diff options
| author | Jan Cholasta <jcholast@redhat.com> | 2013-07-04 15:46:05 +0000 |
|---|---|---|
| committer | Petr Viktorin <pviktori@redhat.com> | 2013-08-20 16:19:08 +0200 |
| commit | 2e14298e40173394ba3188207a5aa9a6d26760c4 (patch) | |
| tree | e19c5fbd0e6c7ec610022b1f4d9796242fb95c9c | |
| parent | 5031e3e7f2684b240a100892e0fe0777af40d407 (diff) | |
| download | freeipa-2e14298e40173394ba3188207a5aa9a6d26760c4.tar.gz freeipa-2e14298e40173394ba3188207a5aa9a6d26760c4.tar.xz freeipa-2e14298e40173394ba3188207a5aa9a6d26760c4.zip | |
Remove unused NSSDatabase and CertDB method find_root_cert_from_pkcs12.
https://fedorahosted.org/freeipa/ticket/3641
| -rw-r--r-- | ipaserver/install/certs.py | 44 |
1 files changed, 0 insertions, 44 deletions
diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py index 8d7b7d0d3..7ad4c5087 100644 --- a/ipaserver/install/certs.py +++ b/ipaserver/install/certs.py @@ -194,46 +194,6 @@ class NSSDatabase(object): raise RuntimeError("unknown error import pkcs#12 file %s" % pkcs12_filename) - def find_root_cert_from_pkcs12(self, pkcs12_fname, passwd_fname=None): - """Given a PKCS#12 file, try to find any certificates that do - not have a key. The assumption is that these are the root CAs. - """ - args = ["/usr/bin/pk12util", "-d", self.secdir, - "-l", pkcs12_fname, - "-k", passwd_fname] - if passwd_fname: - args = args + ["-w", passwd_fname] - try: - (stdout, stderr, returncode) = ipautil.run(args) - except ipautil.CalledProcessError, e: - if e.returncode == 17: - raise RuntimeError("incorrect password for pkcs#12 file") - elif e.returncode == 10: - raise RuntimeError("Failed to open %s" % pkcs12_fname) - else: - raise RuntimeError("unknown error using pkcs#12 file") - - lines = stdout.split('\n') - - # A simple state machine. - # 1 = looking for a line starting with 'Certificate' - # 2 = looking for the Friendly name (nickname) - nicknames = [] - state = 1 - for line in lines: - if state == 2: - m = re.match("\W+Friendly Name: (.*)", line) - if m: - nicknames.append( m.groups(0)[0]) - state = 1 - if line == "Certificate:": - state = 2 - elif line and not line.startswith(' '): - # Top-level item that is not a certificate - state = 1 - - return nicknames - def trust_root_cert(self, root_nickname): if root_nickname[:7] == "Builtin": root_logger.debug( @@ -791,10 +751,6 @@ class CertDB(object): return root_nicknames - def find_root_cert_from_pkcs12(self, pkcs12_fname, passwd_fname=None): - return self.nssdb.find_root_cert_from_pkcs12(pkcs12_fname, - passwd_fname=passwd_fname) - def trust_root_cert(self, root_nickname): if root_nickname is None: root_logger.debug("Unable to identify root certificate to trust. Continuing but things are likely to fail.") |