freeipa

Clone
Source Code
GIT

edc76b7 ipa-kdb: read SID blacklist from LDAP

Authored and Committed by mkosek 11 years ago
raw patch tree parent
3 files changed. 136 lines added. 54 lines removed.
daemons/ipa-kdb/Makefile.am
file modified
+2 -0
daemons/ipa-kdb/ipa_kdb_mspac.c
file modified
+102 -54
util/ipa_mspac.h
file added
+32 
    ipa-kdb: read SID blacklist from LDAP
    
    SIDs in incoming MS-PAC were checked and filtered with a fixed list of
    well-known SIDs. Allow reading the SID blacklist from LDAP
    (ipaNTSIDBlacklistIncoming and ipaNTSIDBlacklistOutgoing) and add the list
    to mspac adtrust structure. Use the hardcoded SID list only if the LDAP
    SID list is not configured.
    
    LIMITATION: SID blacklist list is not used yet.
    
    https://fedorahosted.org/freeipa/ticket/3289
file modified
+2 -0
file modified
+102 -54
file added
+32
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.