freeipa-devel] [freeipa PR#489][comment] Fix error in ca_cert_files validator

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/489 Title: #489: Fix error in ca_cert_files validator tiran commented: """ tentative ack, see comment """ See the full comment at https://github.com/freeipa/freeipa/pull/489#issuecomment-281295634 -- Manage your subs

[Freeipa-devel] [freeipa PR#472][comment] Packaging: Add placeholder packages

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/472 Title: #472: Packaging: Add placeholder packages tiran commented: """ Yes, it is the right thing to do. You can trust in the expert with a decade of experience with Python packaging (formerly known as cheese shop). "&quo

[Freeipa-devel] [freeipa PR#397][comment] Improve wheel building and provide ipaserver wheel for local testing

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/397 Title: #397: Improve wheel building and provide ipaserver wheel for local testing tiran commented: """ To clarify and emphasis, this PR has nothing to do with the PyPI packaging effort. Zero. Zip. Nada. Nilch! The sole in

[Freeipa-devel] [freeipa PR#472][synchronized] Packaging: Add placeholder packages

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/472 Author: tiran Title: #472: Packaging: Add placeholder packages Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/472/head:pr472 git checkout pr472 From

[Freeipa-devel] [freeipa PR#492][comment] [WIP] config: remove meaningless defaults

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/492 Title: #492: [WIP] config: remove meaningless defaults tiran commented: """ https://github.com/HonzaCholasta/freeipa/blob/4ebf4b907213c9951eb9cbd276e0460552563fb1/ipalib/config.py#L579 initializes server from jsonrpc_uri. Does it

[Freeipa-devel] [freeipa PR#492][comment] [WIP] config: remove meaningless defaults

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/492 Title: #492: [WIP] config: remove meaningless defaults tiran commented: """ It does matter. In the current version ```if 'server' not in self:``` is checked and ```self.server``` is checked a couple of lines after ```if 'ldap_u

[Freeipa-devel] [freeipa PR#301][comment] scripts, tests: explicitly set confdir in the rest of server code

2017-02-22 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/301 Title: #301: scripts, tests: explicitly set confdir in the rest of server code tiran commented: """ My philosophy is: _Don't fix it it it ain't broken._ """ See the full comment at https://github.com/freeipa

[Freeipa-devel] [freeipa PR#492][comment] [WIP] config: remove meaningless defaults

2017-02-22 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/492 Title: #492: [WIP] config: remove meaningless defaults tiran commented: """ Can you add a comment to explain the order of checks and assignments? Without explanation, it's going to confuse the next poor developer. "&quo

[Freeipa-devel] [freeipa PR#472][synchronized] Packaging: Add placeholder packages

2017-02-22 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/472 Author: tiran Title: #472: Packaging: Add placeholder packages Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/472/head:pr472 git checkout pr472 From

[Freeipa-devel] [freeipa PR#472][comment] Packaging: Add placeholder packages

2017-02-22 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/472 Title: #472: Packaging: Add placeholder packages tiran commented: """ OK, you got ```with_wheels``` in ```freeipa.spec.in``` now. ```with_wheels``` is more logical than ```with_pypi``` because wheels have more uses than ju

[Freeipa-devel] [freeipa PR#397][comment] Improve wheel building and provide ipaserver wheel for local testing

2017-02-22 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/397 Title: #397: Improve wheel building and provide ipaserver wheel for local testing tiran commented: """ @HonzaCholasta FreeIPA has conditional imports for SSSD modules in several places, e.g. in the trust plugin. 96f614e

[Freeipa-devel] [freeipa PR#494][comment] Support client-only build

2017-02-22 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/494 Title: #494: Support client-only build tiran commented: """ NACK on 42fb9b1c * Either use ```--with-ipaplatform=redhat``` on CentOS * Or implement a proper way to fill ipaplatfrom from ```/etc/os-relase``` value ```ID

[Freeipa-devel] [freeipa PR#494][comment] Support client-only build

2017-02-22 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/494 Title: #494: Support client-only build tiran commented: """ You are aware that your example code checks the wrong code? It is testing in-tree sources, not the actual sources that get packaged and installed. """

[Freeipa-devel] [freeipa PR#494][comment] Support client-only build

2017-02-22 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/494 Title: #494: Support client-only build tiran commented: """ python-requests is a bad example because it suffers from the same issue as IPA. A better example is any other modern Python project like cryptography. It runs tests

