summaryrefslogtreecommitdiffstats
path: root/ipaserver
diff options
context:
space:
mode:
authorJohn Dennis <jdennis@redhat.com>2010-05-31 07:40:17 -0400
committerRob Crittenden <rcritten@redhat.com>2010-06-15 15:03:36 -0400
commit31027c6183e3df927b08f0f0b7f84ae7420c3e88 (patch)
tree80c6f3d84f18b02b1afb52ce364ec57bdeb06802 /ipaserver
parent1dd7b11b0b5697f86f4d486fbe9509484ae2065a (diff)
downloadfreeipa-31027c6183e3df927b08f0f0b7f84ae7420c3e88.tar.gz
freeipa-31027c6183e3df927b08f0f0b7f84ae7420c3e88.tar.xz
freeipa-31027c6183e3df927b08f0f0b7f84ae7420c3e88.zip
use NSS for SSL operations
Diffstat (limited to 'ipaserver')
-rw-r--r--ipaserver/install/cainstance.py24
-rw-r--r--ipaserver/install/certs.py24
2 files changed, 0 insertions, 48 deletions
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index 90028b41d..035d6315f 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -125,30 +125,6 @@ def import_pkcs12(input_file, input_passwd, cert_database,
"-k", cert_passwd,
"-w", input_passwd])
-def client_auth_data_callback(ca_names, chosen_nickname, password, certdb):
- cert = None
- if chosen_nickname:
- try:
- cert = nss.find_cert_from_nickname(chosen_nickname, password)
- priv_key = nss.find_key_by_any_cert(cert, password)
- return cert, priv_key
- except NSPRError, e:
- logging.debug("client auth callback failed %s" % str(e))
- return False
- else:
- nicknames = nss.get_cert_nicknames(certdb, nss.SEC_CERT_NICKNAMES_USER)
- for nickname in nicknames:
- try:
- cert = nss.find_cert_from_nickname(nickname, password)
- if cert.check_valid_times():
- if cert.has_signer_in_ca_names(ca_names):
- priv_key = nss.find_key_by_any_cert(cert, password)
- return cert, priv_key
- except NSPRError, e:
- logging.debug("client auth callback failed %s" % str(e))
- return False
- return False
-
def get_value(s):
"""
Parse out a name/value pair from a Javascript variable.
diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py
index 6fb012919..cf89c22f0 100644
--- a/ipaserver/install/certs.py
+++ b/ipaserver/install/certs.py
@@ -60,30 +60,6 @@ def ipa_self_signed():
else:
return False
-def client_auth_data_callback(ca_names, chosen_nickname, password, certdb):
- cert = None
- if chosen_nickname:
- try:
- cert = nss.find_cert_from_nickname(chosen_nickname, password)
- priv_key = nss.find_key_by_any_cert(cert, password)
- return cert, priv_key
- except NSPRError, e:
- logging.debug("client auth callback failed %s" % str(e))
- return False
- else:
- nicknames = nss.get_cert_nicknames(certdb, nss.SEC_CERT_NICKNAMES_USER)
- for nickname in nicknames:
- try:
- cert = nss.find_cert_from_nickname(nickname, password)
- if cert.check_valid_times():
- if cert.has_signer_in_ca_names(ca_names):
- priv_key = nss.find_key_by_any_cert(cert, password)
- return cert, priv_key
- except NSPRError, e:
- logging.debug("client auth callback failed %s" % str(e))
- return False
- return False
-
def find_cert_from_txt(cert, start=0):
"""
Given a cert blob (str) which may or may not contian leading and