Hello list,
with the release of 3.1 we now have a brand new ipa-3-1 branch.
So from now on remember to mention if a patch is also meant to be pushed
on older branches like ipa-3-0 (unlikely) or ipa-3-1 (quite possible) as
well as master.
Regards,
Simo.
--
Simo Sorce * Red Hat, Inc * New York
_
The FreeIPA team is proud to announce version FreeIPA v3.1.0.
It can be downloaded from http://www.freeipa.org/page/Downloads.
A build will be submitted to updates-testing for Fedora 18 soon.
== Highlights in 3.1.0 ==
* A single 389-ds instance is used both for IPA identity data and for
the d
Petr Viktorin wrote:
On 12/10/2012 06:11 PM, John Dennis wrote:
In IRC Rob and I agreed the message about a URLMismatch should be at the
debug level and not the error level because it can occur on a client
anytime the client elects to connect to a different server, which is not
an error.
Attach
On 12/10/2012 06:11 PM, John Dennis wrote:
In IRC Rob and I agreed the message about a URLMismatch should be at the
debug level and not the error level because it can occur on a client
anytime the client elects to connect to a different server, which is not
an error.
Attached is the revised patc
On 12/10/2012 05:32 PM, Lynn Root wrote:
> On 12/10/2012 05:01 PM, Martin Kosek wrote:
>> On 12/10/2012 03:53 PM, Lynn Root wrote:
>>> Raise ACI error when CSR does not have a subject hostname.
>>>
>>> Ticket:https://fedorahosted.org/freeipa/ticket/3123
>>>
>> Why an ACIError? I know there are are
On 12/10/2012 05:01 PM, Martin Kosek wrote:
On 12/10/2012 03:53 PM, Lynn Root wrote:
Raise ACI error when CSR does not have a subject hostname.
Ticket:https://fedorahosted.org/freeipa/ticket/3123
Why an ACIError? I know there are are a lot of ACIErrors thrown in cert-request
command processin
Petr Viktorin wrote:
On 12/07/2012 10:05 AM, Petr Viktorin wrote:
On 12/05/2012 01:54 PM, Petr Viktorin wrote:
On 12/04/2012 10:51 PM, Endi Sukma Dewata wrote:
On 12/4/2012 3:16 PM, Endi Sukma Dewata wrote:
The configuration code has been modified to use the ConfigParser to
set the parameters
Petr Viktorin wrote:
On 12/04/2012 10:51 PM, Endi Sukma Dewata wrote:
On 12/4/2012 3:16 PM, Endi Sukma Dewata wrote:
The configuration code has been modified to use the ConfigParser to
set the parameters in the CA section in the deployment configuration.
This allows IPA to define additional PKI
On 12/10/2012 03:53 PM, Lynn Root wrote:
> Raise ACI error when CSR does not have a subject hostname.
>
> Ticket: https://fedorahosted.org/freeipa/ticket/3123
>
Why an ACIError? I know there are are a lot of ACIErrors thrown in cert-request
command processing, but they are all related to authori
On 12/07/2012 10:05 AM, Petr Viktorin wrote:
On 12/05/2012 01:54 PM, Petr Viktorin wrote:
On 12/04/2012 10:51 PM, Endi Sukma Dewata wrote:
On 12/4/2012 3:16 PM, Endi Sukma Dewata wrote:
The configuration code has been modified to use the ConfigParser to
set the parameters in the CA section in
On 12/10/2012 09:00 AM, John Dennis wrote:
On 12/10/2012 07:30 AM, Petr Viktorin wrote:
Just two issues:
When testing with lite-server listening on localhost, every request
outputs "ipa: ERROR: not sending session cookie, URL mismatch". Is the
message necessary?
Rob asked for this to be chang
Raise ACI error when CSR does not have a subject hostname.
Ticket: https://fedorahosted.org/freeipa/ticket/3123
--
Lynn Root
@roguelynn
Associate Software Engineer
Red Hat, Inc
>From c627c853164a6eece19306938fa7d9bead4a4730 Mon Sep 17 00:00:00 2001
From: Lynn Root
Date: Mon, 10 Dec 2012 09:13
On 12/10/2012 07:30 AM, Petr Viktorin wrote:
Just two issues:
When testing with lite-server listening on localhost, every request
outputs "ipa: ERROR: not sending session cookie, URL mismatch". Is the
message necessary?
Rob asked for this to be changed from a debug message to an error which
m
On 12/10/2012 01:30 PM, Petr Viktorin wrote:
> On 12/09/2012 04:22 PM, John Dennis wrote:
>> On 12/09/2012 10:04 AM, John Dennis wrote:
>>> On 12/08/2012 11:16 AM, John Dennis wrote:
I'll send an updated patch shortly with the above fix. I also noticed
that http_return_ok() omitted the va
On 12/10/2012 01:38 PM, Jan Cholasta wrote:
> On 10.12.2012 10:19, Martin Kosek wrote:
>> OpenSSH server included in Fedora 18 raises a validation error when
>> the tested AuthorizedKeysCommand/PubKeyAgent option is tested with
>> an empty value. It requires a command with an absolute path to be
>>
On 10.12.2012 10:19, Martin Kosek wrote:
OpenSSH server included in Fedora 18 raises a validation error when
the tested AuthorizedKeysCommand/PubKeyAgent option is tested with
an empty value. It requires a command with an absolute path to be
passed. Due to this issue, sshd support is never config
On 12/09/2012 04:22 PM, John Dennis wrote:
On 12/09/2012 10:04 AM, John Dennis wrote:
On 12/08/2012 11:16 AM, John Dennis wrote:
I'll send an updated patch shortly with the above fix. I also noticed
that http_return_ok() omitted the validation for the HttpOnly and Secure
flags I'll add that too
OpenSSH server included in Fedora 18 raises a validation error when
the tested AuthorizedKeysCommand/PubKeyAgent option is tested with
an empty value. It requires a command with an absolute path to be
passed. Due to this issue, sshd support is never configured on
Fedora 18.
Pass the real agent we
18 matches
Mail list logo