IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

x509: avoid use of nss.data_to_hex

Browse Source 
Avoid use of the nss.data_to_hex function for formatting certificate
fingerprints.  Add our own helper functions to format the
fingerprints as hex (with colons).

Part of: https://fedorahosted.org/freeipa/ticket/6398

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
This commit is contained in:
Fraser Tweedale
2016-10-11 12:43:22 +10:00
committed by David Kupka
parent 85487281cd
commit 44c2d685f0
3 changed files with 31 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ipaserver/plugins/service.py
View File

@@ -274,8 +274,10 @@ def set_certificate_attrs(entry_attrs):
entry_attrs['issuer'] = unicode(cert.issuer)
entry_attrs['valid_not_before'] = unicode(cert.valid_not_before_str)
entry_attrs['valid_not_after'] = unicode(cert.valid_not_after_str)
entry_attrs['md5_fingerprint'] = unicode(nss.data_to_hex(nss.md5_digest(cert.der_data), 64)[0])
entry_attrs['sha1_fingerprint'] = unicode(nss.data_to_hex(nss.sha1_digest(cert.der_data), 64)[0])
entry_attrs['md5_fingerprint'] = x509.to_hex_with_colons(
nss.md5_digest(cert.der_data))
entry_attrs['sha1_fingerprint'] = x509.to_hex_with_colons(
nss.sha1_digest(cert.der_data))
def check_required_principal(ldap, principal):
"""