IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Use File parameter for CSR in cert_request command plugin.

Browse Source
This commit is contained in:
Pavel Zuna
2009-11-06 11:04:00 +01:00
committed by Jason Gerard DeRose
parent 566a3cb972
commit 63c6c12d69
1 changed files with 12 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
ipalib/plugins/cert.py
View File

@@ -26,7 +26,7 @@ from ipalib import api, SkipPluginModule
if api.env.enable_ra is not True: if api.env.enable_ra is not True:
# In this case, abort loading this plugin module... # In this case, abort loading this plugin module...
raise SkipPluginModule(reason='env.enable_ra is not True') raise SkipPluginModule(reason='env.enable_ra is not True')
from ipalib import Command, Str, Int, Bytes, Flag from ipalib import Command, Str, Int, Bytes, Flag, File
from ipalib import errors from ipalib import errors
from ipalib.plugins.virtual import * from ipalib.plugins.virtual import *
from ipalib.plugins.service import split_principal from ipalib.plugins.service import split_principal
@@ -83,7 +83,11 @@ class cert_request(VirtualCommand):
Submit a certificate signing request. Submit a certificate signing request.
""" """
takes_args = (Str('csr', validate_csr),) takes_args = (
File('csr', validate_csr,
cli_name='csr_file',
),
)
operation="request certificate" operation="request certificate"
takes_options = ( takes_options = (
@@ -110,6 +114,12 @@ class cert_request(VirtualCommand):
del kw['add'] del kw['add']
service = None service = None
# We just want the CSR bits, make sure there is nothing else
s = csr.find("-----BEGIN NEW CERTIFICATE REQUEST-----")
e = csr.find("-----END NEW CERTIFICATE REQUEST-----")
if s >= 0:
csr = csr[s+40:e]
# Can this user request certs? # Can this user request certs?
self.check_access() self.check_access()
@@ -157,33 +167,6 @@ class cert_request(VirtualCommand):
else: else:
textui.print_plain('Failed to submit a certificate request.') textui.print_plain('Failed to submit a certificate request.')
def run(self, *args, **options):
"""
Dispatch to forward() and execute() to do work locally and on the
server.
"""
if self.env.in_server:
return self.execute(*args, **options)
# Client-side code
csr = args[0]
if csr[:7] == "file://":
file = csr[7:]
try:
f = open(file, "r")
csr = f.readlines()
f.close()
except IOError, err:
raise errors.ValidationError(name='csr', error=err[1])
csr = "".join(csr)
# We just want the CSR bits, make sure there is nothing else
s = csr.find("-----BEGIN NEW CERTIFICATE REQUEST-----")
e = csr.find("-----END NEW CERTIFICATE REQUEST-----")
if s >= 0:
csr = csr[s+40:e]
csr = csr.decode('UTF-8')
return self.forward(csr, **options)
api.register(cert_request) api.register(cert_request)