Fix certificate management with service-mod

Adding or removing certificates from a service via --addattr or --delattr is broken. Get certificates from entry_attrs instead of options. https://fedorahosted.org/freeipa/ticket/4238 Reviewed-By: Martin Basti <mbasti@redhat.com>
2025-02-25 18:55:28 -06:00 · 2015-06-03 02:49:28 -04:00 · 2015-06-03 02:49:28 -04:00 · 62e9867114
commit 62e9867114
parent b6924c00ab
1 changed files with 1 additions and 1 deletions
--- a/ipalib/plugins/service.py
+++ b/ipalib/plugins/service.py
@ -598,7 +598,7 @@ class service_mod(LDAPUpdate):
        (service, hostname, realm) = split_principal(keys[-1])

        # verify certificates
-        certs = options.get('usercertificate') or []
+        certs = entry_attrs.get('usercertificate') or []
        certs_der = map(x509.normalize_certificate, certs)
        for dercert in certs_der:
            x509.verify_cert_subject(ldap, hostname, dercert)