From af20a1a2da19a43d2dd7a28c596c0e2f908e8d3e Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Thu, 17 Dec 2009 11:30:14 -0500
Subject: Handle base64-encoded certificates better, import missing function

---
 ipalib/plugins/cert.py    | 5 +++++
 ipalib/plugins/host.py    | 1 +
 ipalib/plugins/service.py | 5 +++++
 3 files changed, 11 insertions(+)

diff --git a/ipalib/plugins/cert.py b/ipalib/plugins/cert.py
index 21d0ebcd..a7cd4155 100644
--- a/ipalib/plugins/cert.py
+++ b/ipalib/plugins/cert.py
@@ -53,6 +53,11 @@ def get_serial(certificate):
     if type(certificate) in (list, tuple):
         certificate = certificate[0]
     try:
+        certificate = base64.b64decode(certificate)
+    except Exception, e:
+        pass
+    try:
+
         serial = x509.get_serial_number(certificate)
     except PyAsn1Error:
         raise errors.CertificateOperationError(error=_('Unable to decode certificate in entry'))
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index 3d59be7c..6c76f518 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -30,6 +30,7 @@ from ipalib import Str, Flag, Bytes
 from ipalib.plugins.baseldap import *
 from ipalib.plugins.service import split_principal
 from ipalib.plugins.service import validate_certificate
+from ipalib.plugins.service import get_serial
 from ipalib import _, ngettext
 import base64
 
diff --git a/ipalib/plugins/service.py b/ipalib/plugins/service.py
index f65ab3eb..8c962f09 100644
--- a/ipalib/plugins/service.py
+++ b/ipalib/plugins/service.py
@@ -37,6 +37,11 @@ def get_serial(certificate):
     """
     if type(certificate) in (list, tuple):
         certificate = certificate[0]
+    try:
+        certificate = base64.b64decode(certificate)
+    except Exception:
+        pass
+
     try:
         serial = x509.get_serial_number(certificate, type=x509.DER)
     except PyAsn1Error:
-- 
cgit