diff options
| author | Christian Heimes <cheimes@redhat.com> | 2017-03-01 11:19:08 +0100 |
|---|---|---|
| committer | Martin Basti <mbasti@redhat.com> | 2017-03-01 15:58:59 +0100 |
| commit | 88fd936a761dfce099c4b03529d679256c9860d6 (patch) | |
| tree | 8632b6210c2ab8a268677e7f668d9fc69be3aed9 | |
| parent | 612ea7f66e102c57c2b213eff99ad8f1c91e59a5 (diff) | |
| download | freeipa-88fd936a761dfce099c4b03529d679256c9860d6.tar.gz freeipa-88fd936a761dfce099c4b03529d679256c9860d6.tar.xz freeipa-88fd936a761dfce099c4b03529d679256c9860d6.zip | |
Remove NSPRError exception from platform tasks
ipalib.x509 no longer raises NSPRError. PyCA cryptography raises
ValueError for invalid certs.
https://fedorahosted.org/freeipa/ticket/5695
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
| -rw-r--r-- | ipaplatform/redhat/tasks.py | 8 | ||||
| -rw-r--r-- | ipaplatform/setup.py | 1 |
2 files changed, 4 insertions, 5 deletions
diff --git a/ipaplatform/redhat/tasks.py b/ipaplatform/redhat/tasks.py index 123595eb8..8f9b39bf8 100644 --- a/ipaplatform/redhat/tasks.py +++ b/ipaplatform/redhat/tasks.py @@ -33,12 +33,11 @@ import base64 import traceback import errno -from cffi import FFI from ctypes.util import find_library from functools import total_ordering - from subprocess import CalledProcessError -from nss.error import NSPRError + +from cffi import FFI from pyasn1.error import PyAsn1Error from six.moves import urllib @@ -223,6 +222,7 @@ class RedHatTaskNamespace(BaseTaskNamespace): def insert_ca_certs_into_systemwide_ca_store(self, ca_certs): from ipalib import x509 # FixMe: break import cycle + from ipalib.errors import CertificateError new_cacert_path = paths.SYSTEMWIDE_IPA_CA_CRT @@ -252,7 +252,7 @@ class RedHatTaskNamespace(BaseTaskNamespace): issuer = x509.get_der_issuer(cert, x509.DER) serial_number = x509.get_der_serial_number(cert, x509.DER) public_key_info = x509.get_der_public_key_info(cert, x509.DER) - except (NSPRError, PyAsn1Error, ValueError) as e: + except (PyAsn1Error, ValueError, CertificateError) as e: root_logger.warning( "Failed to decode certificate \"%s\": %s", nickname, e) continue diff --git a/ipaplatform/setup.py b/ipaplatform/setup.py index 66378309c..501e2bc56 100644 --- a/ipaplatform/setup.py +++ b/ipaplatform/setup.py @@ -45,7 +45,6 @@ if __name__ == '__main__': # "ipalib", # circular dependency "ipapython", "pyasn1", - "python-nss", "six", ], ) |