summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2011-09-13 14:25:16 -0400
committerMartin Kosek <mkosek@redhat.com>2011-09-14 18:27:05 +0200
commit29ec63c3813cee5fa8d8b1e9ad032a89992791eb (patch)
tree4f6f3eee85b1ffd538f0aea262dcbad517a19eb5
parentba1bdda25f1345fe015b3ba0abc6996bee223d35 (diff)
downloadfreeipa-29ec63c3813cee5fa8d8b1e9ad032a89992791eb.tar.gz
freeipa-29ec63c3813cee5fa8d8b1e9ad032a89992791eb.tar.xz
freeipa-29ec63c3813cee5fa8d8b1e9ad032a89992791eb.zip
Skip the cert validator if the csr we are passed in is a valid filename
The validator will still fire, just after the load_files() call. Basically it will hit the validator twice. The first time it will exit because the value of csr is a filename. The second time it will run the validator against the contents of the file. ticket https://fedorahosted.org/freeipa/ticket/1777
-rw-r--r--API.txt2
-rw-r--r--ipalib/plugins/cert.py7
2 files changed, 8 insertions, 1 deletions
diff --git a/API.txt b/API.txt
index 98c1c5e4b..ba573a7aa 100644
--- a/API.txt
+++ b/API.txt
@@ -420,7 +420,7 @@ arg: Str('serial_number', validate_serial_number, label=Gettext('Serial number',
output: Output('result', None, None)
command: cert_request
args: 1,3,1
-arg: File('csr', validate_csr, cli_name='csr_file', normalizer=normalize_csr)
+arg: File('csr', validate_csr, cli_name='csr_file', label=Gettext('CSR', domain='ipa', localedir=None), normalizer=normalize_csr)
option: Str('principal', label=Gettext('Principal', domain='ipa', localedir=None))
option: Str('request_type', autofill=True, default=u'pkcs10')
option: Flag('add', autofill=True, default=False)
diff --git a/ipalib/plugins/cert.py b/ipalib/plugins/cert.py
index e32004e54..aa3cf2197 100644
--- a/ipalib/plugins/cert.py
+++ b/ipalib/plugins/cert.py
@@ -23,6 +23,7 @@ from ipalib import api, SkipPluginModule
if api.env.enable_ra is not True:
# In this case, abort loading this plugin module...
raise SkipPluginModule(reason='env.enable_ra is not True')
+import os
from ipalib import Command, Str, Int, Bytes, Flag, File
from ipalib import errors
from ipalib import pkcs10
@@ -129,6 +130,11 @@ def validate_csr(ugettext, csr):
Ensure the CSR is base64-encoded and can be decoded by our PKCS#10
parser.
"""
+ if api.env.context == 'cli':
+ # If we are passed in a pointer to a valid file on the client side
+ # escape and let the load_files() handle things
+ if csr and os.path.exists(csr):
+ return
try:
request = pkcs10.load_certificate_request(csr)
except TypeError, e:
@@ -203,6 +209,7 @@ class cert_request(VirtualCommand):
takes_args = (
File('csr', validate_csr,
+ label=_('CSR'),
cli_name='csr_file',
normalizer=normalize_csr,
),