diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2011-09-13 14:25:16 -0400 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2011-09-14 18:27:05 +0200 |
| commit | 29ec63c3813cee5fa8d8b1e9ad032a89992791eb (patch) | |
| tree | 4f6f3eee85b1ffd538f0aea262dcbad517a19eb5 | |
| parent | ba1bdda25f1345fe015b3ba0abc6996bee223d35 (diff) | |
| download | freeipa-29ec63c3813cee5fa8d8b1e9ad032a89992791eb.tar.gz freeipa-29ec63c3813cee5fa8d8b1e9ad032a89992791eb.tar.xz freeipa-29ec63c3813cee5fa8d8b1e9ad032a89992791eb.zip | |
Skip the cert validator if the csr we are passed in is a valid filename
The validator will still fire, just after the load_files() call. Basically
it will hit the validator twice. The first time it will exit because the
value of csr is a filename. The second time it will run the validator against
the contents of the file.
ticket https://fedorahosted.org/freeipa/ticket/1777
| -rw-r--r-- | API.txt | 2 | ||||
| -rw-r--r-- | ipalib/plugins/cert.py | 7 |
2 files changed, 8 insertions, 1 deletions
@@ -420,7 +420,7 @@ arg: Str('serial_number', validate_serial_number, label=Gettext('Serial number', output: Output('result', None, None) command: cert_request args: 1,3,1 -arg: File('csr', validate_csr, cli_name='csr_file', normalizer=normalize_csr) +arg: File('csr', validate_csr, cli_name='csr_file', label=Gettext('CSR', domain='ipa', localedir=None), normalizer=normalize_csr) option: Str('principal', label=Gettext('Principal', domain='ipa', localedir=None)) option: Str('request_type', autofill=True, default=u'pkcs10') option: Flag('add', autofill=True, default=False) diff --git a/ipalib/plugins/cert.py b/ipalib/plugins/cert.py index e32004e54..aa3cf2197 100644 --- a/ipalib/plugins/cert.py +++ b/ipalib/plugins/cert.py @@ -23,6 +23,7 @@ from ipalib import api, SkipPluginModule if api.env.enable_ra is not True: # In this case, abort loading this plugin module... raise SkipPluginModule(reason='env.enable_ra is not True') +import os from ipalib import Command, Str, Int, Bytes, Flag, File from ipalib import errors from ipalib import pkcs10 @@ -129,6 +130,11 @@ def validate_csr(ugettext, csr): Ensure the CSR is base64-encoded and can be decoded by our PKCS#10 parser. """ + if api.env.context == 'cli': + # If we are passed in a pointer to a valid file on the client side + # escape and let the load_files() handle things + if csr and os.path.exists(csr): + return try: request = pkcs10.load_certificate_request(csr) except TypeError, e: @@ -203,6 +209,7 @@ class cert_request(VirtualCommand): takes_args = ( File('csr', validate_csr, + label=_('CSR'), cli_name='csr_file', normalizer=normalize_csr, ), |