483b06
import ipa-4.5.0-22.el7_4
Authored and Committed by 
centosrcm
6 years ago
.gitignore
file added
+5
.ipa.metadata
file added
+5
README.md
file removed
-5
SOURCES/0001-Add-options-to-allow-ticket-caching.patch
file added
+39
SOURCES/0002-Use-connection-keep-alive.patch
file added
+35
SOURCES/0003-Add-debug-logging-for-keep-alive.patch
file added
+68
SOURCES/0004-Increase-Apache-HTTPD-s-default-keep-alive-timeout.patch
file added
+41
SOURCES/0005-ipapython.ipautil.nolog_replace-Do-not-replace-empty.patch
file added
+32
SOURCES/0006-tasks-run-systemctl-daemon-reload-after-httpd.servic.patch
file added
+49
SOURCES/0007-man-ipa-cacert-manage-install-needs-clarification.patch
file added
+31
SOURCES/0008-certs-do-not-implicitly-create-DS-pin.txt.patch
file added
+48
SOURCES/0009-httpinstance-clean-up-etc-httpd-alias-on-uninstall.patch
file added
+74
SOURCES/0010-Fixing-replica-install-fix-ldap-connection-in-domlvl.patch
file added
+43
SOURCES/0011-replica-prepare-fix-wrong-IPA-CA-nickname-in-replica.patch
file added
+51
SOURCES/0012-ldap2-use-LDAP-whoami-operation-to-retrieve-bind-DN-.patch
file added
+43
SOURCES/0013-Backup-ipa-specific-httpd-unit-file.patch
file added
+47
SOURCES/0014-WebUI-check-principals-in-lowercase.patch
file added
+36
SOURCES/0015-WebUI-add-method-for-disabling-item-in-user-dropdown.patch
file added
+105
SOURCES/0016-WebUI-Add-support-for-login-for-AD-users.patch
file added
+341
SOURCES/0017-cert-do-not-limit-internal-searches-in-cert-find.patch
file added
+105
SOURCES/0018-ipa-kdb-add-ipadb_fetch_principals_with_extra_filter.patch
file added
+132
SOURCES/0019-IPA-certauth-plugin.patch
file added
+609
SOURCES/0020-configure-fix-disable-server-with-certauth-plugin.patch
file added
+55
SOURCES/0021-ipa-kdb-do-not-depend-on-certauth_plugin.h.patch
file added
+85
SOURCES/0022-WebUI-Add-support-for-suppressing-warnings.patch
file added
+46
SOURCES/0023-WebUI-suppress-truncation-warning-in-select-widget.patch
file added
+37
SOURCES/0024-WebUI-Fix-showing-vault-in-selfservice-view.patch
file added
+54
SOURCES/0025-Set-KDC-Disable-Last-Success-by-default.patch
file added
+35
SOURCES/0026-WebUI-Allow-to-add-certs-to-certmapping-with-CERT-LI.patch
file added
+69
SOURCES/0027-Bump-samba-version-for-FIPS-and-priv.-separation.patch
file added
+40
SOURCES/0028-Reworked-the-renaming-mechanism.patch
file added
+296
SOURCES/0029-Allow-renaming-of-the-HBAC-rule-objects.patch
file added
+103
SOURCES/0030-Allow-renaming-of-the-sudorule-objects.patch
file added
+100
SOURCES/0031-Create-temporaty-directories-at-the-begining-of-unin.patch
file added
+36
SOURCES/0032-dogtag-ipa-ca-renew-agent-submit-fix-the-is_replicat.patch
file added
+38
SOURCES/0033-Simplify-KRA-transport-cert-cache.patch
file added
+195
SOURCES/0034-rpcserver.login_x509-Actually-return-reply-from-__ca.patch
file added
+33
SOURCES/0035-Backup-CA-cert-from-kerberos-folder.patch
file added
+27
SOURCES/0036-spec-file-Bump-requires-to-make-Certificate-Login-in.patch
file added
+54
SOURCES/0037-Use-Custodia-0.3.1-features.patch
file added
+236
SOURCES/0038-spec-file-bump-krb5-devel-BuildRequires-for-certauth.patch
file added
+40
SOURCES/0039-Avoid-growing-FILE-ccaches-unnecessarily.patch
file added
+34
SOURCES/0040-Handle-failed-authentication-via-cookie.patch
file added
+120
SOURCES/0041-Work-around-issues-fetching-session-data.patch
file added
+331
SOURCES/0042-Prevent-churn-on-ccaches.patch
file added
+71
SOURCES/0043-Generate-PIN-for-PKI-to-help-Dogtag-in-FIPS.patch
file added
+68
SOURCES/0044-httpinstance.disable_system_trust-Don-t-fail-if-modu.patch
file added
+47
SOURCES/0045-extdom-do-reverse-search-for-domain-separator.patch
file added
+49
SOURCES/0046-extdom-improve-cert-request.patch
file added
+243
SOURCES/0047-spec-file-bump-libsss_nss_idmap-devel-BuildRequires.patch
file added
+37
SOURCES/0048-server-make-sure-we-test-for-sss_nss_getlistbycert.patch
file added
+32
SOURCES/0049-Upgrade-configure-PKINIT-after-adding-anonymous-prin.patch
file added
+34
SOURCES/0050-Remove-unused-variable-from-failed-anonymous-PKINIT-.patch
file added
+28
SOURCES/0051-Split-out-anonymous-PKINIT-test-to-a-separate-method.patch
file added
+37
SOURCES/0052-Ensure-KDC-is-propery-configured-after-upgrade.patch
file added
+47
SOURCES/0053-adtrust-make-sure-that-runtime-hostname-result-is-co.patch
file added
+77
SOURCES/0054-Allow-erasing-ipaDomainResolutionOrder-attribute.patch
file added
+42
SOURCES/0055-Always-check-and-create-anonymous-principal-during-K.patch
file added
+70
SOURCES/0056-Remove-duplicate-functionality-in-upgrade.patch
file added
+53
SOURCES/0057-Fix-the-order-of-cert-files-check.patch
file added
+47
SOURCES/0058-Don-t-allow-setting-pkinit-related-options-on-DL0.patch
file added
+95
SOURCES/0059-replica-prepare-man-remove-pkinit-option-refs.patch
file added
+60
SOURCES/0060-Remove-redundant-option-check-for-cert-files.patch
file added
+41
SOURCES/0061-Hide-request_type-doc-string-in-cert-request-help.patch
file added
+34
SOURCES/0062-Get-correct-CA-cert-nickname-in-CA-less.patch
file added
+60
SOURCES/0063-Remove-publish_ca_cert-method-from-NSSDatabase.patch
file added
+49
SOURCES/0064-httpinstance-make-sure-NSS-database-is-backed-up.patch
file added
+39
SOURCES/0065-IPA-KDB-use-relative-path-in-ipa-certmap-config-snip.patch
file added
+72
SOURCES/0066-Add-pki_pin-only-when-needed.patch
file added
+62
SOURCES/0067-idrange-add-properly-handle-empty-dom-name-option.patch
file added
+35
SOURCES/0068-ipa-sam-create-the-gidNumber-attribute-in-the-truste.patch
file added
+145
SOURCES/0069-Upgrade-add-gidnumber-to-trusted-domain-entry.patch
file added
+104
SOURCES/0070-dsinstance-reconnect-ldap2-after-DS-is-restarted-by-.patch
file added
+53
SOURCES/0071-httpinstance-avoid-httpd-restart-during-certificate-.patch
file added
+52
SOURCES/0072-dsinstance-httpinstance-consolidate-certificate-requ.patch
file added
+289
SOURCES/0073-install-request-service-certs-after-host-keytab-is-s.patch
file added
+135
SOURCES/0074-renew-agent-revert-to-host-keytab-authentication.patch
file added
+53
SOURCES/0075-renew-agent-restart-scripts-connect-to-LDAP-after-ki.patch
file added
+117
SOURCES/0076-ipaserver-dcerpc-unify-error-processing.patch
file added
+93
SOURCES/0077-trust-always-use-oddjobd-helper-for-fetching-trust-i.patch
file added
+86
SOURCES/0078-WebUI-cert-login-Configure-name-of-parameter-used-to.patch
file added
+34
SOURCES/0079-Create-system-users-for-FreeIPA-services-during-pack.patch
file added
+414
