[Freeipa-devel] [PATCH 0053] Implement OTP token importing
Nathaniel McCallum
npmccallum at redhat.com
Tue May 13 16:38:45 UTC 2014
This patch adds support for importing tokens using RFC 6030 key
container files. This includes decryption support. For sysadmin sanity,
any tokens which fail to add will be written to the output file for
examination. The main use case here is where a small subset of a large
set of tokens fails to validate or add. Using the output file, the
sysadmin can attempt to recover these specific tokens.
This code is implemented as a server-side script. However, it doesn't
actually need to run on the server. This was done because importing is
an odd fit for the IPA command framework:
1. We need to write an output file.
2. The operation may be long-running (thousands of tokens).
3. Only admins need to perform this task and it only happens
infrequently.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-npmccallum-0053-Implement-OTP-token-importing.patch
Type: text/x-patch
Size: 20517 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140513/79dde425/attachment.bin>
More information about the Freeipa-devel
mailing list