Fix IssuerDN presence check in cert search result

When checking for presence of IssuerDN in certificate search result, we mistakenly check for the presence of the SubjectDN field, then unsafely index into the IssuerDN field. Check the presence of IssuerDN correctly. Part of: https://fedorahosted.org/freeipa/ticket/4559 Reviewed-By: Martin Basti <mbasti@redhat.com>
author: Fraser Tweedale <ftweedal@redhat.com> 2016-06-27 16:26:24 +1000
committer: Martin Basti <mbasti@redhat.com> 2016-06-27 13:11:57 +0200
commit: 47d33f36507d7af16daff5b9f7e4b4acfc6d963b (patch)
tree: 8603de59ce5c19d37b7ca451c57a2b21a063d2bf
parent: 9392b212719032a694ff47ae8802b46f9f58e718 (diff)
download: freeipa-47d33f36507d7af16daff5b9f7e4b4acfc6d963b.tar.gz
freeipa-47d33f36507d7af16daff5b9f7e4b4acfc6d963b.tar.xz
freeipa-47d33f36507d7af16daff5b9f7e4b4acfc6d963b.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py
index 919ecfeac..aef1e888e 100644
--- a/ipaserver/plugins/dogtag.py
+++ b/ipaserver/plugins/dogtag.py
@@ -1903,7 +1903,7 @@ class ra(rabase.rabase):
                 response_request['subject'] = unicode(dn[0].text)
 
             issuer_dn = cert.xpath('IssuerDN')
-            if len(dn) == 1:
+            if len(issuer_dn) == 1:
                 response_request['issuer'] = unicode(issuer_dn[0].text)
 
             status = cert.xpath('Status')
author	Fraser Tweedale <ftweedal@redhat.com>	2016-06-27 16:26:24 +1000
committer	Martin Basti <mbasti@redhat.com>	2016-06-27 13:11:57 +0200
commit	47d33f36507d7af16daff5b9f7e4b4acfc6d963b (patch)
tree	8603de59ce5c19d37b7ca451c57a2b21a063d2bf
parent	9392b212719032a694ff47ae8802b46f9f58e718 (diff)
download	freeipa-47d33f36507d7af16daff5b9f7e4b4acfc6d963b.tar.gz freeipa-47d33f36507d7af16daff5b9f7e4b4acfc6d963b.tar.xz freeipa-47d33f36507d7af16daff5b9f7e4b4acfc6d963b.zip