rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0029-Fix-cert_request-for-KDC-cert.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   0d01fb0eefb50de988f3e8f4ce6a21e9dc00e4dd
  2.   SOURCES
  3.   0029-Fix-cert_request-for-KDC-cert.patch
Blob History Raw
0d01fb 
From b5e033ed72f4cc824b7ab71887bb88453f5d2775 Mon Sep 17 00:00:00 2001
0d01fb 
From: Christian Heimes <cheimes@redhat.com>
0d01fb 
Date: Fri, 29 Jan 2021 09:42:01 +0100
0d01fb 
Subject: [PATCH] Fix cert_request for KDC cert
0d01fb
0d01fb 
ca_kdc_check() expects an API object, not an LDAP connection. Issue was
0d01fb 
introduced in commit 8f4abf7bc1607fc44f528b8a443b69cb82269e69.
0d01fb
0d01fb 
See: https://pagure.io/freeipa/issue/6739
0d01fb 
Fixes: https://pagure.io/freeipa/issue/8686
0d01fb 
Signed-off-by: Christian Heimes <cheimes@redhat.com>
0d01fb 
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
0d01fb 
---
0d01fb 
 ipaserver/plugins/cert.py | 2 +-
0d01fb 
 1 file changed, 1 insertion(+), 1 deletion(-)
0d01fb
0d01fb 
diff --git a/ipaserver/plugins/cert.py b/ipaserver/plugins/cert.py
0d01fb 
index 4af5c97f5722a7799509764df93c2433661dba20..158dfa84f22cb887eb9a101cc34b1c6cdc590ee2 100644
0d01fb 
--- a/ipaserver/plugins/cert.py
0d01fb 
+++ b/ipaserver/plugins/cert.py
0d01fb 
@@ -860,7 +860,7 @@ class cert_request(Create, BaseCertMethod, VirtualCommand):
0d01fb 
                             "with subject alt name '%s'.") % name)
0d01fb 
                 if not bypass_caacl:
0d01fb 
                     if principal_type == KRBTGT:
0d01fb 
-                        ca_kdc_check(ldap, alt_principal.hostname)
0d01fb 
+                        ca_kdc_check(self.api, alt_principal.hostname)
0d01fb 
                     else:
0d01fb 
                         caacl_check(alt_principal, ca, profile_id)
0d01fb
0d01fb 
--
0d01fb 
2.31.1
0d01fb

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation