|
|
0001-Add-options-to-allow-ticket-caching.patch
|
|
|
0002-Use-connection-keep-alive.patch
|
|
|
0003-Add-debug-logging-for-keep-alive.patch
|
|
|
0004-Increase-Apache-HTTPD-s-default-keep-alive-timeout.patch
|
|
|
0005-ipapython.ipautil.nolog_replace-Do-not-replace-empty.patch
|
|
|
0006-tasks-run-systemctl-daemon-reload-after-httpd.servic.patch
|
|
|
0007-man-ipa-cacert-manage-install-needs-clarification.patch
|
|
|
0008-certs-do-not-implicitly-create-DS-pin.txt.patch
|
|
|
0009-httpinstance-clean-up-etc-httpd-alias-on-uninstall.patch
|
|
|
0010-Fixing-replica-install-fix-ldap-connection-in-domlvl.patch
|
|
|
0011-replica-prepare-fix-wrong-IPA-CA-nickname-in-replica.patch
|
|
|
0012-ldap2-use-LDAP-whoami-operation-to-retrieve-bind-DN-.patch
|
|
|
0013-Backup-ipa-specific-httpd-unit-file.patch
|
|
|
0014-WebUI-check-principals-in-lowercase.patch
|
|
|
0015-WebUI-add-method-for-disabling-item-in-user-dropdown.patch
|
|
|
0016-WebUI-Add-support-for-login-for-AD-users.patch
|
|
|
0017-cert-do-not-limit-internal-searches-in-cert-find.patch
|
|
|
0018-ipa-kdb-add-ipadb_fetch_principals_with_extra_filter.patch
|
|
|
0019-IPA-certauth-plugin.patch
|
|
|
0020-configure-fix-disable-server-with-certauth-plugin.patch
|
|
|
0021-ipa-kdb-do-not-depend-on-certauth_plugin.h.patch
|
|
|
0022-WebUI-Add-support-for-suppressing-warnings.patch
|
|
|
0023-WebUI-suppress-truncation-warning-in-select-widget.patch
|
|
|
0024-WebUI-Fix-showing-vault-in-selfservice-view.patch
|
|
|
0025-Set-KDC-Disable-Last-Success-by-default.patch
|
|
|
0026-WebUI-Allow-to-add-certs-to-certmapping-with-CERT-LI.patch
|
|
|
0027-Bump-samba-version-for-FIPS-and-priv.-separation.patch
|
|
|
0028-Reworked-the-renaming-mechanism.patch
|
|
|
0029-Allow-renaming-of-the-HBAC-rule-objects.patch
|
|
|
0030-Allow-renaming-of-the-sudorule-objects.patch
|
|
|
0031-Create-temporaty-directories-at-the-begining-of-unin.patch
|
|
|
0032-dogtag-ipa-ca-renew-agent-submit-fix-the-is_replicat.patch
|
|
|
0033-Simplify-KRA-transport-cert-cache.patch
|
|
|
0034-rpcserver.login_x509-Actually-return-reply-from-__ca.patch
|
|
|
0035-Backup-CA-cert-from-kerberos-folder.patch
|
|
|
0036-spec-file-Bump-requires-to-make-Certificate-Login-in.patch
|
|
|
0037-Use-Custodia-0.3.1-features.patch
|
|
|
0038-spec-file-bump-krb5-devel-BuildRequires-for-certauth.patch
|
|
|
0039-Avoid-growing-FILE-ccaches-unnecessarily.patch
|
|
|
0040-Handle-failed-authentication-via-cookie.patch
|
|
|
0041-Work-around-issues-fetching-session-data.patch
|
|
|
0042-Prevent-churn-on-ccaches.patch
|
|
|
0043-Generate-PIN-for-PKI-to-help-Dogtag-in-FIPS.patch
|
|
|
0044-httpinstance.disable_system_trust-Don-t-fail-if-modu.patch
|
|
|
0045-extdom-do-reverse-search-for-domain-separator.patch
|
|
|
0046-extdom-improve-cert-request.patch
|
|
|
0047-spec-file-bump-libsss_nss_idmap-devel-BuildRequires.patch
|
|
|
0048-server-make-sure-we-test-for-sss_nss_getlistbycert.patch
|
|
|
0049-Upgrade-configure-PKINIT-after-adding-anonymous-prin.patch
|
|
|