SOURCES/0080-Fix-s4u2self-with-adtrust.patch
file added
+60
SOURCES/0081-Add-debug-log-in-case-cookie-retrieval-went-wrong.patch
file added
+31
SOURCES/0082-server-install-remove-broken-no-pkinit-check.patch
file added
+36
SOURCES/0083-Add-the-force-join-option-to-replica-install.patch
file added
+55
SOURCES/0084-replicainstall-better-client-install-exception-handl.patch
file added
+120
SOURCES/0085-Fix-CA-less-to-CA-full-upgrade.patch
file added
+110
SOURCES/0086-cert-defer-cert-find-result-post-processing.patch
file added
+221
SOURCES/0087-server-install-No-double-Kerberos-install.patch
file added
+42
SOURCES/0088-ext.-CA-correctly-write-the-cert-chain.patch
file added
+35
SOURCES/0089-Fix-RA-cert-import-during-DL0-replication.patch
file added
+122
SOURCES/0090-configure-fix-AC_CHECK_LIB-usage.patch
file added
+64
SOURCES/0091-Fix-CAInstance.import_ra_cert-for-empty-passwords.patch
file added
+30
SOURCES/0092-upgrade-adtrust-update_tdo_gidnumber-plugin-must-che.patch
file added
+37
SOURCES/0093-compat-manage-behave-the-same-for-all-users.patch
file added
+34
SOURCES/0094-Move-the-compat-plugin-setup-at-the-end-of-install.patch
file added
+317
SOURCES/0095-compat-ignore-cn-topology-cn-ipa-cn-etc-subtree.patch
file added
+62
SOURCES/0096-spec-file-bump-krb5-Requires-for-certauth-fixes.patch
file added
+68
SOURCES/0097-Hide-PKI-Client-database-password-in-log-file.patch
file added
+70
SOURCES/0098-Vault-Explicitly-default-to-3DES-CBC.patch
file added
+50
SOURCES/0099-separate-function-to-set-ipaConfigString-values-on-s.patch
file added
+244
SOURCES/0100-Allow-for-configuration-of-all-three-PKINIT-variants.patch
file added
+205
SOURCES/0101-API-for-retrieval-of-master-s-PKINIT-status-and-publ.patch
file added
+99
SOURCES/0102-Use-only-anonymous-PKINIT-to-fetch-armor-ccache.patch
file added
+79
SOURCES/0103-Stop-requesting-anonymous-keytab-and-purge-all-refer.patch
file added
+110
SOURCES/0104-Use-local-anchor-when-armoring-password-requests.patch
file added
+31
SOURCES/0105-Upgrade-configure-local-full-PKINIT-depending-on-the.patch
file added
+52
SOURCES/0106-Do-not-test-anonymous-PKINIT-after-install-upgrade.patch
file added
+62
SOURCES/0107-vault-piped-input-for-ipa-vault-add-fails.patch
file added
+104
SOURCES/0108-automount-install-fix-checking-of-SSSD-functionality.patch
file added
+83
SOURCES/0109-Fix-CA-server-cert-validation-in-FIPS.patch
file added
+72
SOURCES/0110-restore-restart-reload-gssproxy-after-restore.patch
file added
+77
SOURCES/0111-kerberos-session-use-CA-cert-with-full-cert-chain-fo.patch
file added
+39
SOURCES/0112-ipa-client-install-remove-extra-space-in-pkinit_anch.patch
file added
+34
SOURCES/0113-Refresh-Dogtag-RestClient.ca_host-property.patch
file added
+114
SOURCES/0114-Remove-the-cachedproperty-class.patch
file added
+71
SOURCES/0115-ipa-server-install-with-external-CA-fix-pkinit-cert-.patch
file added
+62
SOURCES/0116-kra-install-update-installation-failure-message.patch
file added
+32
SOURCES/0117-Make-sure-remote-hosts-have-our-keys.patch
file added
+114
SOURCES/0118-Use-proper-SELinux-context-with-http.keytab.patch
file added
+40
SOURCES/0119-ipa-kra-install-fix-check_host_keys.patch
file added
+47
SOURCES/0120-python2-ipalib-add-missing-python-dependency.patch