[Freeipa-devel] [freeipa PR#494][comment] Support client-only build

2017-02-22 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/494 Title: #494: Support client-only build tiran commented: """ NACK on aece4c3c We compromised on ```--without-ipatests``` with installation of ipatests defaulting to true. The compromose was already ACKed by @simo5 "&quo

[Freeipa-devel] [freeipa PR#494][comment] Support client-only build

2017-02-22 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/494 Title: #494: Support client-only build tiran commented: """ You assumption is incorrect. ```ipatests``` does not depend on ```ipaserver```, https://github.com/freeipa/freeipa/blob/master/ipatests/setup.py#L61 ``` i

[Freeipa-devel] [freeipa PR#494][comment] Support client-only build

2017-02-22 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/494 Title: #494: Support client-only build tiran commented: """ There are two reasons we decided on ```--without-ipatests```: * ```--with-tests``` / ```--without-tests``` is technically not correct. We still compile C tests. Th

[Freeipa-devel] [freeipa PR#495][comment] Fix ipa-server-upgrade

2017-02-22 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/495 Title: #495: Fix ipa-server-upgrade tiran commented: """ Looks totally reasonable. I checked, ```SimpleServiceInstance('ipa_memcached')``` does not raise an exception if systemd has no service file for IPA memcached at all. &q

[Freeipa-devel] [freeipa PR#495][+ack] Fix ipa-server-upgrade

2017-02-22 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/495 Title: #495: Fix ipa-server-upgrade Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [freeipa PR#484][comment] FIPS: Remove pkispawn cruft

2017-02-20 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/484 Title: #484: FIPS: Remove pkispawn cruft tiran commented: """ Or you could always clean up ```/root/.dogtag``` and remove the tmp dir when the var is not None. By the way do you clean up ```/root/.dogtag``` during update? &q

[Freeipa-devel] [freeipa PR#483][opened] lite-server: validate LDAP connection and cache schema

2017-02-20 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/483 Author: tiran Title: #483: lite-server: validate LDAP connection and cache schema Action: opened PR body: """ The LDAP schema cache makes the lite-server behave more like mod_wsgi. See https://fedorahosted.org/freeipa/ticket/6

[Freeipa-devel] [freeipa PR#484][comment] FIPS: Remove pkispawn cruft

2017-02-20 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/484 Title: #484: FIPS: Remove pkispawn cruft tiran commented: """ pylint needs some attention, too. ``` * Module ipaserver.install.cainstance ipaserver/install/cainstance.py:685: [E1101(no-member), CAInstance.import_ra

[Freeipa-devel] [freeipa PR#487][+rejected] Limit request sizes to /KdcProxy

2017-02-20 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/487 Title: #487: Limit request sizes to /KdcProxy Label: +rejected -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa PR#486][comment] Migrate OTP import script to python-cryptography

2017-02-20 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/486 Title: #486: Migrate OTP import script to python-cryptography tiran commented: """ Thanks Indiana Nathaniel, good code archaeology. The ticket aligns nicely with https://fedorahosted.org/freeipa/ticket/6650 """

[Freeipa-devel] [freeipa PR#488][opened] Speed up client schema cache

2017-02-20 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/488 Author: tiran Title: #488: Speed up client schema cache Action: opened PR body: """ It's inefficient to open a zip file over and over again. By loading all members of the schema cache file at once, the ipa CLI script starts

[Freeipa-devel] [freeipa PR#487][comment] Limit request sizes to /KdcProxy

2017-02-20 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/487 Title: #487: Limit request sizes to /KdcProxy tiran commented: """ You fixed the issue in summer 2015. https://github.com/latchset/kdcproxy/commit/f274aa6787cb8b3ec1cc12c440a56665b7231882 """ See the full comment

[Freeipa-devel] [freeipa PR#364][comment] Client-only builds with --disable-server

2017-02-17 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/364 Title: #364: Client-only builds with --disable-server tiran commented: """ Thanks for your contribution. I added your patch to my PR. On my system I ran into a minor issue. Some C99 types like ```uint8_t``` were not defined and I