0050-Remove-unused-variable-from-failed-anonymous-PKINIT-.patch
|
|
|
0051-Split-out-anonymous-PKINIT-test-to-a-separate-method.patch
|
|
|
0052-Ensure-KDC-is-propery-configured-after-upgrade.patch
|
|
|
0053-adtrust-make-sure-that-runtime-hostname-result-is-co.patch
|
|
|
0054-Allow-erasing-ipaDomainResolutionOrder-attribute.patch
|
|
|
0055-Always-check-and-create-anonymous-principal-during-K.patch
|
|
|
0056-Remove-duplicate-functionality-in-upgrade.patch
|
|
|
0057-Fix-the-order-of-cert-files-check.patch
|
|
|
0058-Don-t-allow-setting-pkinit-related-options-on-DL0.patch
|
|
|
0059-replica-prepare-man-remove-pkinit-option-refs.patch
|
|
|
0060-Remove-redundant-option-check-for-cert-files.patch
|
|
|
0061-Hide-request_type-doc-string-in-cert-request-help.patch
|
|
|
0062-Get-correct-CA-cert-nickname-in-CA-less.patch
|
|
|
0063-Remove-publish_ca_cert-method-from-NSSDatabase.patch
|
|
|
0064-httpinstance-make-sure-NSS-database-is-backed-up.patch
|
|
|
0065-IPA-KDB-use-relative-path-in-ipa-certmap-config-snip.patch
|
|
|
0066-Add-pki_pin-only-when-needed.patch
|
|
|
0067-idrange-add-properly-handle-empty-dom-name-option.patch
|
|
|
0068-ipa-sam-create-the-gidNumber-attribute-in-the-truste.patch
|
|
|
0069-Upgrade-add-gidnumber-to-trusted-domain-entry.patch
|
|
|
0070-dsinstance-reconnect-ldap2-after-DS-is-restarted-by-.patch
|
|
|
0071-httpinstance-avoid-httpd-restart-during-certificate-.patch
|
|
|
0072-dsinstance-httpinstance-consolidate-certificate-requ.patch
|
|
|
0073-install-request-service-certs-after-host-keytab-is-s.patch
|
|
|
0074-renew-agent-revert-to-host-keytab-authentication.patch
|
|
|
0075-renew-agent-restart-scripts-connect-to-LDAP-after-ki.patch
|
|
|
0076-ipaserver-dcerpc-unify-error-processing.patch
|
|
|
0077-trust-always-use-oddjobd-helper-for-fetching-trust-i.patch
|
|
|
0078-WebUI-cert-login-Configure-name-of-parameter-used-to.patch
|
|
|
0079-Create-system-users-for-FreeIPA-services-during-pack.patch
|
|
|
0080-Fix-s4u2self-with-adtrust.patch
|
|
|
0081-Add-debug-log-in-case-cookie-retrieval-went-wrong.patch
|
|
|
0082-server-install-remove-broken-no-pkinit-check.patch
|
|
|
0083-Add-the-force-join-option-to-replica-install.patch
|
|
|
0084-replicainstall-better-client-install-exception-handl.patch
|
|
|
0085-Fix-CA-less-to-CA-full-upgrade.patch
|
|
|
0086-cert-defer-cert-find-result-post-processing.patch
|
|
|
0087-server-install-No-double-Kerberos-install.patch
|
|
|
0088-ext.-CA-correctly-write-the-cert-chain.patch
|
|
|
0089-Fix-RA-cert-import-during-DL0-replication.patch
|
|
|
0090-configure-fix-AC_CHECK_LIB-usage.patch
|
|
|
0091-Fix-CAInstance.import_ra_cert-for-empty-passwords.patch
|
|
|
0092-upgrade-adtrust-update_tdo_gidnumber-plugin-must-che.patch
|
|
|
0093-compat-manage-behave-the-same-for-all-users.patch
|
|
|
0094-Move-the-compat-plugin-setup-at-the-end-of-install.patch
|
|
|
0095-compat-ignore-cn-topology-cn-ipa-cn-etc-subtree.patch
|
|
|
0096-spec-file-bump-krb5-Requires-for-certauth-fixes.patch
|
|
|
0097-Hide-PKI-Client-database-password-in-log-file.patch
