diff options
author | Jan Cholasta <jcholast@redhat.com> | 2014-09-18 12:00:15 +0200 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2014-09-30 10:01:38 +0200 |
commit | bbf962299d23071f238eadbbec4922100cc7c6e8 (patch) | |
tree | 585090ef42039643782765c581bc97c7d818d79c /ipapython/certdb.py | |
parent | b764e9d3e6fcd380c9420c2d442293fdd12ec5dc (diff) | |
download | freeipa-bbf962299d23071f238eadbbec4922100cc7c6e8.tar.gz freeipa-bbf962299d23071f238eadbbec4922100cc7c6e8.tar.xz freeipa-bbf962299d23071f238eadbbec4922100cc7c6e8.zip |
Use NSSDatabase instead of direct certutil calls in client code
https://fedorahosted.org/freeipa/ticket/4416
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Diffstat (limited to 'ipapython/certdb.py')
-rw-r--r-- | ipapython/certdb.py | 20 |
1 files changed, 9 insertions, 11 deletions
diff --git a/ipapython/certdb.py b/ipapython/certdb.py index 792cd7529..09c87c7f9 100644 --- a/ipapython/certdb.py +++ b/ipapython/certdb.py @@ -36,24 +36,22 @@ def get_ca_nickname(realm, format=CA_NICKNAME_FMT): def create_ipa_nssdb(): - pwdfile = os.path.join(paths.IPA_NSSDB_DIR, 'pwdfile.txt') + db = NSSDatabase(paths.IPA_NSSDB_DIR) + pwdfile = os.path.join(db.secdir, 'pwdfile.txt') ipautil.backup_file(pwdfile) - ipautil.backup_file(os.path.join(paths.IPA_NSSDB_DIR, 'cert8.db')) - ipautil.backup_file(os.path.join(paths.IPA_NSSDB_DIR, 'key3.db')) - ipautil.backup_file(os.path.join(paths.IPA_NSSDB_DIR, 'secmod.db')) + ipautil.backup_file(os.path.join(db.secdir, 'cert8.db')) + ipautil.backup_file(os.path.join(db.secdir, 'key3.db')) + ipautil.backup_file(os.path.join(db.secdir, 'secmod.db')) with open(pwdfile, 'w') as f: f.write(ipautil.ipa_generate_password(pwd_len=40)) os.chmod(pwdfile, 0600) - ipautil.run([paths.CERTUTIL, - "-N", - "-d", paths.IPA_NSSDB_DIR, - "-f", pwdfile]) - os.chmod(os.path.join(paths.IPA_NSSDB_DIR, 'cert8.db'), 0644) - os.chmod(os.path.join(paths.IPA_NSSDB_DIR, 'key3.db'), 0644) - os.chmod(os.path.join(paths.IPA_NSSDB_DIR, 'secmod.db'), 0644) + db.create_db(pwdfile) + os.chmod(os.path.join(db.secdir, 'cert8.db'), 0644) + os.chmod(os.path.join(db.secdir, 'key3.db'), 0644) + os.chmod(os.path.join(db.secdir, 'secmod.db'), 0644) def find_cert_from_txt(cert, start=0): |