summaryrefslogtreecommitdiffstats
path: root/ipaserver
diff options
context:
space:
mode:
authorJason Gerard DeRose <jderose@redhat.com>2009-02-10 00:47:27 -0700
committerRob Crittenden <rcritten@redhat.com>2009-02-17 16:03:09 -0500
commit80df8f6e1579d3e53f0aeeb1730c842c07960efe (patch)
tree3819d98e13475b4bb30232a15f52cd63dcc156b7 /ipaserver
parent1518772d7551aa8eacfdcc4c733393e018178a93 (diff)
downloadfreeipa-80df8f6e1579d3e53f0aeeb1730c842c07960efe.tar.gz
freeipa-80df8f6e1579d3e53f0aeeb1730c842c07960efe.tar.xz
freeipa-80df8f6e1579d3e53f0aeeb1730c842c07960efe.zip
Some cleanup in ra.request_certificate()
Diffstat (limited to 'ipaserver')
-rw-r--r--ipaserver/plugins/ra.py85
1 files changed, 41 insertions, 44 deletions
diff --git a/ipaserver/plugins/ra.py b/ipaserver/plugins/ra.py
index ece784815..107f8dfab 100644
--- a/ipaserver/plugins/ra.py
+++ b/ipaserver/plugins/ra.py
@@ -154,7 +154,9 @@ class ra(Backend):
'-r', url, # url
'%s:%d' % (self.env.ca_host, self.env.ca_ssl_port),
]
- return self.__run(argv)
+ (returncode, stdout, stderr) = self.__run(argv)
+ self.debug('sslget response %s', stdout)
+ return (returncode, stdout, stderr)
def get_certificate(self, serial_number=None):
"""
@@ -167,6 +169,7 @@ class ra(Backend):
(returncode, stdout, stderr) = self._sslget(
'/ca/agent/ca/displayBySerial',
serialNumber=serial_number,
+ xmlOutput='true',
)
self.debug("IPA-RA: returncode: %d" % returncode)
response = {}
@@ -191,55 +194,49 @@ class ra(Backend):
response['status'] = str(-returncode)
return response
- def request_certificate(self, certificate_request=None, request_type="pkcs10"):
+ def request_certificate(self, csr, request_type='pkcs10'):
"""
- Submit certificate request
- :param certificate_request: certificate request
- :param request_type: request type
+ Submit certificate signing request.
+
+ :param csr: The certificate signing request.
+ :param request_type: The request type (defaults to ``'pkcs10'``).
"""
self.debug("IPA-RA: request_certificate")
certificate = None
+ (returncode, stdout, stderr) = self._sslget(
+ '/ca/ee/ca/profileSubmit',
+ profileId='caRAserverCert',
+ cert_request_type=request_type,
+ cert_request=csr,
+ xmlOutput='true',
+ )
return_values = {}
- if request_type is None:
- request_type="pkcs10"
- if certificate_request is not None:
- request = quote(certificate_request)
- request_info = "profileId=caRAserverCert&cert_request_type="+request_type+"&cert_request="+request+"&xmlOutput=true"
- (returncode, stdout, stderr) = self.__run_sslget([
- '-e',
- request_info,
- '-r',
- '/ca/ee/ca/profileSubmit',
- '%s:%d' % (self.env.ca_host, self.env.ca_ssl_port),
- ])
- self.debug("IPA-RA: returncode: %d" % returncode)
- if (returncode == 0):
- status = self.__find_substring(stdout, "<Status>", "</Status>")
- if status is not None:
- self.debug ("status=%s" % status)
- return_values["status"] = status
- request_id = self.__find_substring(stdout, "<Id>", "</Id>")
- if request_id is not None:
- self.debug ("request_id=%s" % request_id)
- return_values["request_id"] = request_id
- serial_number = self.__find_substring(stdout, "<serialno>", "</serialno>")
- if serial_number is not None:
- self.debug ("serial_number=%s" % serial_number)
- return_values["serial_number"] = ("0x%s" % serial_number)
- subject = self.__find_substring(stdout, "<SubjectDN>", "</SubjectDN>")
- if subject is not None:
- self.debug ("subject=%s" % subject)
- return_values["subject"] = subject
- certificate = self.__find_substring(stdout, "<b64>", "</b64>")
- if certificate is not None:
- self.debug ("certificate=%s" % certificate)
- return_values["certificate"] = certificate
- if return_values.has_key("status") is False:
- return_values["status"] = "2"
- else:
- return_values["status"] = str(-returncode)
+ self.debug("IPA-RA: returncode: %d" % returncode)
+ if (returncode == 0):
+ status = self.__find_substring(stdout, "<Status>", "</Status>")
+ if status is not None:
+ self.debug ("status=%s" % status)
+ return_values["status"] = status
+ request_id = self.__find_substring(stdout, "<Id>", "</Id>")
+ if request_id is not None:
+ self.debug ("request_id=%s" % request_id)
+ return_values["request_id"] = request_id
+ serial_number = self.__find_substring(stdout, "<serialno>", "</serialno>")
+ if serial_number is not None:
+ self.debug ("serial_number=%s" % serial_number)
+ return_values["serial_number"] = ("0x%s" % serial_number)
+ subject = self.__find_substring(stdout, "<SubjectDN>", "</SubjectDN>")
+ if subject is not None:
+ self.debug ("subject=%s" % subject)
+ return_values["subject"] = subject
+ certificate = self.__find_substring(stdout, "<b64>", "</b64>")
+ if certificate is not None:
+ self.debug ("certificate=%s" % certificate)
+ return_values["certificate"] = certificate
+ if return_values.has_key("status") is False:
+ return_values["status"] = "2"
else:
- return_values["status"] = "1"
+ return_values["status"] = str(-returncode)
return return_values