IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

ipa-client: Check if IPA CA cert is empty

Browse Source 
IPA CA file should not be used when file is empty.

Fixes: https://pagure.io/freeipa/issue/9499
Reviewed-By: Florence Blanc-Renaud <flo@redhat.com>
This commit is contained in:
Thorsten Scherf 2023-12-17 17:19:38 +01:00 committed by Florence Blanc-Renaud
parent a177121af6
commit 821259f069
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ipaclient/install/client.py
View File

@ -167,7 +167,8 @@ def get_cert_path(cert_path):
if cert_path is not None:
return cert_path
if os.path.exists(paths.IPA_CA_CRT):
if os.path.exists(paths.IPA_CA_CRT) and \
os.stat(paths.IPA_CA_CRT).st_size != 0:
return paths.IPA_CA_CRT
return None