Raise an exception if the certificate chain is not returned from the CA

This commit is contained in:
Rob Crittenden 2009-05-21 17:34:00 -04:00
parent eec367b0c8
commit 13696ae18b
2 changed files with 31 additions and 6 deletions

View File

@ -965,6 +965,22 @@ class Base64DecodeError(ExecutionError):
errno = 4015
format = _('Base64 decoding failed: %(reason)s')
class RemoteRetrieveError(ExecutionError):
"""
**4016** Raised when retrieving data from a remote server fails
For example:
>>> raise RemoteRetrieveError(reason="Error: Failed to get certificate chain.")
Traceback (most recent call last):
...
RemoteRetrieveError: Error: Failed to get certificate chain.
"""
errno = 4016
format = _('%(reason)s')
class BuiltinError(ExecutionError):
"""
**4100** Base class for builtin execution errors (*4100 - 4199*).

View File

@ -17,7 +17,7 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
from ipalib import api
from ipalib import api, errors
import httplib
import xml.dom.minidom
@ -31,11 +31,20 @@ def get_ca_certchain():
res = conn.getresponse()
if res.status == 200:
data = res.read()
conn.close()
try:
doc = xml.dom.minidom.parseString(data)
try:
item_node = doc.getElementsByTagName("ChainBase64")
chain = item_node[0].childNodes[0].data
except IndexError:
try:
item_node = doc.getElementsByTagName("Error")
reason = item_node[0].childNodes[0].data
raise errors.RemoteRetrieveError(reason=reason)
except:
raise errors.RemoteRetrieveError(reason="Retrieving CA cert chain failed")
finally:
doc.unlink()
conn.close()
return chain