|
|
|
0098-Vault-Explicitly-default-to-3DES-CBC.patch
|
|
|
0099-separate-function-to-set-ipaConfigString-values-on-s.patch
|
|
|
0100-Allow-for-configuration-of-all-three-PKINIT-variants.patch
|
|
|
0101-API-for-retrieval-of-master-s-PKINIT-status-and-publ.patch
|
|
|
0102-Use-only-anonymous-PKINIT-to-fetch-armor-ccache.patch
|
|
|
0103-Stop-requesting-anonymous-keytab-and-purge-all-refer.patch
|
|
|
0104-Use-local-anchor-when-armoring-password-requests.patch
|
|
|
0105-Upgrade-configure-local-full-PKINIT-depending-on-the.patch
|
|
|
0106-Do-not-test-anonymous-PKINIT-after-install-upgrade.patch
|
|
|
0107-vault-piped-input-for-ipa-vault-add-fails.patch
|
|
|
0108-automount-install-fix-checking-of-SSSD-functionality.patch
|
|
|
0109-Fix-CA-server-cert-validation-in-FIPS.patch
|
|
|
0110-restore-restart-reload-gssproxy-after-restore.patch
|
|
|
0111-kerberos-session-use-CA-cert-with-full-cert-chain-fo.patch
|
|
|
0112-ipa-client-install-remove-extra-space-in-pkinit_anch.patch
|
|
|
0113-Refresh-Dogtag-RestClient.ca_host-property.patch
|
|
|
0114-Remove-the-cachedproperty-class.patch
|
|
|
0115-ipa-server-install-with-external-CA-fix-pkinit-cert-.patch
|
|
|
0116-kra-install-update-installation-failure-message.patch
|
|
|
0117-Make-sure-remote-hosts-have-our-keys.patch
|
|
|
0118-Use-proper-SELinux-context-with-http.keytab.patch
|
|
|
0119-ipa-kra-install-fix-check_host_keys.patch
|
|
|
0120-python2-ipalib-add-missing-python-dependency.patch
|
|
|
0121-installer-service-fix-typo-in-service-entry.patch
|
|
|
0122-upgrade-add-missing-suffix-to-http-instance.patch
|
|
|
0123-Turn-on-NSSOCSP-check-in-mod_nss-conf.patch
|
|
|
0124-cert-show-writable-files-does-not-mean-dirs.patch
|
|
|
0125-Bump-version-of-ipa.conf-file.patch
|
|
|
0126-ipa-kra-install-manpage-document-domain-level-1.patch
|
|
|
0127-renew-agent-respect-CA-renewal-master-setting.patch
|
|
|
0128-server-upgrade-always-fix-certmonger-tracking-reques.patch
|
|
|
0129-cainstance-use-correct-profile-for-lightweight-CA-ce.patch
|
|
|
0130-renew-agent-allow-reusing-existing-certs.patch
|
|
|
0131-renew-agent-always-export-CSR-on-IPA-CA-certificate-.patch
|
|
|
0132-renew-agent-get-rid-of-virtual-profiles.patch
|
|
|
0133-ipa-cacert-manage-add-external-ca-type.patch
|
|
|
0134-Fixing-adding-authenticator-indicators-to-host.patch
|
|
|
0135-Added-plugins-directory-to-ipaclient-subpackages.patch
|
|
|
0136-ipaclient-fix-missing-RPM-ownership.patch
|
|
|
0137-otptoken-add-yubikey-When-digits-not-provided-use-de.patch
|
|
|
0138-ipa-server-install-fix-uninstall.patch
|
|
|
0139-ca-install-merge-duplicated-code-for-DM-password.patch
|
|
|
0140-installutils-add-DM-password-validator.patch
|
|
|
0141-ca-kra-install-validate-DM-password.patch
|
|
|
0142-ipa-kra-install-fix-pkispawn-setting-for-pki_securit.patch
|
|
|
0143-certdb-add-named-trust-flag-constants.patch
|
|
|
0144-certdb-certs-make-trust-flags-argument-mandatory.patch
|
|
|
0145-certdb-use-custom-object-for-trust-flags.patch
|
|
|
0146-install-trust-IPA-CA-for-PKINIT.patch
|
|
|
0147-client-install-fix-client-PKINIT-configuration.patch
|
|
|
0148-install-introduce-generic-Kerberos-Augeas-lens.patch
|
|
|
0149-server-install-fix-KDC-PKINIT-configuration.patch
|
|
|
0150-ipapython.ipautil.run-Add-option-to-set-umask-before.patch
|
|
|
0151-certs-do-not-export-keys-world-readable-in-install_k.patch
|
|
|
0152-certs-do-not-export-CA-certs-in-install_pem_from_p12.patch
|
|
|
0153-server-install-fix-KDC-certificate-validation-in-CA-.patch
|
|
|
0154-replica-install-respect-pkinit-cert-file.patch
|
|
|
0155-cacert-manage-support-PKINIT.patch
|
|
|
0156-server-certinstall-support-PKINIT.patch
|
|
|
0157-ipa-ca-install-append-CA-cert-chain-into-etc-ipa-ca..patch
|
|
|
0158-ca-cert-show-check-certificate_out-in-options.patch
|
|
|
0159-Fix-rare-race-condition-with-missing-ccache-file.patch
|
|
|
0160-Remove-pkinit-anonymous-command.patch
|
|
|
0161-krb5-make-sure-KDC-certificate-is-readable.patch
|
|
|
0162-Change-python-cryptography-to-python2-cryptography.patch
|
|
|
0163-Allow-for-multivalued-server-attributes.patch
|
|
|
0164-Refactor-the-role-attribute-member-reporting-code.patch
|
|
|
0165-Add-an-attribute-reporting-client-PKINIT-capable-ser.patch
|
|
|
0166-Add-the-list-of-PKINIT-servers-as-a-virtual-attribut.patch
|
|
|
0167-Add-pkinit-status-command.patch
|
|
|
0168-test_serverroles-Get-rid-of-MockLDAP-and-use-ldap2-i.patch
|
|
|
0169-only-stop-disable-simple-service-if-it-is-installed.patch
|
|
|
0170-Fix-index-definition-for-ipaAnchorUUID.patch
|
|
|
0171-httpinstance-wait-until-the-service-entry-is-replica.patch
|
|
|
0172-kdc.key-should-not-be-visible-to-all.patch
|
|
|
0173-ipa-kdb-reload-certificate-mapping-rules-periodicall.patch
|
|
|
0174-Avoid-possible-endless-recursion-in-RPC-call.patch
|
|
|
0175-rpc-preparations-for-recursion-fix.patch
|
|
|
0176-rpc-avoid-possible-recursion-in-create_connection.patch
|
|
|
0177-Changing-cert-find-to-do-not-use-only-primary-key-to.patch
|
|
|
0178-ipa-kdb-add-pkinit-authentication-indicator-in-case-.patch
|
|
|
0179-fix-incorrect-suffix-handling-in-topology-checks.patch
|
|
|
0180-server-certinstall-update-KDC-master-entry.patch
|
|
|
0181-pkinit-manage-introduce-ipa-pkinit-manage.patch
|
|
|
0182-server-upgrade-do-not-enable-PKINIT-by-default.patch
|
|
|
0183-Turn-off-OCSP-check.patch
|
|
|
0184-Only-warn-when-specified-server-IP-addresses-don-t-m.patch
|
|
|
0185-ipa-kdb-use-canonical-principal-in-certauth-plugin.patch
|
|
|
0186-Bump-version-of-python-gssapi.patch
|
|
|
0187-Add-code-to-be-able-to-set-default-kinit-lifetime.patch
|
|
|
0188-Revert-setting-sessionMaxAge-for-old-clients.patch
|
|
|
0189-Extend-the-advice-printing-code-by-some-useful-abstr.patch
|
|
|
0190-Prepare-advise-plugin-for-smart-card-auth-configurat.patch
|
|
|
0191-trust-mod-allow-modifying-list-of-UPNs-of-a-trusted-.patch
|
|
|
0192-WebUI-add-support-for-changing-trust-UPN-suffixes.patch
|
|
|
0193-kra-promote-Get-ticket-before-calling-custodia.patch
|
|
|
0194-Fix-local-IP-address-validation.patch
|
|
|
