diff options
author | Jason Gerard DeRose <jderose@redhat.com> | 2009-02-10 00:47:27 -0700 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2009-02-17 16:03:09 -0500 |
commit | 80df8f6e1579d3e53f0aeeb1730c842c07960efe (patch) | |
tree | 3819d98e13475b4bb30232a15f52cd63dcc156b7 /ipaserver | |
parent | 1518772d7551aa8eacfdcc4c733393e018178a93 (diff) | |
download | freeipa-80df8f6e1579d3e53f0aeeb1730c842c07960efe.tar.gz freeipa-80df8f6e1579d3e53f0aeeb1730c842c07960efe.tar.xz freeipa-80df8f6e1579d3e53f0aeeb1730c842c07960efe.zip |
Some cleanup in ra.request_certificate()
Diffstat (limited to 'ipaserver')
-rw-r--r-- | ipaserver/plugins/ra.py | 85 |
1 files changed, 41 insertions, 44 deletions
diff --git a/ipaserver/plugins/ra.py b/ipaserver/plugins/ra.py index ece784815..107f8dfab 100644 --- a/ipaserver/plugins/ra.py +++ b/ipaserver/plugins/ra.py @@ -154,7 +154,9 @@ class ra(Backend): '-r', url, # url '%s:%d' % (self.env.ca_host, self.env.ca_ssl_port), ] - return self.__run(argv) + (returncode, stdout, stderr) = self.__run(argv) + self.debug('sslget response %s', stdout) + return (returncode, stdout, stderr) def get_certificate(self, serial_number=None): """ @@ -167,6 +169,7 @@ class ra(Backend): (returncode, stdout, stderr) = self._sslget( '/ca/agent/ca/displayBySerial', serialNumber=serial_number, + xmlOutput='true', ) self.debug("IPA-RA: returncode: %d" % returncode) response = {} @@ -191,55 +194,49 @@ class ra(Backend): response['status'] = str(-returncode) return response - def request_certificate(self, certificate_request=None, request_type="pkcs10"): + def request_certificate(self, csr, request_type='pkcs10'): """ - Submit certificate request - :param certificate_request: certificate request - :param request_type: request type + Submit certificate signing request. + + :param csr: The certificate signing request. + :param request_type: The request type (defaults to ``'pkcs10'``). """ self.debug("IPA-RA: request_certificate") certificate = None + (returncode, stdout, stderr) = self._sslget( + '/ca/ee/ca/profileSubmit', + profileId='caRAserverCert', + cert_request_type=request_type, + cert_request=csr, + xmlOutput='true', + ) return_values = {} - if request_type is None: - request_type="pkcs10" - if certificate_request is not None: - request = quote(certificate_request) - request_info = "profileId=caRAserverCert&cert_request_type="+request_type+"&cert_request="+request+"&xmlOutput=true" - (returncode, stdout, stderr) = self.__run_sslget([ - '-e', - request_info, - '-r', - '/ca/ee/ca/profileSubmit', - '%s:%d' % (self.env.ca_host, self.env.ca_ssl_port), - ]) - self.debug("IPA-RA: returncode: %d" % returncode) - if (returncode == 0): - status = self.__find_substring(stdout, "<Status>", "</Status>") - if status is not None: - self.debug ("status=%s" % status) - return_values["status"] = status - request_id = self.__find_substring(stdout, "<Id>", "</Id>") - if request_id is not None: - self.debug ("request_id=%s" % request_id) - return_values["request_id"] = request_id - serial_number = self.__find_substring(stdout, "<serialno>", "</serialno>") - if serial_number is not None: - self.debug ("serial_number=%s" % serial_number) - return_values["serial_number"] = ("0x%s" % serial_number) - subject = self.__find_substring(stdout, "<SubjectDN>", "</SubjectDN>") - if subject is not None: - self.debug ("subject=%s" % subject) - return_values["subject"] = subject - certificate = self.__find_substring(stdout, "<b64>", "</b64>") - if certificate is not None: - self.debug ("certificate=%s" % certificate) - return_values["certificate"] = certificate - if return_values.has_key("status") is False: - return_values["status"] = "2" - else: - return_values["status"] = str(-returncode) + self.debug("IPA-RA: returncode: %d" % returncode) + if (returncode == 0): + status = self.__find_substring(stdout, "<Status>", "</Status>") + if status is not None: + self.debug ("status=%s" % status) + return_values["status"] = status + request_id = self.__find_substring(stdout, "<Id>", "</Id>") + if request_id is not None: + self.debug ("request_id=%s" % request_id) + return_values["request_id"] = request_id + serial_number = self.__find_substring(stdout, "<serialno>", "</serialno>") + if serial_number is not None: + self.debug ("serial_number=%s" % serial_number) + return_values["serial_number"] = ("0x%s" % serial_number) + subject = self.__find_substring(stdout, "<SubjectDN>", "</SubjectDN>") + if subject is not None: + self.debug ("subject=%s" % subject) + return_values["subject"] = subject + certificate = self.__find_substring(stdout, "<b64>", "</b64>") + if certificate is not None: + self.debug ("certificate=%s" % certificate) + return_values["certificate"] = certificate + if return_values.has_key("status") is False: + return_values["status"] = "2" else: - return_values["status"] = "1" + return_values["status"] = str(-returncode) return return_values |