file added
+30
SOURCES/0121-installer-service-fix-typo-in-service-entry.patch
file added
+31
SOURCES/0122-upgrade-add-missing-suffix-to-http-instance.patch
file added
+31
SOURCES/0123-Turn-on-NSSOCSP-check-in-mod_nss-conf.patch
file added
+227
SOURCES/0124-cert-show-writable-files-does-not-mean-dirs.patch
file added
+31
SOURCES/0125-Bump-version-of-ipa.conf-file.patch
file added
+30
SOURCES/0126-ipa-kra-install-manpage-document-domain-level-1.patch
file added
+72
SOURCES/0127-renew-agent-respect-CA-renewal-master-setting.patch
file added
+54
SOURCES/0128-server-upgrade-always-fix-certmonger-tracking-reques.patch
file added
+93
SOURCES/0129-cainstance-use-correct-profile-for-lightweight-CA-ce.patch
file added
+182
SOURCES/0130-renew-agent-allow-reusing-existing-certs.patch
file added
+260
SOURCES/0131-renew-agent-always-export-CSR-on-IPA-CA-certificate-.patch
file added
+51
SOURCES/0132-renew-agent-get-rid-of-virtual-profiles.patch
file added
+321
SOURCES/0133-ipa-cacert-manage-add-external-ca-type.patch
file added
+97
SOURCES/0134-Fixing-adding-authenticator-indicators-to-host.patch
file added
+70
SOURCES/0135-Added-plugins-directory-to-ipaclient-subpackages.patch
file added
+35
SOURCES/0136-ipaclient-fix-missing-RPM-ownership.patch
file added
+71
SOURCES/0137-otptoken-add-yubikey-When-digits-not-provided-use-de.patch
file added
+36
SOURCES/0138-ipa-server-install-fix-uninstall.patch
file added
+34
SOURCES/0139-ca-install-merge-duplicated-code-for-DM-password.patch
file added
+85
SOURCES/0140-installutils-add-DM-password-validator.patch
file added
+55
SOURCES/0141-ca-kra-install-validate-DM-password.patch
file added
+73
SOURCES/0142-ipa-kra-install-fix-pkispawn-setting-for-pki_securit.patch
file added
+45
SOURCES/0143-certdb-add-named-trust-flag-constants.patch
file added
+344
SOURCES/0144-certdb-certs-make-trust-flags-argument-mandatory.patch
file added
+181
SOURCES/0145-certdb-use-custom-object-for-trust-flags.patch
file added
+358
SOURCES/0146-install-trust-IPA-CA-for-PKINIT.patch
file added
+202
SOURCES/0147-client-install-fix-client-PKINIT-configuration.patch
file added
+254
SOURCES/0148-install-introduce-generic-Kerberos-Augeas-lens.patch
file added
+98
SOURCES/0149-server-install-fix-KDC-PKINIT-configuration.patch
file added
+292
SOURCES/0150-ipapython.ipautil.run-Add-option-to-set-umask-before.patch
file added
+85
SOURCES/0151-certs-do-not-export-keys-world-readable-in-install_k.patch
file added
+33
SOURCES/0152-certs-do-not-export-CA-certs-in-install_pem_from_p12.patch
file added
+33
SOURCES/0153-server-install-fix-KDC-certificate-validation-in-CA-.patch
file added
+203
SOURCES/0154-replica-install-respect-pkinit-cert-file.patch
file added
+56
SOURCES/0155-cacert-manage-support-PKINIT.patch
file added
+74
SOURCES/0156-server-certinstall-support-PKINIT.patch
file added
+163
SOURCES/0157-ipa-ca-install-append-CA-cert-chain-into-etc-ipa-ca..patch
file added
+41
SOURCES/0158-ca-cert-show-check-certificate_out-in-options.patch
file added
+73
SOURCES/0159-Fix-rare-race-condition-with-missing-ccache-file.patch
file added
+47
SOURCES/0160-Remove-pkinit-anonymous-command.patch
file added
+176
SOURCES/0161-krb5-make-sure-KDC-certificate-is-readable.patch
file added
+108
