diff options
author | Rob Crittenden <rcritten@redhat.com> | 2009-05-21 17:34:00 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2009-05-21 17:34:00 -0400 |
commit | 13696ae18ba64beec92e0cee2c0f837fd19384e3 (patch) | |
tree | 22fce7ce36d80df1bb486fcda73be99d14d9524d /ipapython | |
parent | eec367b0c84ccb483388dc1b8c3c29202bd5236c (diff) | |
download | freeipa-13696ae18ba64beec92e0cee2c0f837fd19384e3.tar.gz freeipa-13696ae18ba64beec92e0cee2c0f837fd19384e3.tar.xz freeipa-13696ae18ba64beec92e0cee2c0f837fd19384e3.zip |
Raise an exception if the certificate chain is not returned from the CA
Diffstat (limited to 'ipapython')
-rw-r--r-- | ipapython/dogtag.py | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/ipapython/dogtag.py b/ipapython/dogtag.py index d0afbb122..684754f44 100644 --- a/ipapython/dogtag.py +++ b/ipapython/dogtag.py @@ -17,7 +17,7 @@ # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # -from ipalib import api +from ipalib import api, errors import httplib import xml.dom.minidom @@ -31,11 +31,20 @@ def get_ca_certchain(): res = conn.getresponse() if res.status == 200: data = res.read() - - doc = xml.dom.minidom.parseString(data) - item_node = doc.getElementsByTagName("ChainBase64") - chain = item_node[0].childNodes[0].data - doc.unlink() conn.close() + try: + doc = xml.dom.minidom.parseString(data) + try: + item_node = doc.getElementsByTagName("ChainBase64") + chain = item_node[0].childNodes[0].data + except IndexError: + try: + item_node = doc.getElementsByTagName("Error") + reason = item_node[0].childNodes[0].data + raise errors.RemoteRetrieveError(reason=reason) + except: + raise errors.RemoteRetrieveError(reason="Retrieving CA cert chain failed") + finally: + doc.unlink() return chain |