IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

crtmgr: fix bug if CERTMONGER_CERTIFICATE not set

Browse Source 
If CERTMONGER_CERTIFICATE is not set in certain scenario, the
code would fail since None cannot be passed to loading certificates.

https://pagure.io/freeipa/issue/4985

Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
This commit is contained in:
Stanislav Laznicka 2017-08-16 15:34:35 +02:00 committed by Pavel Vomacka
parent 0412625a2b
commit a3c11b01af
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
install/certmonger/dogtag-ipa-ca-renew-agent-submit
View File

@ -379,10 +379,10 @@ def retrieve_or_reuse_cert(**kwargs):
if not nickname:
return (REJECTED, "Nickname could not be determined")
cert = x509.load_pem_x509_certificate(
fix_pem(os.environ.get('CERTMONGER_CERTIFICATE'))) # TODO: the fix_pem somehow got there early, so making this comment way too long to get rid of it later
cert = os.environ.get('CERTMONGER_CERTIFICATE')
if not cert:
return (REJECTED, "New certificate requests not supported")
cert = x509.load_pem_x509_certificate(fix_pem(cert.encode('ascii')))
with ldap_connect() as conn:
try: