[Freeipa-devel] [PATCH] 1085 cert-find command
Rob Crittenden
rcritten at redhat.com
Fri Feb 8 13:55:09 UTC 2013
Jan Cholasta wrote:
> Hi,
>
> On 6.2.2013 00:44, Rob Crittenden wrote:
>> This adds a cert-find command for the dogtag backend.
>>
>> Searches can be done by serial number, by subject, revocation reason,
>> issue date, notbefore, notafter and revocation dates.
>>
>> I added some basic tests for this. I made it a separate test file
>> because the cert plugin tests do not use the declarative format and rely
>> on the selfsign backend by default.
>>
>> rob
>>
>
> I have one design question: why do you emulate object interface with
> Command plugins? Wouldn't it be better to add an actual Object plugin
> and Method plugins? That way you would not have to duplicate the Object
> bits for certs and as a result, the code would be cleaner and consistent
> with the rest of our plugins.
>
> Honza
>
I forget the details of the reasoning but IIRC it is because these
commands aren't backed by LDAP. So the normal things we get out of
Object don't apply.
rob
More information about the Freeipa-devel
mailing list