freeipa/ipaclient/plugins
Fraser Tweedale a2ad417490 Fix writing certificate chain to file
An client-side error occurs when cert commands are instructed to
write the certificate chain (--chain option) to a file
(--certificate-out option).  This regression was introduced in the
'cert' plugin in commit 5a44ca6383,
and reflected in the 'ca' plugin in commit
c7064494e5.

The server behaviour did not change; rather the client did not
correctly handle the DER-encoded certificates in the
'certificate_chain' response field.  Fix the issue by treating the
'certificate' field as base-64 encoded DER, and the
'certificate_chain' field as an array of raw DER certificates.

Add tests for checking that the relevant commands succeed and write
PEM data to the file (both with and without --chain).

Fixes: https://pagure.io/freeipa/issue/7700
Reviewed-By: Christian Heimes <cheimes@redhat.com>
2018-10-02 10:18:32 +02:00
..
__init__.py ipaclient: introduce ipaclient.plugins 2016-06-03 09:00:34 +02:00
automember.py Fix Pylint 2.0 violations 2018-07-14 12:04:19 +02:00
automount.py ipaclient.plugins: Use api_version from internally called commands 2016-12-14 11:50:35 +01:00
ca.py Fix writing certificate chain to file 2018-10-02 10:18:32 +02:00
cert.py Fix writing certificate chain to file 2018-10-02 10:18:32 +02:00
certmap.py Load certificate files as binary data 2018-04-30 20:42:00 +02:00
certprofile.py client: ignore override errors in command overrides 2016-06-30 16:32:20 +02:00
csrgen.py Defer import of ipaclient.csrgen 2018-04-10 07:58:52 +02:00
dns.py Fix translation of commands description in API Browser 2018-06-12 08:38:56 +02:00
hbacrule.py ipalib: split off client-side plugin code into ipaclient 2016-06-03 09:00:34 +02:00
hbactest.py Fix ipa hbactest output 2016-08-04 17:13:16 +02:00
host.py x509: Make certificates represented as objects 2017-07-27 10:28:58 +02:00
idrange.py client: ignore override errors in command overrides 2016-06-30 16:32:20 +02:00
internal.py client: ignore override errors in command overrides 2016-06-30 16:32:20 +02:00
location.py Remove unused variables in the code 2016-09-27 13:35:58 +02:00
migration.py Fix pylint warnings inconsistent-return-statements 2017-12-18 11:51:14 +01:00
misc.py Make env and plugins commands local again 2016-12-02 13:00:06 +01:00
otptoken_yubikey.py otptoken_yubikey.py: Removed traceback when package missing. 2017-08-11 13:51:04 +02:00
otptoken.py Remove NSSConnection from otptoken plugin 2017-03-01 09:43:41 +00:00
passwd.py client: ignore override errors in command overrides 2016-06-30 16:32:20 +02:00
permission.py client: ignore override errors in command overrides 2016-06-30 16:32:20 +02:00
rpcclient.py ipalib: move client-side plugins to ipaclient 2016-06-03 09:00:34 +02:00
server.py Handled empty hostname in server-del command 2016-08-24 15:50:25 +02:00
service.py x509: Make certificates represented as objects 2017-07-27 10:28:58 +02:00
sudorule.py client: ignore override errors in command overrides 2016-06-30 16:32:20 +02:00
topology.py topology.py: Removes error message from dictionary. 2017-07-14 09:23:17 +02:00
trust.py client: ignore override errors in command overrides 2016-06-30 16:32:20 +02:00
user.py x509: Make certificates represented as objects 2017-07-27 10:28:58 +02:00
vault.py Py3: Remove subclassing from object 2018-09-27 11:49:04 +02:00