[Freeipa-devel] [freeipa PR#472][comment] Packaging: Add placeholder packages

2017-02-17 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/472 Title: #472: Packaging: Add placeholder packages tiran commented: """ At the moment wheels are not required for RPM building. python-wheel is not available on RHEL, but I can work around it. Should the RPM spec file only conta

[Freeipa-devel] [freeipa PR#477][comment] Use RemoveOnStop to cleanup systemd sockets

2017-02-17 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/477 Title: #477: Use RemoveOnStop to cleanup systemd sockets tiran commented: """ RemoveonStop was added in systemd-214. Let me figure which version is on RHEL. """ See the full comment at https://github.com/freeipa

[Freeipa-devel] [freeipa PR#364][synchronized] Client-only builds with --disable-server

2017-02-17 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/364 Author: tiran Title: #364: Client-only builds with --disable-server Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/364/head:pr364 git checkout pr364 From

[Freeipa-devel] [freeipa PR#475][comment] Add options to run only ipaclient unittests

2017-02-16 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/475 Title: #475: Add options to run only ipaclient unittests tiran commented: """ PS: I'm not attached to the new of the option. Please speak up if you can come up with a better name than ```--ipaclient-unittests```. "&quo

[Freeipa-devel] [freeipa PR#475][opened] Add options to run only ipaclient unittests

2017-02-16 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/475 Author: tiran Title: #475: Add options to run only ipaclient unittests Action: opened PR body: """ A new option for ipa-run-tests makes the test runner ignore subdirectories or skips tests that depend on the ipaserver package

[Freeipa-devel] [freeipa PR#492][comment] [WIP] config: remove meaningless defaults

2017-02-22 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/492 Title: #492: [WIP] config: remove meaningless defaults tiran commented: """ It's probably easier to always define options like ```'ldap_uri``` but use ```None``` as default. ``` cd .; ./makeaci --validate ./makeaci: ipaserver/pl

[Freeipa-devel] [freeipa PR#500][comment] Replace sha1 fingerprints with sha256

2017-02-24 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/500 Title: #500: Replace sha1 fingerprints with sha256 tiran commented: """ Let's step on the breaks first and do a proper threat analysis. Is it really necessary to drop SHA-1 like a hot potato and go for SHA-256 right now? It st

[Freeipa-devel] [freeipa PR#502][opened] Make pylint and jsl optional

2017-02-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/502 Author: tiran Title: #502: Make pylint and jsl optional Action: opened PR body: """ ./configure no longer fails when pylint or jsl are not available. The make targets for pylint and jsl are no longer defined without the tools. R

[Freeipa-devel] [freeipa PR#501][opened] C compilation fixes and hardening

2017-02-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/501 Author: tiran Title: #501: C compilation fixes and hardening Action: opened PR body: """ Fix "implicit declaration of function ‘strlen’" in ipa_pwd_ntlm.c, credits to Lukas. Add -Werror=implicit-function-decla

[Freeipa-devel] [freeipa PR#506][comment] added ssl verification

2017-02-24 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/506 Title: #506: added ssl verification tiran commented: """ Please change the title of the commit, too. It's implies that we did not verify certs in the past. In the future please don't call the system trust store a random collectio

[Freeipa-devel] [freeipa PR#506][comment] added ssl verification

2017-02-24 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/506 Title: #506: added ssl verification tiran commented: """ Why do you propose to change the settings? By default python-requests enforces certificate validation. Without additional settings, it uses the system trust store.

[Freeipa-devel] [freeipa PR#500][comment] Replace sha1 fingerprints with sha256

2017-02-24 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/500 Title: #500: Replace sha1 fingerprints with sha256 tiran commented: """ Let's step on the breaks first and do a proper threat analysis. Is it really necessary to drop SHA-1 like a hot potato and go for SHA-256 right now? It st

[Freeipa-devel] [freeipa PR#506][comment] added ssl verification

2017-02-24 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/506 Title: #506: added ssl verification tiran commented: """ LGTM, but I want @simo5 to give the final ACK. Since Custodia is only used during replica installation on an enrolled system, ipa-client-install has already provided the

[Freeipa-devel] [freeipa PR#507][opened] Use https to get security domain from Dogtag

2017-02-24 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/507 Author: tiran Title: #507: Use https to get security domain from Dogtag Action: opened PR body: """ Signed-off-by: Christian Heimes <chei...@redhat.com> """ To pull the PR as Git branch: git remote add

