diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2010-06-24 11:40:02 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2010-07-15 10:51:49 -0400 |
| commit | 8d2d7429beb6bf66cb3c4fc35a7a3dbb165a432c (patch) | |
| tree | c364bfb5b5926a165f1e6bc29e355131636afe45 /ipalib/plugins/host.py | |
| parent | 1e1985b17c3988056bef045fa84a9c7aaf0c4c65 (diff) | |
| download | freeipa.git-8d2d7429beb6bf66cb3c4fc35a7a3dbb165a432c.tar.gz freeipa.git-8d2d7429beb6bf66cb3c4fc35a7a3dbb165a432c.tar.xz freeipa.git-8d2d7429beb6bf66cb3c4fc35a7a3dbb165a432c.zip | |
Clean up crypto code, take advantage of new nss-python capabilities
This patch does the following:
- drops our in-tree x509v3 parser to use the python-nss one
- return more information on certificates
- make an API change, renaming cert-get to cert-show
- Drop a lot of duplicated code
Diffstat (limited to 'ipalib/plugins/host.py')
| -rw-r--r-- | ipalib/plugins/host.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py index b0d7289a..b42cbbcb 100644 --- a/ipalib/plugins/host.py +++ b/ipalib/plugins/host.py @@ -71,8 +71,8 @@ from ipalib import Str, Flag, Bytes from ipalib.plugins.baseldap import * from ipalib.plugins.service import split_principal from ipalib.plugins.service import validate_certificate -from ipalib.plugins.service import get_serial from ipalib import _, ngettext +from ipalib import x509 import base64 @@ -291,10 +291,10 @@ class host_mod(LDAPUpdate): if 'usercertificate' in entry_attrs_old: # FIXME: what to do here? do we revoke the old cert? fmt = 'entry already has a certificate, serial number: %s' % ( - get_serial(entry_attrs_old['usercertificate']) + x509.get_serial_number(entry_attrs_old['usercertificate'][0], x509.DER) ) raise errors.GenericError(format=fmt) - # FIXME: should be in normalizer; see service_add + # FIXME: decoding should be in normalizer; see service_add entry_attrs['usercertificate'] = base64.b64decode(cert) return dn |