IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

ipa-ca-install: do not fail without --subject-base and --ca-subject

Browse Source 
When --subject-base and --ca-subject are not specified in ipa-ca-install,
default values are used. DN objects are used as the default values in
ipa-ca-install, but the CA installer expects the values to be strings. This
causes ipa-ca-install to fail unless both --subject-base and --ca-subject
are specified.

Convert the DN objects to strings to fix the issue.

https://fedorahosted.org/freeipa/ticket/2614

Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
This commit is contained in:
Jan Cholasta 2017-01-30 13:25:04 +01:00
parent 86f4a93fb3
commit 87400cdec1
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
install/tools/ipa-ca-install
View File

@ -216,10 +216,11 @@ def install_master(safe_options, options):
options.host_name = api.env.host options.host_name = api.env.host
if not options.subject_base: if not options.subject_base:
options.subject_base = installutils.default_subject_base(api.env.realm) options.subject_base = str(
installutils.default_subject_base(api.env.realm))
if not options.ca_subject: if not options.ca_subject:
options.ca_subject = installutils.default_ca_subject_dn( options.ca_subject = str(
options.subject_base) installutils.default_ca_subject_dn(options.subject_base))
try: try:
ca.subject_validator(ca.VALID_SUBJECT_BASE_ATTRS, options.subject_base) ca.subject_validator(ca.VALID_SUBJECT_BASE_ATTRS, options.subject_base)