IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-13 01:31:56 -06:00
Code Issues Packages Projects Releases Wiki Activity

Properly handle non-existent cert files

Browse Source 
https://fedorahosted.org/freeipa/ticket/3785
This commit is contained in:
Ana Krivokapic 2013-07-17 16:30:15 +02:00 committed by Martin Kosek
parent 240b12169b
commit f637d05a18
2 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
ipaserver/install/certs.py
View File

@ -188,6 +188,8 @@ class NSSDatabase(object):
if e.returncode == 17:
raise RuntimeError("incorrect password for pkcs#12 file %s" %
pkcs12_filename)
elif e.returncode == 10:
raise RuntimeError("Failed to open %s" % pkcs12_filename)
else:
raise RuntimeError("unknown error import pkcs#12 file %s" %
pkcs12_filename)
@ -206,6 +208,8 @@ class NSSDatabase(object):
except ipautil.CalledProcessError, e:
if e.returncode == 17:
raise RuntimeError("incorrect password for pkcs#12 file")
elif e.returncode == 10:
raise RuntimeError("Failed to open %s" % pkcs12_fname)
else:
raise RuntimeError("unknown error using pkcs#12 file")
@ -255,8 +259,13 @@ class NSSDatabase(object):
The file must contain exactly one certificate.
"""
with open(location) as fd:
certs = fd.read()
try:
with open(location) as fd:
certs = fd.read()
except IOError as e:
raise RuntimeError(
"Failed to open %s: %s" % (location, e.strerror)
)
cert, st = find_cert_from_txt(certs)
self.add_single_pem_cert(nickname, flags, cert)

2
ipaserver/install/installutils.py
View File

@ -721,7 +721,7 @@ def check_pkcs12(pkcs12_info, ca_file, hostname):
ca_cert_name = 'The Root CA'
try:
nssdb.import_pem_cert(ca_cert_name, "CT,C,C", ca_file)
except ValueError, e:
except (ValueError, RuntimeError) as e:
raise ScriptError(str(e))
# Import everything in the PKCS#12