diff options
author | Fraser Tweedale <ftweedal@redhat.com> | 2016-01-06 14:50:42 +1100 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2016-01-13 08:12:30 +0100 |
commit | fe94222873c4df5118e93cebe7e9d69439266ba0 (patch) | |
tree | 2f2309492eb0843b744d7034a22b425c183855ea /ipaserver/install/certs.py | |
parent | 6b2b173a4d6b1cd8789e87d0392dd86c980f858a (diff) | |
download | freeipa-fe94222873c4df5118e93cebe7e9d69439266ba0.tar.gz freeipa-fe94222873c4df5118e93cebe7e9d69439266ba0.tar.xz freeipa-fe94222873c4df5118e93cebe7e9d69439266ba0.zip |
Do not decode HTTP reason phrase from Dogtag
The HTTP reason phrase sent by Dogtag is assumed to be encoded in
UTF-8, but the encoding used by Tomcat is dependent on system
locale, causing decode errors in some locales.
The reason phrase is optional and will not be sent in a future
version of Tomcat[1], so do not bother decoding and returning it.
[1] https://github.com/apache/tomcat/commit/707ab1c77f3bc189e1c3f29b641506db4c8bce37
Fixes: https://fedorahosted.org/freeipa/ticket/5578
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'ipaserver/install/certs.py')
-rw-r--r-- | ipaserver/install/certs.py | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py index 1591362b4..f74b76090 100644 --- a/ipaserver/install/certs.py +++ b/ipaserver/install/certs.py @@ -403,12 +403,11 @@ class CertDB(object): result = dogtag.https_request( self.host_name, 8443, "/ca/ee/ca/profileSubmitSSLClient", self.secdir, password, "ipaCert", **params) - http_status, http_reason_phrase, http_headers, http_body = result + http_status, http_headers, http_body = result if http_status != 200: raise CertificateOperationError( - error=_('Unable to communicate with CMS (%s)') % - http_reason_phrase) + error=_('Unable to communicate with CMS (status %d)') % http_status) # The result is an XML blob. Pull the certificate out of that doc = xml.dom.minidom.parseString(http_body) @@ -457,7 +456,7 @@ class CertDB(object): result = dogtag.https_request( self.host_name, 8443, "/ca/ee/ca/profileSubmitSSLClient", self.secdir, password, "ipaCert", **params) - http_status, http_reason_phrase, http_headers, http_body = result + http_status, http_headers, http_body = result if http_status != 200: raise RuntimeError("Unable to submit cert request") |