[Freeipa-devel] [freeipa PR#506][edited] Use IPA CA cert in Custodia secrets client

2017-02-24 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/506 Author: tscherf Title: #506: Use IPA CA cert in Custodia secrets client Action: edited Changed field: title Original value: """ added ssl verification """ -- Manage your subscription for the Freeipa-devel mailing list:

[Freeipa-devel] [freeipa PR#507][comment] Use https to get security domain from Dogtag

2017-02-24 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/507 Title: #507: Use https to get security domain from Dogtag tiran commented: """ The patch hardens the installer a bit. It would be a good idea to backport the patch to 4.4. It's not critical since it's a read operation on loca

[Freeipa-devel] [freeipa PR#509][opened] Migrate OTP import script to python-cryptography

2017-02-25 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/509 Author: tiran Title: #509: Migrate OTP import script to python-cryptography Action: opened PR body: """ Supersedes @npmccallum PR #486 """ To pull the PR as Git branch: git remote add ghfreeipa https://github

[Freeipa-devel] [freeipa PR#510][opened] Vault: port key wrapping to python-cryptography

2017-02-25 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/510 Author: tiran Title: #510: Vault: port key wrapping to python-cryptography Action: opened PR body: """ https://fedorahosted.org/freeipa/ticket/6650 Signed-off-by: Christian Heimes <chei...@redhat.com> """

[Freeipa-devel] [freeipa PR#509][synchronized] Migrate OTP import script to python-cryptography

2017-02-25 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/509 Author: tiran Title: #509: Migrate OTP import script to python-cryptography Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/509/head:pr509 git checkout

[Freeipa-devel] [freeipa PR#472][synchronized] Packaging: Add placeholder packages

2017-02-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/472 Author: tiran Title: #472: Packaging: Add placeholder packages Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/472/head:pr472 git checkout pr472 From

[Freeipa-devel] [freeipa PR#472][synchronized] Packaging: Add placeholder packages

2017-02-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/472 Author: tiran Title: #472: Packaging: Add placeholder packages Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/472/head:pr472 git checkout pr472 From

[Freeipa-devel] [freeipa PR#472][comment] Packaging: Add placeholder packages

2017-02-22 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/472 Title: #472: Packaging: Add placeholder packages tiran commented: """ @MartinBasti I have rebased the branch and added wheel + placeholder building to make check. The pylint violations have disappeared. """

[Freeipa-devel] [freeipa PR#472][synchronized] Packaging: Add placeholder packages

2017-02-22 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/472 Author: tiran Title: #472: Packaging: Add placeholder packages Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/472/head:pr472 git checkout pr472 From

[Freeipa-devel] [freeipa PR#472][comment] Packaging: Add placeholder packages

2017-02-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/472 Title: #472: Packaging: Add placeholder packages tiran commented: """ @MartinBasti I dropped the last commit. make check no longer checks wheel packages. I'm going to open a new ticket for @martbab and ask him to add to add

[Freeipa-devel] [freeipa PR#472][comment] Packaging: Add placeholder packages

2017-02-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/472 Title: #472: Packaging: Add placeholder packages tiran commented: """ Commit 1f8326aa fixes an issue in ```Makefile.python.am```. I think the issue caused ```ipaplatform``` and ```pypi/ipaplatform``` to cross streams. "&quo

[Freeipa-devel] [freeipa PR#472][synchronized] Packaging: Add placeholder packages

2017-02-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/472 Author: tiran Title: #472: Packaging: Add placeholder packages Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/472/head:pr472 git checkout pr472 From

[Freeipa-devel] [freeipa PR#379][+postponed] Packaging: Add placeholder and IPA commands packages

2017-02-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/379 Title: #379: Packaging: Add placeholder and IPA commands packages Label: +postponed -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa PR#379][comment] Packaging: Add placeholder and IPA commands packages

2017-02-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/379 Title: #379: Packaging: Add placeholder and IPA commands packages tiran commented: """ I have postponed the ```ipacommands``` part. Placeholders are covered by #472. """ See the full comment at https://githu

[Freeipa-devel] [freeipa PR#472][synchronized] Packaging: Add placeholder packages

