URL: https://github.com/SSSD/sssd/pull/474
Author: sumit-bose
Title: #474: p11_child: properly check results of CERT_VerifyCertificateNow
Action: opened
PR body:
"""
I'm sorry but my recent commit 'p11_child: make sure OCSP checks are done' was
not the right fix for the observed issue and might lead to do the OCSP check
twice. Hence this PR reverts this commit and adds a better fix (after checking
the related NSS code carefully and discussing it with NSS developers).
With certificateUsageCheckAllUsages not only the return code of
CERT_VerifyCertificateNow() should be checked but also the usages for which
the certificate was verified. The usages checked here will all involve CA
signature checks and OCSP checks if OCSP is enabled.
Related to https://pagure.io/SSSD/sssd/issue/3560
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/474/head:pr474
git checkout pr474
URL: https://github.com/SSSD/sssd/pull/468
Author: clayfreeman
Title: #468: enable lookup of "sshPublicKey" for active directory
Action: opened
PR body:
"""
This patch modifies SSSD to be able to query Active Directory for the "sshPublicKey" user attribute.
As a result, the `sss_ssh_authorizedkeys` command will work with Active Directory.
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/468/head:pr468
git checkout pr468
URL: https://github.com/SSSD/sssd/pull/471
Author: fidencio
Title: #471: Fix a few typos
Action: opened
PR body:
"""
Those typos where found while navigating through the code ...
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/471/head:pr471
git checkout pr471
URL: https://github.com/SSSD/sssd/pull/463
Author: amitkumar50
Title: #463: cache: Check for max_id/min_id in cache_req
Action: opened
PR body:
"""
The cache_req code doesn't check the min_id/max_id
boundaries for requests by ID.
Extending the .lookup_fn function in each plugin
that searches by ID for a check that returns non-zero
if the entry is out of the range and 0 if not.
Resolves: https://pagure.io/SSSD/sssd/issue/3569
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/463/head:pr463
git checkout pr463
A call for papers for Identity and Access Management developer room at
FOSDEM 2018 closed few weeks ago and now I'm pleased to announce that a
schedule of selected talks is available at
https://fosdem.org/2018/schedule/track/identity_and_access_management/
We've got 25 talk proposals for our first devroom. With only 8.30 hours
of schedule available, 14 talks were chosen. Even with 2/3rd of
proposals in, length of the talks had to be limited to ~30-40 minutes
for all of the talks to allow a wider coverage of topics.
Thank you to all people who submitted their proposals. A work you are
doing on free software is very important. Even if your talk wasn't
chosen, I hope to see you and everyone else in Brussels at FOSDEM 2018!
On ma, 09 loka 2017, Alexander Bokovoy via samba-technical wrote:
> Welcome to Identity and Access Management developer room at FOSDEM 2018
> (Brussels, Belgium, February 3rd).
>
> FOSDEM is a free software event that offers open source communities a place to
> meet, share ideas and collaborate. It is renown for being highly developer-
> oriented and brings together 8000+ participants from all over the world. It
> is held in the city of Brussels (Belgium).
>
> FOSDEM 2018 will take place during the weekend of February 3rd-4th 2018. More
> details about the event can be found at http://fosdem.org/
>
> On Saturday, February 3rd, FOSDEM will see a first-time Identity and Access
> Management developer room. Devrooms are a place for development teams to meet,
> discuss, hack and publicly present their project's latest improvements and
> future directions.
>
> Identity and Access Management (IAM/IdM) is a concept that touches everyone's
> lives. We all have many identities and associated credentials to manage. At
> work, we need to access many kinds of services every day, sometimes with
> multiple identities and using different authentication methods. Those who
> deploy identity infrastructure need also to deal with audit and monitoring of
> user activities. Security is paramount but efficiency and ease of use matter
> too!
>
> ** Call For Participation
>
> The IAM/IdM developer room is devoted to all things Identity Management. Both
> server and client side free software projects in the area of identity
> management are welcomed to present their state and progress.
>
> Presentation topics could include:
>
> - Security: algorithms and protocols for IAM/IdM;
> passwords and password alternatives
>
> - Federated and social identity;
> leveraging external identities in applications
>
> - Audit, compliance, monitoring
>
> - User experience, desktop integration
>
> - Free software IAM/IdM offerings
>
> - IAM/IdM deployment reports
>
> and more. Don't be shy and show how your project helps to improve our lives.
>
> ** Important dates:
>
> - 26 Nov 2017: submission deadline for talk proposals
> - 15 Dec 2017: announcement of the final schedule
> - 3 Feb 2018: Identity and Access Management devroom (Saturday)
>
> Talk proposals will be reviewed by a steering committee:
> - Alexander Bokovoy (Samba Team, FreeIPA // Red Hat Inc.)
> - Marcus Rückert (OpenSUSE Infrastructure // SUSE LINUX GmbH)
> - Jakub Hrozek (SSSD // Red Hat Inc.)
> - Timo Aaltonen (Debian, Ubuntu // Canonical)
>
> Use the FOSDEM 'pentabarf' tool to submit your proposal:
> https://penta.fosdem.org/submission/FOSDEM18
>
> - If necessary, create a Pentabarf account and activate it.
> Please reuse your account from previous years if you have
> already created it.
>
> - In the "Person" section, provide First name, Last name
> (in the "General" tab), Email (in the "Contact" tab)
> and Bio ("Abstract" field in the "Description" tab).
>
> - Submit a proposal by clicking on "Create event".
>
> - Important! Select the "Identity and Access Management devroom" track
> (on the "General" tab).
>
> - Provide the title of your talk ("Event title" in the "General" tab).
>
> - Provide a description of the subject of the talk and the
> intended audience (in the "Abstract" field of the "Description" tab)
>
> - Provide a rough outline of the talk or goals of the session (a short
> list of bullet points covering topics that will be discussed) in the
> "Full description" field in the "Description" tab
>
> - Provide an expected length of your talk in the "Duration" field. Please
> count at least 10 minutes of discussion into your proposal.
>
> Suggested talk length would be 15, 20+10, 30+10, and 40+10 minutes.
>
> ** Recording of talks
>
> The FOSDEM organizers plan to have live streaming and recording fully working,
> both for remote/later viewing of talks, and so that people can watch streams
> in the hallways when rooms are full. This requires speakers to consent to
> being recorded and streamed. If you plan to be a speaker, please understand
> that by doing so you implicitly give consent for your talk to be recorded and
> streamed. The recordings will be published under the same license as all
> FOSDEM content (CC-BY).
>
> --
> / Alexander Bokovoy
>
--
/ Alexander Bokovoy
URL: https://github.com/SSSD/sssd/pull/467
Author: sumit-bose
Title: #467: nss-idmap: allow NULL result in *_timeout calls
Action: opened
PR body:
"""
To make the *_timeout calls more resilient checks are added if the
result parameter is NULL. It will not be used in this case.
Related to https://pagure.io/SSSD/sssd/issue/2478
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/467/head:pr467
git checkout pr467