diff options
| -rw-r--r-- | ipalib/errors.py | 8 | ||||
| -rw-r--r-- | ipalib/plugins/service.py | 13 |
2 files changed, 18 insertions, 3 deletions
diff --git a/ipalib/errors.py b/ipalib/errors.py index d94d2b070..d1d39a378 100644 --- a/ipalib/errors.py +++ b/ipalib/errors.py @@ -746,6 +746,14 @@ class PasswordMismatch(InvocationError): errno = 3011 format = _('Passwords do not match') +class NotImplementedError(InvocationError): + """ + **3012** Raise when a function hasn't been implemented. + """ + + errno = 3012 + format = _('Command not implemented') + ############################################################################## # 4000 - 4999: Execution errors diff --git a/ipalib/plugins/service.py b/ipalib/plugins/service.py index c88695e42..93b9e2b70 100644 --- a/ipalib/plugins/service.py +++ b/ipalib/plugins/service.py @@ -27,15 +27,18 @@ from ipalib import api, errors from ipalib import Str, Flag, Bytes from ipalib.plugins.baseldap import * from ipalib import x509 +from pyasn1.error import PyAsn1Error def get_serial(certificate): """ Given a certificate, return the serial number in that cert. """ + if type(certificate) in (list, tuple): + certificate = certificate[0] try: - serial = str(x509.get_serial_number(certificate)) - except crypto.Error: + serial = str(x509.get_serial_number(certificate, type=x509.DER)) + except PyAsn1Error: raise errors.GenericError( format='Unable to decode certificate in entry' ) @@ -186,7 +189,11 @@ class service_del(LDAPDelete): cert = entry_attrs.get('usercertificate') if cert: serial = unicode(get_serial(cert)) - self.api.Command['cert_revoke'](serial, revocation_reason=5) + try: + self.api.Command['cert_revoke'](serial, revocation_reason=5) + except errors.NotImplementedError: + # selfsign CA doesn't do revocation + pass return dn api.register(service_del) |