|
|
ac7d03 |
From b5992ea987f6d8d49c988a9ab42463655b3d8e05 Mon Sep 17 00:00:00 2001
|
|
|
ac7d03 |
From: Martin Babinsky <mbabinsk@redhat.com>
|
|
|
ac7d03 |
Date: Fri, 31 Mar 2017 15:15:50 +0200
|
|
|
ac7d03 |
Subject: [PATCH] Use local anchor when armoring password requests
|
|
|
ac7d03 |
|
|
|
ac7d03 |
https://pagure.io/freeipa/issue/6830
|
|
|
ac7d03 |
|
|
|
ac7d03 |
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
|
|
|
ac7d03 |
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
|
|
|
ac7d03 |
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
|
|
ac7d03 |
Reviewed-By: Simo Sorce <ssorce@redhat.com>
|
|
|
ac7d03 |
---
|
|
|
ac7d03 |
ipaserver/rpcserver.py | 2 +-
|
|
|
ac7d03 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
ac7d03 |
|
|
|
ac7d03 |
diff --git a/ipaserver/rpcserver.py b/ipaserver/rpcserver.py
|
|
|
ac7d03 |
index 77ed7e124c2ca3dcb49d3a68269d6fa9875d4da0..161872450d141a61af4345a20e278db728fe2aac 100644
|
|
|
ac7d03 |
--- a/ipaserver/rpcserver.py
|
|
|
ac7d03 |
+++ b/ipaserver/rpcserver.py
|
|
|
ac7d03 |
@@ -944,7 +944,7 @@ class login_password(Backend, KerberosSession):
|
|
|
ac7d03 |
self.debug('Obtaining armor in ccache %s', armor_path)
|
|
|
ac7d03 |
|
|
|
ac7d03 |
try:
|
|
|
ac7d03 |
- kinit_armor(armor_path)
|
|
|
ac7d03 |
+ kinit_armor(armor_path, pkinit_anchor=paths.CACERT_PEM)
|
|
|
ac7d03 |
except RuntimeError as e:
|
|
|
ac7d03 |
self.error("Failed to obtain armor cache")
|
|
|
ac7d03 |
# We try to continue w/o armor, 2FA will be impacted
|
|
|
ac7d03 |
--
|
|
|
ac7d03 |
2.12.2
|
|
|
ac7d03 |
|