[Freeipa-devel] [PATCH 0053] Implement OTP token importing
Nathaniel McCallum
npmccallum at redhat.com
Tue May 13 16:40:26 UTC 2014
On Tue, 2014-05-13 at 12:38 -0400, Nathaniel McCallum wrote:
> This patch adds support for importing tokens using RFC 6030 key
> container files. This includes decryption support. For sysadmin sanity,
> any tokens which fail to add will be written to the output file for
> examination. The main use case here is where a small subset of a large
> set of tokens fails to validate or add. Using the output file, the
> sysadmin can attempt to recover these specific tokens.
>
> This code is implemented as a server-side script. However, it doesn't
> actually need to run on the server. This was done because importing is
> an odd fit for the IPA command framework:
> 1. We need to write an output file.
> 2. The operation may be long-running (thousands of tokens).
> 3. Only admins need to perform this task and it only happens
> infrequently.
I forgot to put the link to the ticket in the commit message. Fixed.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-npmccallum-0053-Implement-OTP-token-importing.patch
Type: text/x-patch
Size: 20563 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140513/6416dad9/attachment.bin>
More information about the Freeipa-devel
mailing list