diff options
author | Rob Crittenden <rcritten@redhat.com> | 2011-06-08 10:54:41 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2011-06-21 19:09:50 -0400 |
commit | dd69c7dbe68e8f8674994a54ea913f2dd2e52c32 (patch) | |
tree | 5fdc303354eb26a1d2cd206c81babdc73e8d51b9 /ipalib/plugins/cert.py | |
parent | 3a36eced53e540fe8f2b23eadf7dffda080324de (diff) | |
download | freeipa-dd69c7dbe68e8f8674994a54ea913f2dd2e52c32.tar.gz freeipa-dd69c7dbe68e8f8674994a54ea913f2dd2e52c32.tar.xz freeipa-dd69c7dbe68e8f8674994a54ea913f2dd2e52c32.zip |
Make data type of certificates more obvious/predictable internally.
For the most part certificates will be treated as being in DER format.
When we load a certificate we will generally accept it in any format but
will convert it to DER before proceeding in normalize_certificate().
This also re-arranges a bit of code to pull some certificate-specific
functions out of ipalib/plugins/service.py into ipalib/x509.py.
This also tries to use variable names to indicate what format the certificate
is in at any given point:
dercert: DER
cert: PEM
nsscert: a python-nss Certificate object
rawcert: unknown format
ticket 32
Diffstat (limited to 'ipalib/plugins/cert.py')
-rw-r--r-- | ipalib/plugins/cert.py | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/ipalib/plugins/cert.py b/ipalib/plugins/cert.py index 647a2e526..643e1cdd2 100644 --- a/ipalib/plugins/cert.py +++ b/ipalib/plugins/cert.py @@ -87,10 +87,9 @@ from ipalib import Command, Str, Int, Bytes, Flag, File from ipalib import errors from ipalib import pkcs10 from ipalib import x509 +from ipalib import util from ipalib.plugins.virtual import * from ipalib.plugins.service import split_principal -from ipalib.plugins.service import make_pem, check_writable_file -from ipalib.plugins.service import write_certificate import base64 import logging import traceback @@ -501,10 +500,10 @@ class cert_show(VirtualCommand): def forward(self, *keys, **options): if 'out' in options: - check_writable_file(options['out']) + util.check_writable_file(options['out']) result = super(cert_show, self).forward(*keys, **options) if 'certificate' in result['result']: - write_certificate(result['result']['certificate'], options['out']) + x509.write_certificate(result['result']['certificate'], options['out']) return result else: raise errors.NoCertificateError(entry=keys[-1]) |