SOURCES/0162-Change-python-cryptography-to-python2-cryptography.patch
file added
+41
SOURCES/0163-Allow-for-multivalued-server-attributes.patch
file added
+270
SOURCES/0164-Refactor-the-role-attribute-member-reporting-code.patch
file added
+179
SOURCES/0165-Add-an-attribute-reporting-client-PKINIT-capable-ser.patch
file added
+275
SOURCES/0166-Add-the-list-of-PKINIT-servers-as-a-virtual-attribut.patch
file added
+34
SOURCES/0167-Add-pkinit-status-command.patch
file added
+201
SOURCES/0168-test_serverroles-Get-rid-of-MockLDAP-and-use-ldap2-i.patch
file added
+238
SOURCES/0169-only-stop-disable-simple-service-if-it-is-installed.patch
file added
+54
SOURCES/0170-Fix-index-definition-for-ipaAnchorUUID.patch
file added
+33
SOURCES/0171-httpinstance-wait-until-the-service-entry-is-replica.patch
file added
+126
SOURCES/0172-kdc.key-should-not-be-visible-to-all.patch
file added
+34
SOURCES/0173-ipa-kdb-reload-certificate-mapping-rules-periodicall.patch
file added
+221
SOURCES/0174-Avoid-possible-endless-recursion-in-RPC-call.patch
file added
+127
SOURCES/0175-rpc-preparations-for-recursion-fix.patch
file added
+103
SOURCES/0176-rpc-avoid-possible-recursion-in-create_connection.patch
file added
+175
SOURCES/0177-Changing-cert-find-to-do-not-use-only-primary-key-to.patch
file added
+102
SOURCES/0178-ipa-kdb-add-pkinit-authentication-indicator-in-case-.patch
file added
+101
SOURCES/0179-fix-incorrect-suffix-handling-in-topology-checks.patch
file added
+49
SOURCES/0180-server-certinstall-update-KDC-master-entry.patch
file added
+45
SOURCES/0181-pkinit-manage-introduce-ipa-pkinit-manage.patch
file added
+259
SOURCES/0182-server-upgrade-do-not-enable-PKINIT-by-default.patch
file added
+42
SOURCES/0183-Turn-off-OCSP-check.patch
file added
+196
SOURCES/0184-Only-warn-when-specified-server-IP-addresses-don-t-m.patch
file added
+244
SOURCES/0185-ipa-kdb-use-canonical-principal-in-certauth-plugin.patch
file added
+33
SOURCES/0186-Bump-version-of-python-gssapi.patch
file added
+66
SOURCES/0187-Add-code-to-be-able-to-set-default-kinit-lifetime.patch
file added
+84
SOURCES/0188-Revert-setting-sessionMaxAge-for-old-clients.patch
file added
+44
SOURCES/0189-Extend-the-advice-printing-code-by-some-useful-abstr.patch
file added
+93
SOURCES/0190-Prepare-advise-plugin-for-smart-card-auth-configurat.patch
file added
+293
SOURCES/0191-trust-mod-allow-modifying-list-of-UPNs-of-a-trusted-.patch
file added
+93
SOURCES/0192-WebUI-add-support-for-changing-trust-UPN-suffixes.patch
file added
+32
SOURCES/0193-kra-promote-Get-ticket-before-calling-custodia.patch
file added
+59
SOURCES/0194-Fix-local-IP-address-validation.patch
file added
+45
SOURCES/0195-ipa-dns-install-remove-check-for-local-ip-address.patch
file added
+32
SOURCES/0196-refactor-CheckedIPAddress-class.patch
file added
+88
SOURCES/0197-CheckedIPAddress-remove-match_local-param.patch
file added
+141
SOURCES/0198-Remove-ip_netmask-from-option-parser.patch
file added
+44
SOURCES/0199-replica-install-add-missing-check-for-non-local-IP-a.patch
file added
+29
SOURCES/0200-Remove-network-and-broadcast-address-warnings.patch
file added
+146
SOURCES/0201-ipa-sam-replace-encode_nt_key-with-E_md4hash.patch
file added
+80
SOURCES/0202-ipa_pwd_extop-do-not-generate-NT-hashes-in-FIPS-mode.patch
