On Wed, 2014-06-18 at 17:34 -0400, Nathaniel McCallum wrote: > On Tue, 2014-05-13 at 12:38 -0400, Nathaniel McCallum wrote: > > This patch adds support for importing tokens using RFC 6030 key > > container files. This includes decryption support. For sysadmin sanity, > > any tokens which fail to add will be written to the output file for > > examination. The main use case here is where a small subset of a large > > set of tokens fails to validate or add. Using the output file, the > > sysadmin can attempt to recover these specific tokens. > > > > This code is implemented as a server-side script. However, it doesn't > > actually need to run on the server. This was done because importing is > > an odd fit for the IPA command framework: > > 1. We need to write an output file. > > 2. The operation may be long-running (thousands of tokens). > > 3. Only admins need to perform this task and it only happens > > infrequently. > > Attached is revision 4. I believe this addresses all the points given > over the last few days in all emails. The ipa_otptoken_import.py has > been significantly reworked to make it simpler and easy to test, but > none of the logic has changed. > > I have removed most of the inheritance and sorted out most of the style > issues (like map() vs comprehension). I did not change the XML parsing > because it appears that network access is disabled by default. > > I have also included a test suite which should have 100% code coverage. > It even tests for features we don't support yet (like X.509). All tests > pass for me. > > Nathaniel
+++ b/install/tools/man/ipa-otptoken-import.1 @@ -0,0 +1,36 @@ +.\" A man page for ipa-compat-manage Bad Copy&paste here ^^^ Simo. _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel