0001-Add-options-to-allow-ticket-caching.patch
0002-Use-connection-keep-alive.patch
0003-Add-debug-logging-for-keep-alive.patch
0004-Increase-Apache-HTTPD-s-default-keep-alive-timeout.patch
0005-ipapython.ipautil.nolog_replace-Do-not-replace-empty.patch
0006-tasks-run-systemctl-daemon-reload-after-httpd.servic.patch
0007-man-ipa-cacert-manage-install-needs-clarification.patch
0008-certs-do-not-implicitly-create-DS-pin.txt.patch
0009-httpinstance-clean-up-etc-httpd-alias-on-uninstall.patch
0010-Fixing-replica-install-fix-ldap-connection-in-domlvl.patch
0011-replica-prepare-fix-wrong-IPA-CA-nickname-in-replica.patch
0012-ldap2-use-LDAP-whoami-operation-to-retrieve-bind-DN-.patch
0013-Backup-ipa-specific-httpd-unit-file.patch
0014-WebUI-check-principals-in-lowercase.patch
0015-WebUI-add-method-for-disabling-item-in-user-dropdown.patch
0016-WebUI-Add-support-for-login-for-AD-users.patch
0017-cert-do-not-limit-internal-searches-in-cert-find.patch
0018-ipa-kdb-add-ipadb_fetch_principals_with_extra_filter.patch
0019-IPA-certauth-plugin.patch
0020-configure-fix-disable-server-with-certauth-plugin.patch
0021-ipa-kdb-do-not-depend-on-certauth_plugin.h.patch
0022-WebUI-Add-support-for-suppressing-warnings.patch
0023-WebUI-suppress-truncation-warning-in-select-widget.patch
0024-WebUI-Fix-showing-vault-in-selfservice-view.patch
0025-Set-KDC-Disable-Last-Success-by-default.patch
0026-WebUI-Allow-to-add-certs-to-certmapping-with-CERT-LI.patch
0027-Bump-samba-version-for-FIPS-and-priv.-separation.patch
0028-Reworked-the-renaming-mechanism.patch
0029-Allow-renaming-of-the-HBAC-rule-objects.patch
0030-Allow-renaming-of-the-sudorule-objects.patch
0031-Create-temporaty-directories-at-the-begining-of-unin.patch
0032-dogtag-ipa-ca-renew-agent-submit-fix-the-is_replicat.patch
0033-Simplify-KRA-transport-cert-cache.patch
0034-rpcserver.login_x509-Actually-return-reply-from-__ca.patch
0035-Backup-CA-cert-from-kerberos-folder.patch
0036-spec-file-Bump-requires-to-make-Certificate-Login-in.patch
0037-Use-Custodia-0.3.1-features.patch
0038-spec-file-bump-krb5-devel-BuildRequires-for-certauth.patch
0039-Avoid-growing-FILE-ccaches-unnecessarily.patch
0040-Handle-failed-authentication-via-cookie.patch
0041-Work-around-issues-fetching-session-data.patch
0042-Prevent-churn-on-ccaches.patch
0043-Generate-PIN-for-PKI-to-help-Dogtag-in-FIPS.patch
0044-httpinstance.disable_system_trust-Don-t-fail-if-modu.patch
0045-extdom-do-reverse-search-for-domain-separator.patch
0046-extdom-improve-cert-request.patch
0047-spec-file-bump-libsss_nss_idmap-devel-BuildRequires.patch
0048-server-make-sure-we-test-for-sss_nss_getlistbycert.patch
0049-Upgrade-configure-PKINIT-after-adding-anonymous-prin.patch
0050-Remove-unused-variable-from-failed-anonymous-PKINIT-.patch
0051-Split-out-anonymous-PKINIT-test-to-a-separate-method.patch
0052-Ensure-KDC-is-propery-configured-after-upgrade.patch
0053-adtrust-make-sure-that-runtime-hostname-result-is-co.patch
0054-Allow-erasing-ipaDomainResolutionOrder-attribute.patch
0055-Always-check-and-create-anonymous-principal-during-K.patch
0056-Remove-duplicate-functionality-in-upgrade.patch
0057-Fix-the-order-of-cert-files-check.patch
0058-Don-t-allow-setting-pkinit-related-options-on-DL0.patch
0059-replica-prepare-man-remove-pkinit-option-refs.patch
0060-Remove-redundant-option-check-for-cert-files.patch
0061-Hide-request_type-doc-string-in-cert-request-help.patch
0062-Get-correct-CA-cert-nickname-in-CA-less.patch
0063-Remove-publish_ca_cert-method-from-NSSDatabase.patch
0064-httpinstance-make-sure-NSS-database-is-backed-up.patch
0065-IPA-KDB-use-relative-path-in-ipa-certmap-config-snip.patch
0066-Add-pki_pin-only-when-needed.patch
0067-idrange-add-properly-handle-empty-dom-name-option.patch
0068-ipa-sam-create-the-gidNumber-attribute-in-the-truste.patch
0069-Upgrade-add-gidnumber-to-trusted-domain-entry.patch
0070-dsinstance-reconnect-ldap2-after-DS-is-restarted-by-.patch
0071-httpinstance-avoid-httpd-restart-during-certificate-.patch
0072-dsinstance-httpinstance-consolidate-certificate-requ.patch
0073-install-request-service-certs-after-host-keytab-is-s.patch
0074-renew-agent-revert-to-host-keytab-authentication.patch
0075-renew-agent-restart-scripts-connect-to-LDAP-after-ki.patch
0076-ipaserver-dcerpc-unify-error-processing.patch
0077-trust-always-use-oddjobd-helper-for-fetching-trust-i.patch
0078-WebUI-cert-login-Configure-name-of-parameter-used-to.patch
0079-Create-system-users-for-FreeIPA-services-during-pack.patch
0080-Fix-s4u2self-with-adtrust.patch
0081-Add-debug-log-in-case-cookie-retrieval-went-wrong.patch
0082-server-install-remove-broken-no-pkinit-check.patch
0083-Add-the-force-join-option-to-replica-install.patch
0084-replicainstall-better-client-install-exception-handl.patch
0085-Fix-CA-less-to-CA-full-upgrade.patch
0086-cert-defer-cert-find-result-post-processing.patch
0087-server-install-No-double-Kerberos-install.patch
0088-ext.-CA-correctly-write-the-cert-chain.patch
0089-Fix-RA-cert-import-during-DL0-replication.patch
0090-configure-fix-AC_CHECK_LIB-usage.patch
0091-Fix-CAInstance.import_ra_cert-for-empty-passwords.patch
0092-upgrade-adtrust-update_tdo_gidnumber-plugin-must-che.patch
0093-compat-manage-behave-the-same-for-all-users.patch
0094-Move-the-compat-plugin-setup-at-the-end-of-install.patch
0095-compat-ignore-cn-topology-cn-ipa-cn-etc-subtree.patch
0096-spec-file-bump-krb5-Requires-for-certauth-fixes.patch
0097-Hide-PKI-Client-database-password-in-log-file.patch
0098-Vault-Explicitly-default-to-3DES-CBC.patch
0099-separate-function-to-set-ipaConfigString-values-on-s.patch
0100-Allow-for-configuration-of-all-three-PKINIT-variants.patch
0101-API-for-retrieval-of-master-s-PKINIT-status-and-publ.patch
0102-Use-only-anonymous-PKINIT-to-fetch-armor-ccache.patch
0103-Stop-requesting-anonymous-keytab-and-purge-all-refer.patch
0104-Use-local-anchor-when-armoring-password-requests.patch
0105-Upgrade-configure-local-full-PKINIT-depending-on-the.patch
0106-Do-not-test-anonymous-PKINIT-after-install-upgrade.patch
0107-vault-piped-input-for-ipa-vault-add-fails.patch
0108-automount-install-fix-checking-of-SSSD-functionality.patch
0109-Fix-CA-server-cert-validation-in-FIPS.patch
0110-restore-restart-reload-gssproxy-after-restore.patch
0111-kerberos-session-use-CA-cert-with-full-cert-chain-fo.patch
0112-ipa-client-install-remove-extra-space-in-pkinit_anch.patch
0113-Refresh-Dogtag-RestClient.ca_host-property.patch
0114-Remove-the-cachedproperty-class.patch
0115-ipa-server-install-with-external-CA-fix-pkinit-cert-.patch
0116-kra-install-update-installation-failure-message.patch
0117-Make-sure-remote-hosts-have-our-keys.patch
0118-Use-proper-SELinux-context-with-http.keytab.patch
0119-ipa-kra-install-fix-check_host_keys.patch
0120-python2-ipalib-add-missing-python-dependency.patch
0121-installer-service-fix-typo-in-service-entry.patch
0122-upgrade-add-missing-suffix-to-http-instance.patch
0123-Turn-on-NSSOCSP-check-in-mod_nss-conf.patch
0124-cert-show-writable-files-does-not-mean-dirs.patch
0125-Bump-version-of-ipa.conf-file.patch
0126-ipa-kra-install-manpage-document-domain-level-1.patch
0127-renew-agent-respect-CA-renewal-master-setting.patch
0128-server-upgrade-always-fix-certmonger-tracking-reques.patch
0129-cainstance-use-correct-profile-for-lightweight-CA-ce.patch
0130-renew-agent-allow-reusing-existing-certs.patch
0131-renew-agent-always-export-CSR-on-IPA-CA-certificate-.patch
0132-renew-agent-get-rid-of-virtual-profiles.patch
0133-ipa-cacert-manage-add-external-ca-type.patch
0134-Fixing-adding-authenticator-indicators-to-host.patch
0135-Added-plugins-directory-to-ipaclient-subpackages.patch
0136-ipaclient-fix-missing-RPM-ownership.patch
0137-otptoken-add-yubikey-When-digits-not-provided-use-de.patch
0138-ipa-server-install-fix-uninstall.patch
0139-ca-install-merge-duplicated-code-for-DM-password.patch
0140-installutils-add-DM-password-validator.patch
0141-ca-kra-install-validate-DM-password.patch
0142-ipa-kra-install-fix-pkispawn-setting-for-pki_securit.patch
0143-certdb-add-named-trust-flag-constants.patch
0144-certdb-certs-make-trust-flags-argument-mandatory.patch
0145-certdb-use-custom-object-for-trust-flags.patch
0146-install-trust-IPA-CA-for-PKINIT.patch
0147-client-install-fix-client-PKINIT-configuration.patch
0148-install-introduce-generic-Kerberos-Augeas-lens.patch
0149-server-install-fix-KDC-PKINIT-configuration.patch
0150-ipapython.ipautil.run-Add-option-to-set-umask-before.patch
0151-certs-do-not-export-keys-world-readable-in-install_k.patch
0152-certs-do-not-export-CA-certs-in-install_pem_from_p12.patch
0153-server-install-fix-KDC-certificate-validation-in-CA-.patch
0154-replica-install-respect-pkinit-cert-file.patch
0155-cacert-manage-support-PKINIT.patch
0156-server-certinstall-support-PKINIT.patch
0157-ipa-ca-install-append-CA-cert-chain-into-etc-ipa-ca..patch
0158-ca-cert-show-check-certificate_out-in-options.patch
0159-Fix-rare-race-condition-with-missing-ccache-file.patch
0160-Remove-pkinit-anonymous-command.patch
0161-krb5-make-sure-KDC-certificate-is-readable.patch
0162-Change-python-cryptography-to-python2-cryptography.patch
0163-Allow-for-multivalued-server-attributes.patch
0164-Refactor-the-role-attribute-member-reporting-code.patch
0165-Add-an-attribute-reporting-client-PKINIT-capable-ser.patch
0166-Add-the-list-of-PKINIT-servers-as-a-virtual-attribut.patch
0167-Add-pkinit-status-command.patch
0168-test_serverroles-Get-rid-of-MockLDAP-and-use-ldap2-i.patch
0169-only-stop-disable-simple-service-if-it-is-installed.patch
0170-Fix-index-definition-for-ipaAnchorUUID.patch
0171-httpinstance-wait-until-the-service-entry-is-replica.patch
0172-kdc.key-should-not-be-visible-to-all.patch
0173-ipa-kdb-reload-certificate-mapping-rules-periodicall.patch
0174-Avoid-possible-endless-recursion-in-RPC-call.patch
0175-rpc-preparations-for-recursion-fix.patch
0176-rpc-avoid-possible-recursion-in-create_connection.patch
0177-Changing-cert-find-to-do-not-use-only-primary-key-to.patch
0178-ipa-kdb-add-pkinit-authentication-indicator-in-case-.patch
0179-fix-incorrect-suffix-handling-in-topology-checks.patch
0180-server-certinstall-update-KDC-master-entry.patch
0181-pkinit-manage-introduce-ipa-pkinit-manage.patch
0182-server-upgrade-do-not-enable-PKINIT-by-default.patch
0183-Turn-off-OCSP-check.patch
0184-Only-warn-when-specified-server-IP-addresses-don-t-m.patch
0185-ipa-kdb-use-canonical-principal-in-certauth-plugin.patch
0186-Bump-version-of-python-gssapi.patch
0187-Add-code-to-be-able-to-set-default-kinit-lifetime.patch
0188-Revert-setting-sessionMaxAge-for-old-clients.patch
0189-Extend-the-advice-printing-code-by-some-useful-abstr.patch
0190-Prepare-advise-plugin-for-smart-card-auth-configurat.patch
0191-trust-mod-allow-modifying-list-of-UPNs-of-a-trusted-.patch
0192-WebUI-add-support-for-changing-trust-UPN-suffixes.patch
0193-kra-promote-Get-ticket-before-calling-custodia.patch
0194-Fix-local-IP-address-validation.patch
0195-ipa-dns-install-remove-check-for-local-ip-address.patch
0196-refactor-CheckedIPAddress-class.patch
0197-CheckedIPAddress-remove-match_local-param.patch
0198-Remove-ip_netmask-from-option-parser.patch
0199-replica-install-add-missing-check-for-non-local-IP-a.patch
0200-Remove-network-and-broadcast-address-warnings.patch
0201-ipa-sam-replace-encode_nt_key-with-E_md4hash.patch
0202-ipa_pwd_extop-do-not-generate-NT-hashes-in-FIPS-mode.patch
0203-Make-sure-we-check-ccaches-in-all-rpcserver-paths.patch
1001-Change-branding-to-IPA-and-Identity-Management.patch
1002-Package-copy-schema-to-ca.py.patch
1003-Revert-Increased-mod_wsgi-socket-timeout.patch
1004-Remove-csrgen.patch