file added
+102
SOURCES/0203-Make-sure-we-check-ccaches-in-all-rpcserver-paths.patch
file added
+126
SOURCES/0204-replica-install-drop-in-IPA-specific-config-to-tmpfi.patch
file added
+34
SOURCES/0205-Add-CommonNameToSANDefault-to-default-cert-profile.patch
file added
+62
SOURCES/0206-smart-card-advises-configure-systemwide-NSS-DB-also-.patch
file added
+131
SOURCES/0207-smart-card-advises-add-steps-to-store-smart-card-sig.patch
file added
+125
SOURCES/0208-Allow-to-pass-in-multiple-CA-cert-paths-to-the-smart.patch
file added
+150
SOURCES/0209-add-a-class-that-tracks-the-indentation-in-the-gener.patch
file added
+77
SOURCES/0210-delegate-the-indentation-handling-in-advises-to-dedi.patch
file added
+267
SOURCES/0211-advise-add-an-infrastructure-for-formatting-Bash-com.patch
file added
+104
SOURCES/0212-delegate-formatting-of-compound-Bash-statements-to-d.patch
file added
+93
SOURCES/0213-Fix-indentation-of-statements-in-Smart-card-advises.patch
file added
+36
SOURCES/0214-Use-the-compound-statement-formatting-API-for-config.patch
file added
+48
SOURCES/0215-smart-card-advises-use-a-wrapper-around-Bash-for-loo.patch
file added
+121
SOURCES/0216-smart-card-advise-use-password-when-changing-trust-f.patch
file added
+54
SOURCES/0217-smart-card-advises-ensure-that-krb5-pkinit-is-instal.patch
file added
+46
SOURCES/0218-NULL-LDAP-context-in-call-to-ldap_search_ext_s-durin.patch
file added
+33
SOURCES/0219-Restore-old-version-of-caIPAserviceCert-for-upgrade-.patch
file added
+187
SOURCES/0220-ipa-otptoken-import-Make-PBKDF2-refer-to-the-pkcs5-n.patch
file added
+84
SOURCES/0221-Adds-whoami-DS-plugin-in-case-that-plugin-is-missing.patch
file added
+59
SOURCES/0222-Fix-ipa-config-mod-ca-renewal-master.patch
file added
+88
SOURCES/0223-Backport-PR-988-to-ipa-4-5-Fix-Certificate-renewal-w.patch
file added
+60
SOURCES/0224-Backport-PR-1008-to-ipa-4-5-Fix-ipa-server-upgrade-T.patch
file added
+213
SOURCES/0225-Fixing-how-sssd.conf-is-updated-when-promoting-a-cli.patch
file added
+92
SOURCES/0226-Backport-4-5-Fix-ipa-server-upgrade-with-server-cert.patch
file added
+199
SOURCES/0227-Always-check-peer-has-keys-before-connecting.patch
file added
+73
SOURCES/0228-Make-sure-upgrade-also-checks-for-IPv6-stack.patch
file added
+61
SOURCES/0229-control-logging-of-host_port_open-from-caller.patch
file added
+103
SOURCES/0230-log-progress-of-wait_for_open_ports.patch
file added
+44
SOURCES/0231-Store-help-in-Schema-before-writing-to-disk.patch
file added
+39
SOURCES/0232-Disable-pylint-in-get_help-function-because-of-type-.patch
file added
+33
SOURCES/0233-Less-confusing-message-for-PKINIT-configuration-duri.patch
file added
+50
SOURCES/0234-server.py-Removes-dns-server-configuration-from-ldap.patch
file added
+45
SOURCES/0235-Include-the-CA-basic-constraint-in-CSRs-when-renewin.patch
file added
+75
SOURCES/0236-Checks-if-replica-s4u2proxy.ldif-should-be-applied.patch
file added
+51
SOURCES/1001-Change-branding-to-IPA-and-Identity-Management.patch
file added
+999
SOURCES/1002-Package-copy-schema-to-ca.py.patch
file added
+44
SOURCES/1003-Revert-Increased-mod_wsgi-socket-timeout.patch
file added
+28
SOURCES/1004-Remove-csrgen.patch
file added
+1666
SPECS/ipa.spec
file added
+4612