IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-11 00:31:56 -06:00
Code Issues Packages Projects Releases Wiki Activity

DNParam: raise Exception when multiple values provided to a 1-val param

Browse Source 
When ipa user-add-certmapdata is called with multiple --subject or
multiple --issuer, the DNParam's _convert_scalar method is called with
a tuple containing all the params and should raise an exception as the
--subject and --issuer are single-value params.

The DNParam _convert_scalar method internally calls the DN init method,
and the DN init method is able to create a DN from a tuple of RDNs.
As such, it won't raise exception if a tuple/list is provided.

Check that _convert_scalar is only provided a single element.

Fixes: https://pagure.io/freeipa/issue/8097
Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
This commit is contained in:
Florence Blanc-Renaud 2019-11-12 08:16:37 +01:00
parent c0b0c6b4b5
commit e08a6de6af
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ipalib/parameters.py
View File

@ -2015,6 +2015,10 @@ class DNParam(Param):
if type(value) in self.allowed_types: if type(value) in self.allowed_types:
return value return value
if type(value) in (tuple, list):
raise ConversionError(name=self.name,
error=ugettext(self.scalar_error))
try: try:
dn = DN(value) dn = DN(value)
except Exception as e: except Exception as e: