mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
e5a9e46138
This function is designed to retrieve a value from an ini-like file. In particular PKI CS.cfg. In an attempt to be more efficient a substring search, using startswith(), is used before calling a regular expression match. The problem is that if the requested directive is a substring of a different one then it will pass the startswith() and fail the regular expression match with a ValueError, assuming it is malformed. There is no need for this. The caller must be able to handle None as a response anyway. So continue if no match is found. This was seen when PKI dropped storing certificate blobs in CS.cfg. The CA certificate is stored in ca.signing.cert. If it isn't present then ca.signing.certnickname will match the substring but not the directive. This should not be treated as an error. Fixes: https://pagure.io/freeipa/issue/9506 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Florence Blanc-Renaud <flo@redhat.com> |
||
|---|---|---|
| .. | ||
| install | ||
| __init__.py | ||
| admintool.py | ||
| certdb.py | ||
| config.py | ||
| cookie.py | ||
| directivesetter.py | ||
| dn_ctypes.py | ||
| dn.py | ||
| dnsutil.py | ||
| dogtag.py | ||
| errors.py | ||
| fqdn.py | ||
| graph.py | ||
| ipa_log_manager.py | ||
| ipachangeconf.py | ||
| ipaldap.py | ||
| ipautil.py | ||
| ipavalidate.py | ||
| kerberos.py | ||
| kernel_keyring.py | ||
| Makefile.am | ||
| nsslib.py | ||
| README | ||
| session_storage.py | ||
| setup.cfg | ||
| setup.py | ||
| ssh.py | ||
| version.py.in | ||
This is a set of libraries common to IPA clients and servers though mostly
geared currently towards command-line tools.
A brief overview:
config.py - identify the IPA server domain and realm. It uses python-dns to
try to detect this information first and will fall back to
/etc/ipa/default.conf if that fails.
ipautil.py - helper functions
entity.py - entity is the main data type. User and Group extend this class
(but don't add anything currently).
ipavalidate.py - basic data validation routines