use NSS for SSL operations

author: John Dennis <jdennis@redhat.com> 2010-05-31 07:40:17 -0400
committer: Rob Crittenden <rcritten@redhat.com> 2010-06-15 15:03:36 -0400
commit: 31027c6183e3df927b08f0f0b7f84ae7420c3e88 (patch)
tree: 80c6f3d84f18b02b1afb52ce364ec57bdeb06802 /ipaserver
parent: 1dd7b11b0b5697f86f4d486fbe9509484ae2065a (diff)
download: freeipa-31027c6183e3df927b08f0f0b7f84ae7420c3e88.tar.gz
freeipa-31027c6183e3df927b08f0f0b7f84ae7420c3e88.tar.xz
freeipa-31027c6183e3df927b08f0f0b7f84ae7420c3e88.zip
2 files changed, 0 insertions, 48 deletions
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index 90028b41d..035d6315f 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -125,30 +125,6 @@ def import_pkcs12(input_file, input_passwd, cert_database,
                  "-k", cert_passwd,
                  "-w", input_passwd])
 
-def client_auth_data_callback(ca_names, chosen_nickname, password, certdb):
-    cert = None
-    if chosen_nickname:
-        try:
-            cert = nss.find_cert_from_nickname(chosen_nickname, password)
-            priv_key = nss.find_key_by_any_cert(cert, password)
-            return cert, priv_key
-        except NSPRError, e:
-            logging.debug("client auth callback failed %s" % str(e))
-            return False
-    else:
-        nicknames = nss.get_cert_nicknames(certdb, nss.SEC_CERT_NICKNAMES_USER)
-        for nickname in nicknames:
-            try:
-                cert = nss.find_cert_from_nickname(nickname, password)
-                if cert.check_valid_times():
-                    if cert.has_signer_in_ca_names(ca_names):
-                        priv_key = nss.find_key_by_any_cert(cert, password)
-                        return cert, priv_key
-            except NSPRError, e:
-                logging.debug("client auth callback failed %s" % str(e))
-                return False
-        return False
-
 def get_value(s):
     """
     Parse out a name/value pair from a Javascript variable.
diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py
index 6fb012919..cf89c22f0 100644
--- a/ipaserver/install/certs.py
+++ b/ipaserver/install/certs.py
@@ -60,30 +60,6 @@ def ipa_self_signed():
     else:
         return False
 
-def client_auth_data_callback(ca_names, chosen_nickname, password, certdb):
-    cert = None
-    if chosen_nickname:
-        try:
-            cert = nss.find_cert_from_nickname(chosen_nickname, password)
-            priv_key = nss.find_key_by_any_cert(cert, password)
-            return cert, priv_key
-        except NSPRError, e:
-            logging.debug("client auth callback failed %s" % str(e))
-            return False
-    else:
-        nicknames = nss.get_cert_nicknames(certdb, nss.SEC_CERT_NICKNAMES_USER)
-        for nickname in nicknames:
-            try:
-                cert = nss.find_cert_from_nickname(nickname, password)
-                if cert.check_valid_times():
-                    if cert.has_signer_in_ca_names(ca_names):
-                        priv_key = nss.find_key_by_any_cert(cert, password)
-                        return cert, priv_key
-            except NSPRError, e:
-                logging.debug("client auth callback failed %s" % str(e))
-                return False
-        return False
-
 def find_cert_from_txt(cert, start=0):
     """
     Given a cert blob (str) which may or may not contian leading and
author	John Dennis <jdennis@redhat.com>	2010-05-31 07:40:17 -0400
committer	Rob Crittenden <rcritten@redhat.com>	2010-06-15 15:03:36 -0400
commit	31027c6183e3df927b08f0f0b7f84ae7420c3e88 (patch)
tree	80c6f3d84f18b02b1afb52ce364ec57bdeb06802 /ipaserver
parent	1dd7b11b0b5697f86f4d486fbe9509484ae2065a (diff)
download	freeipa-31027c6183e3df927b08f0f0b7f84ae7420c3e88.tar.gz freeipa-31027c6183e3df927b08f0f0b7f84ae7420c3e88.tar.xz freeipa-31027c6183e3df927b08f0f0b7f84ae7420c3e88.zip