On Thu, Aug 13, 2015 at 12:43:35PM +0200, Pavel Březina wrote:
On 08/10/2015 12:59 PM, Jakub Hrozek wrote:
>Hi,
>
>the attached patches fix #2742. The first one makes sure we can print
>the certificate (or any binary attribute, really) safely. We only need
>to make sure to escape the attribute values before saving them to sysdb,
>because then ldb guarantees terminating them.
>
>The second just switches the attribute value. I tested using this howto:
>
http://www.freeipa.org/page/V4/User_Certificates#How_to_Test
>
>You'll also want to use a recent enough IPA version, one that fixes:
>
https://fedorahosted.org/freeipa/ticket/5173
>
>Then, on the client, call:
> dbus-send --print-reply \
> --system \
> --dest=org.freedesktop.sssd.infopipe \
> /org/freedesktop/sssd/infopipe/Users \
> org.freedesktop.sssd.infopipe.Users.FindByCertificate \
> string:"$( openssl x509 < cert.pem )"
>
>The result will be an object path.
Ack.
Thanks for the patience during the tmate.io review :-)
Pushed to master:
32445affe3612428eddde043cdc672a01c189714
619e21ed9c7a71e35e53f38867b53ed974f1d36a