2017-02-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/472 Author: tiran Title: #472: Packaging: Add placeholder packages Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/472/head:pr472 git checkout pr472 From

[Freeipa-devel] [freeipa PR#397][synchronized] Improve wheel building and provide ipaserver wheel for local testing

2017-02-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/397 Author: tiran Title: #397: Improve wheel building and provide ipaserver wheel for local testing Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/397

[Freeipa-devel] [freeipa PR#139][comment] WebUI: Vault Management

2017-02-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/139 Title: #139: WebUI: Vault Management tiran commented: """ @MartinBasti you approved this PR a month ago but it has neither the ACK flag nor was it merged. @pvomacka Your work would be useful for my Custodia Vault work. Can you

[Freeipa-devel] [freeipa PR#472][synchronized] Packaging: Add placeholder packages

2017-02-23 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/472 Author: tiran Title: #472: Packaging: Add placeholder packages Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/472/head:pr472 git checkout pr472 From

[Freeipa-devel] [freeipa PR#471][comment] Fix some privilege separation regressions

2017-02-17 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/471 Title: #471: Fix some privilege separation regressions tiran commented: """ @HonzaCholasta, we got merge conflicts. """ See the full comment at https://github.com/freeipa/freeipa/pull/471#issuecomment-28065941

[Freeipa-devel] [freeipa PR#477][comment] Use RemoveOnStop to cleanup systemd sockets

2017-02-17 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/477 Title: #477: Use RemoveOnStop to cleanup systemd sockets tiran commented: """ RemoveonStop was added in systemd-214. Let me figure which version is on RHEL. """ See the full comment at https://github.com/freeipa

[Freeipa-devel] [freeipa PR#477][+ack] Use RemoveOnStop to cleanup systemd sockets

2017-02-17 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/477 Title: #477: Use RemoveOnStop to cleanup systemd sockets Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa PR#472][synchronized] Packaging: Add placeholder packages

2017-02-17 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/472 Author: tiran Title: #472: Packaging: Add placeholder packages Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/472/head:pr472 git checkout pr472 From

[Freeipa-devel] [freeipa PR#364][synchronized] Client-only builds with --disable-server

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/364 Author: tiran Title: #364: Client-only builds with --disable-server Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/364/head:pr364 git checkout pr364 From

[Freeipa-devel] [freeipa PR#364][comment] Client-only builds with --disable-server

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/364 Title: #364: Client-only builds with --disable-server tiran commented: """ Now ```-without-ipatests``` argument for @lslebodn """ See the full comment at https://github.com/freeipa/freeipa/pull/364#issuecom

[Freeipa-devel] [freeipa PR#364][comment] Client-only builds with --disable-server

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/364 Title: #364: Client-only builds with --disable-server tiran commented: """ Now ```-without-ipatests``` argument for @lslebodn """ See the full comment at https://github.com/freeipa/freeipa/pull/364#issuecom

[Freeipa-devel] [freeipa PR#397][synchronized] Improve wheel building and provide ipaserver wheel for local testing

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/397 Author: tiran Title: #397: Improve wheel building and provide ipaserver wheel for local testing Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/397

[Freeipa-devel] [freeipa PR#379][synchronized] Packaging: Add placeholder and IPA commands packages

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/379 Author: tiran Title: #379: Packaging: Add placeholder and IPA commands packages Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/379/head:pr379 git checkout

[Freeipa-devel] [freeipa PR#453][comment] Cleanup certdb

2017-02-21 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/453 Title: #453: Cleanup certdb tiran commented: """ @stlaz You did most work with NSS and certdb recently. Can you have a look at this collection of fixes. Iis it useful for you or do you plan to rip out the module soonish? Either

[Freeipa-devel] [freeipa PR#442][+rejected] Add option to run tests in-tree and out-of-tree mode

2017-02-17 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/442 Title: #442: Add option to run tests in-tree and out-of-tree mode Label: +rejected -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa PR#442][comment] Add option to run tests in-tree and out-of-tree mode

2017-02-17 Thread tiran
URL: https://github.com/freeipa/freeipa/pull/442 Title: #442: Add option to run tests in-tree and out-of-tree mode tiran commented: """ Not useful or relevant any more. """ See the full comment at https://github.com/freeipa/freeipa/pull/442#issuecomment-28070802

  1   2   3   4   5   6   7   8   >