The --out option wasn't working at all with cert-show.

Also fix some related problems in write_certificate(), handle either a DER or base64-formatted incoming certificate and don't explode if the filename is None. ticket 954
2025-02-25 18:55:28 -06:00 · 2011-02-11 18:12:02 -05:00 · 2011-02-11 18:12:02 -05:00 · dab452442d
commit dab452442d
parent 0e4f0528cf
3 changed files with 14 additions and 5 deletions
--- a/API.txt
+++ b/API.txt
@ -320,7 +320,7 @@ output: Output('result', None, None)
 command: cert_show
 args: 1,1,1
 arg: Str('serial_number', label=Gettext('Serial number', domain='ipa', localedir=None))
-option: Str('out?',tr('out?', doc=Gettext('file to store certificate in', domain='ipa', localedir=None))
+option: Str('out?', exclude='webui', label=Gettext('Output filename', domain='ipa', localedir=None))
 output: Output('result', None, None)
 command: cert_status
 args: 1,0,1
--- a/ipalib/plugins/cert.py
+++ b/ipalib/plugins/cert.py
@ -418,13 +418,15 @@ class cert_show(VirtualCommand):

    takes_options = (
        Str('out?',
+            label=_('Output filename'),
            doc=_('file to store certificate in'),
+            exclude='webui',
        ),
    )

    operation="retrieve certificate"

-    def execute(self, serial_number):
+    def execute(self, serial_number, **options):
        hostname = None
        try:
            self.check_access()
@ -455,9 +457,8 @@ class cert_show(VirtualCommand):
        if 'out' in options:
            check_writable_file(options['out'])
            result = super(cert_show, self).forward(*keys, **options)
-            if 'usercertificate' in result['result']:
-                write_certificate(result['result']['usercertificate'][0], options['out'])
-                result['summary'] = _('Certificate stored in file \'%(file)s\'') % dict(file=options['out'])
+            if 'certificate' in result['result']:
+                write_certificate(result['result']['certificate'], options['out'])
                return result
            else:
                raise errors.NoCertificateError(entry=keys[-1])
--- a/ipalib/plugins/service.py
+++ b/ipalib/plugins/service.py
@ -231,6 +231,8 @@ def check_writable_file(filename):
    Determine if the file is writable. If the file doesn't exist then
    open the file to test writability.
    """
+    if filename is None:
+        raise errors.FileError(reason='Filename is empty')
    try:
        if file_exists(filename):
            if not os.access(filename, os.W_OK):
@ -255,6 +257,12 @@ def write_certificate(cert, filename):
    """
    Check to see if the certificate should be written to a file and do so.
    """
+    if cert and util.isvalid_base64(cert):
+        try:
+            cert = base64.b64decode(cert)
+        except Exception, e:
+            raise errors.Base64DecodeError(reason=str(e))
+
    try:
        fp = open(filename, 'w')
        fp.write(make_pem(base64.b64encode(cert)))