diff options
| author | Jan Cholasta <jcholast@redhat.com> | 2013-06-03 09:14:21 +0200 |
|---|---|---|
| committer | Petr Viktorin <pviktori@redhat.com> | 2013-06-12 12:59:54 +0200 |
| commit | 1e772b18451d64e1ece8577abd15afe532432199 (patch) | |
| tree | fc7360cfd2e40b0bcb04463e05b9c06efe38b802 /ipaserver/install/installutils.py | |
| parent | 6b556235266a71eb3f03acaab869a1757534274a (diff) | |
| download | freeipa.git-1e772b18451d64e1ece8577abd15afe532432199.tar.gz freeipa.git-1e772b18451d64e1ece8577abd15afe532432199.tar.xz freeipa.git-1e772b18451d64e1ece8577abd15afe532432199.zip | |
Handle exceptions gracefully when verifying PKCS#12 files.
https://fedorahosted.org/freeipa/ticket/3667
Diffstat (limited to 'ipaserver/install/installutils.py')
| -rw-r--r-- | ipaserver/install/installutils.py | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py index a568eae7..830a78a8 100644 --- a/ipaserver/install/installutils.py +++ b/ipaserver/install/installutils.py @@ -720,7 +720,10 @@ def check_pkcs12(pkcs12_info, ca_file, hostname): # Import the CA cert first so it has a known nickname # (if it's present in the PKCS#12 it won't be overwritten) ca_cert_name = 'The Root CA' - nssdb.import_pem_cert(ca_cert_name, "CT,C,C", ca_file) + try: + nssdb.import_pem_cert(ca_cert_name, "CT,C,C", ca_file) + except ValueError, e: + raise ScriptError(str(e)) # Import everything in the PKCS#12 nssdb.import_pkcs12(pkcs12_filename, db_pwd_file.name, pin_filename) |