On 10/8/2015 4:34 PM, Ade Lee wrote:
Looks like the only behavioral change is that the exception when a
hostname cannot be resolved to an IP is thrown, rather than being
swallowed up. So two issues:
1) you've taken what was an optional parameter (because the IP test is
optional) and turned it into a required one. That could break some
cases
2) when the breakage occurs, we do not know if its a client or server
issue. So should this be a 400 or 500 error?
New patch attached.
Per IRC discussion the changes that added IP address validation have
been reverted. Further discussion is needed to see if the IP address
needs to be stored at all.
On Tue, 2015-10-06 at 17:49 -0500, Endi Sukma Dewata wrote:
> The SecurityDomainProcessor.getEnterpriseGroupName() has been
> added to simplify ConfigurationUtils.getGroupName().
>
> The SecurityDomainProcessor.getInstallToken() has been modified
> to validate the user role and the IP address, and to generate
> safer session ID.
>
>
https://fedorahosted.org/pki/ticket/1633
>
https://www.redhat.com/mailman/listinfo/pki-devel
--
Endi S. Dewata