diff options
author | Fraser Tweedale <ftweedal@redhat.com> | 2015-06-03 02:49:28 -0400 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2015-06-03 17:53:56 +0000 |
commit | 62e98671142cbc30366109a2a1b631c1ef0cae5c (patch) | |
tree | f281d7f578b57c977f18f7205d621e2fbca2348c /ipalib/plugins | |
parent | b6924c00ab0ebeaeb62a2ebfbf1ba04494713c5e (diff) | |
download | freeipa-62e98671142cbc30366109a2a1b631c1ef0cae5c.tar.gz freeipa-62e98671142cbc30366109a2a1b631c1ef0cae5c.tar.xz freeipa-62e98671142cbc30366109a2a1b631c1ef0cae5c.zip |
Fix certificate management with service-mod
Adding or removing certificates from a service via --addattr or
--delattr is broken. Get certificates from entry_attrs instead of
options.
https://fedorahosted.org/freeipa/ticket/4238
Reviewed-By: Martin Basti <mbasti@redhat.com>
Diffstat (limited to 'ipalib/plugins')
-rw-r--r-- | ipalib/plugins/service.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ipalib/plugins/service.py b/ipalib/plugins/service.py index d8bd03523..2d34eac7d 100644 --- a/ipalib/plugins/service.py +++ b/ipalib/plugins/service.py @@ -598,7 +598,7 @@ class service_mod(LDAPUpdate): (service, hostname, realm) = split_principal(keys[-1]) # verify certificates - certs = options.get('usercertificate') or [] + certs = entry_attrs.get('usercertificate') or [] certs_der = map(x509.normalize_certificate, certs) for dercert in certs_der: x509.verify_cert_subject(ldap, hostname, dercert) |