From 59c4aba883edcc26d42a490ed7f34662067305e0 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Thu, 4 Jul 2013 15:46:05 +0000
Subject: Remove unused NSSDatabase and CertDB method
 find_root_cert_from_pkcs12.

https://fedorahosted.org/freeipa/ticket/3641
---
 ipaserver/install/certs.py | 44 --------------------------------------------
 1 file changed, 44 deletions(-)

(limited to 'ipaserver/install/certs.py')

diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py
index 8d7b7d0d3..7ad4c5087 100644
--- a/ipaserver/install/certs.py
+++ b/ipaserver/install/certs.py
@@ -194,46 +194,6 @@ class NSSDatabase(object):
                 raise RuntimeError("unknown error import pkcs#12 file %s" %
                     pkcs12_filename)
 
-    def find_root_cert_from_pkcs12(self, pkcs12_fname, passwd_fname=None):
-        """Given a PKCS#12 file, try to find any certificates that do
-           not have a key. The assumption is that these are the root CAs.
-        """
-        args = ["/usr/bin/pk12util", "-d", self.secdir,
-                "-l", pkcs12_fname,
-                "-k", passwd_fname]
-        if passwd_fname:
-            args = args + ["-w", passwd_fname]
-        try:
-            (stdout, stderr, returncode) = ipautil.run(args)
-        except ipautil.CalledProcessError, e:
-            if e.returncode == 17:
-                raise RuntimeError("incorrect password for pkcs#12 file")
-            elif e.returncode == 10:
-                raise RuntimeError("Failed to open %s" % pkcs12_fname)
-            else:
-                raise RuntimeError("unknown error using pkcs#12 file")
-
-        lines = stdout.split('\n')
-
-        # A simple state machine.
-        # 1 = looking for a line starting with 'Certificate'
-        # 2 = looking for the Friendly name (nickname)
-        nicknames = []
-        state = 1
-        for line in lines:
-            if state == 2:
-                m = re.match("\W+Friendly Name: (.*)", line)
-                if m:
-                    nicknames.append( m.groups(0)[0])
-                    state = 1
-            if line == "Certificate:":
-                state = 2
-            elif line and not line.startswith(' '):
-                # Top-level item that is not a certificate
-                state = 1
-
-        return nicknames
-
     def trust_root_cert(self, root_nickname):
         if root_nickname[:7] == "Builtin":
             root_logger.debug(
@@ -791,10 +751,6 @@ class CertDB(object):
 
         return root_nicknames
 
-    def find_root_cert_from_pkcs12(self, pkcs12_fname, passwd_fname=None):
-        return self.nssdb.find_root_cert_from_pkcs12(pkcs12_fname,
-                                                     passwd_fname=passwd_fname)
-
     def trust_root_cert(self, root_nickname):
         if root_nickname is None:
             root_logger.debug("Unable to identify root certificate to trust. Continuing but things are likely to fail.")
-- 
cgit