0195-ipa-dns-install-remove-check-for-local-ip-address.patch
|
|
|
0196-refactor-CheckedIPAddress-class.patch
|
|
|
0197-CheckedIPAddress-remove-match_local-param.patch
|
|
|
0198-Remove-ip_netmask-from-option-parser.patch
|
|
|
0199-replica-install-add-missing-check-for-non-local-IP-a.patch
|
|
|
0200-Remove-network-and-broadcast-address-warnings.patch
|
|
|
0201-ipa-sam-replace-encode_nt_key-with-E_md4hash.patch
|
|
|
0202-ipa_pwd_extop-do-not-generate-NT-hashes-in-FIPS-mode.patch
|
|
|
0203-Make-sure-we-check-ccaches-in-all-rpcserver-paths.patch
|
|
|
0204-replica-install-drop-in-IPA-specific-config-to-tmpfi.patch
|
|
|
0205-Add-CommonNameToSANDefault-to-default-cert-profile.patch
|
|
|
0206-smart-card-advises-configure-systemwide-NSS-DB-also-.patch
|
|
|
0207-smart-card-advises-add-steps-to-store-smart-card-sig.patch
|
|
|
0208-Allow-to-pass-in-multiple-CA-cert-paths-to-the-smart.patch
|
|
|
0209-add-a-class-that-tracks-the-indentation-in-the-gener.patch
|
|
|
0210-delegate-the-indentation-handling-in-advises-to-dedi.patch
|
|
|
0211-advise-add-an-infrastructure-for-formatting-Bash-com.patch
|
|
|
0212-delegate-formatting-of-compound-Bash-statements-to-d.patch
|
|
|
0213-Fix-indentation-of-statements-in-Smart-card-advises.patch
|
|
|
0214-Use-the-compound-statement-formatting-API-for-config.patch
|
|
|
0215-smart-card-advises-use-a-wrapper-around-Bash-for-loo.patch
|
|
|
0216-smart-card-advise-use-password-when-changing-trust-f.patch
|
|
|
0217-smart-card-advises-ensure-that-krb5-pkinit-is-instal.patch
|
|
|
0218-NULL-LDAP-context-in-call-to-ldap_search_ext_s-durin.patch
|
|
|
0219-Restore-old-version-of-caIPAserviceCert-for-upgrade-.patch
|
|
|
0220-ipa-otptoken-import-Make-PBKDF2-refer-to-the-pkcs5-n.patch
|
|
|
0221-Adds-whoami-DS-plugin-in-case-that-plugin-is-missing.patch
|
|
|
0222-Fix-ipa-config-mod-ca-renewal-master.patch
|
|
|
0223-Backport-PR-988-to-ipa-4-5-Fix-Certificate-renewal-w.patch
|
|
|
0224-Backport-PR-1008-to-ipa-4-5-Fix-ipa-server-upgrade-T.patch
|
|
|
0225-Fixing-how-sssd.conf-is-updated-when-promoting-a-cli.patch
|
|
|
0226-Backport-4-5-Fix-ipa-server-upgrade-with-server-cert.patch
|
|
|
0227-Always-check-peer-has-keys-before-connecting.patch
|
|
|
0228-Make-sure-upgrade-also-checks-for-IPv6-stack.patch
|
|
|
0229-control-logging-of-host_port_open-from-caller.patch
|
|
|
0230-log-progress-of-wait_for_open_ports.patch
|
|
|
0231-Store-help-in-Schema-before-writing-to-disk.patch
|
|
|
0232-Disable-pylint-in-get_help-function-because-of-type-.patch
|
|
|
0233-Less-confusing-message-for-PKINIT-configuration-duri.patch
|
|
|
0234-server.py-Removes-dns-server-configuration-from-ldap.patch
|
|
|
0235-Include-the-CA-basic-constraint-in-CSRs-when-renewin.patch
|
|
|
0236-Checks-if-replica-s4u2proxy.ldif-should-be-applied.patch
|
|
|
1001-Change-branding-to-IPA-and-Identity-Management.patch
|
|
|
1002-Package-copy-schema-to-ca.py.patch
|
|
|
1003-Revert-Increased-mod_wsgi-socket-timeout.patch
|
|
|
1004-Remove-csrgen.patch
|
|
|
ipa-centos-branding.patch
|