diff options
| author | Petr Viktorin <pviktori@redhat.com> | 2015-10-06 13:54:33 +0200 |
|---|---|---|
| committer | Martin Basti <mbasti@redhat.com> | 2015-10-22 18:34:46 +0200 |
| commit | eab334dde8e3f94fcf1fca0d111b5121e26c1f4f (patch) | |
| tree | 0e68560a9a7bfb89204bc78e34b7d95adc59fdc6 /ipapython/ssh.py | |
| parent | 92a4b18fc282ab7b40899c4885617fc080e9e955 (diff) | |
| download | freeipa-eab334dde8e3f94fcf1fca0d111b5121e26c1f4f.tar.gz freeipa-eab334dde8e3f94fcf1fca0d111b5121e26c1f4f.tar.xz freeipa-eab334dde8e3f94fcf1fca0d111b5121e26c1f4f.zip | |
Handle binascii.Error from base64.b64decode()
In Python 3, the base64.b64decode function raises binascii.Error (a ValueError
subclass) when it finds incorrect padding. In Python 2 it raises TypeError.
Callers should usually handle ValueError; unless they are specifically
concerned with handling base64 padding issues).
In some cases, callers should handle ValueError:
- ipalib.pkcs10 (get_friendlyname, load_certificate_request): callers should
handle ValueError
- ipalib.x509 (load_certificate*, get_*): callers should handle ValueError
In other cases ValueError is handled:
- ipalib.parameters
- ipapython.ssh
- ipalib.rpc (json_decode_binary - callers already expect ValueError)
- ipaserver.install.ldapupdate
Elsewhere no error handling is done, because values come from trusted
sources, or are pre-validated:
- vault plugin
- ipaserver.install.cainstance
- ipaserver.install.certs
- ipaserver.install.ipa_otptoken_import
Reviewed-By: Tomas Babej <tbabej@redhat.com>
Diffstat (limited to 'ipapython/ssh.py')
| -rw-r--r-- | ipapython/ssh.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ipapython/ssh.py b/ipapython/ssh.py index 02f577e8b..a625c422c 100644 --- a/ipapython/ssh.py +++ b/ipapython/ssh.py @@ -102,7 +102,7 @@ class SSHPublicKey(object): try: key = base64.b64decode(key) - except (TypeError, binascii.Error): + except (TypeError, ValueError): return False return self._parse_raw(key) |