diff options
author | Ben Lipton <blipton@redhat.com> | 2016-07-05 14:19:35 -0400 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2017-01-31 10:20:28 +0100 |
commit | 10ef5947860f5098182b1f95c08c1158e2da15f9 (patch) | |
tree | 360f7bb40f2eab2dcc2a1fa2c8460643c77524ec /ipalib | |
parent | 87400cdec1054971f50f90a0c63f18ab045f3833 (diff) | |
download | freeipa-10ef5947860f5098182b1f95c08c1158e2da15f9.tar.gz freeipa-10ef5947860f5098182b1f95c08c1158e2da15f9.tar.xz freeipa-10ef5947860f5098182b1f95c08c1158e2da15f9.zip |
csrgen: Add code to generate scripts that generate CSRs
Adds a library that uses jinja2 to format a script that, when run, will
build a CSR. Also adds a CLI command, 'cert-get-requestdata', that uses
this library and builds the script for a given principal. The rules are
read from json files in /usr/share/ipa/csr, but the rule provider is a
separate class so that it can be replaced easily.
https://fedorahosted.org/freeipa/ticket/4899
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'ipalib')
-rw-r--r-- | ipalib/errors.py | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/ipalib/errors.py b/ipalib/errors.py index 88707ac31..6aaca708a 100644 --- a/ipalib/errors.py +++ b/ipalib/errors.py @@ -1422,6 +1422,34 @@ class HTTPRequestError(RemoteRetrieveError): format = _('Request failed with status %(status)s: %(reason)s') +class RedundantMappingRule(SingleMatchExpected): + """ + **4036** Raised when more than one rule in a CSR generation ruleset matches + a particular helper. + + For example: + + >>> raise RedundantMappingRule(ruleset='syntaxSubject', helper='certutil') + Traceback (most recent call last): + ... + RedundantMappingRule: Mapping ruleset "syntaxSubject" has more than one + rule for the certutil helper. + """ + + errno = 4036 + format = _('Mapping ruleset "%(ruleset)s" has more than one rule for the' + ' %(helper)s helper') + + +class CSRTemplateError(ExecutionError): + """ + **4037** Raised when evaluation of a CSR generation template fails + """ + + errno = 4037 + format = _('%(reason)s') + + class BuiltinError(ExecutionError): """ **4100** Base class for builtin execution errors (*4100 - 4199*). |