URL: https://github.com/freeipa/freeipa/pull/2327 Author: netoarmando Title: #2327: Fix certificate type error when exporting to file Action: opened
PR body: """ Commands `ipa ca-show` and `ipa cert-show` share the same code, this commit updates the former, closing the gap between them. Reflecting the changes done in 5a44ca6. https://pagure.io/freeipa/issue/7628 Signed-off-by: Armando Neto <abiag...@redhat.com> To be more specific, `ipa cert-show` code is: https://github.com/freeipa/freeipa/blob/5a44ca638310913ab6b0c239374f4b0ddeeedeb3/ipaclient/plugins/cert.py#L51-L73 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2327/head:pr2327 git checkout pr2327
From 8e4324de3b7cab07edb7dc274dd45522c260d419 Mon Sep 17 00:00:00 2001 From: Armando Neto <abiag...@redhat.com> Date: Mon, 3 Sep 2018 18:52:57 -0300 Subject: [PATCH] Fix certificate type error when exporting to file Commands `ipa ca-show` and `ipa cert-show` share the same code, this commit updates the former, closing the gap between them. Reflecting the changes done in 5a44ca638310913ab6b0c239374f4b0ddeeedeb3. https://pagure.io/freeipa/issue/7628 Signed-off-by: Armando Neto <abiag...@redhat.com> --- ipaclient/plugins/ca.py | 11 +++++------ ipatests/test_xmlrpc/test_ca_plugin.py | 7 +++++++ ipatests/test_xmlrpc/tracker/ca_plugin.py | 5 +++-- 3 files changed, 15 insertions(+), 8 deletions(-) diff --git a/ipaclient/plugins/ca.py b/ipaclient/plugins/ca.py index c48f76ea7d..e799bccc8e 100644 --- a/ipaclient/plugins/ca.py +++ b/ipaclient/plugins/ca.py @@ -1,6 +1,7 @@ # # Copyright (C) 2016 FreeIPA Contributors see COPYING for license # +import base64 from ipaclient.frontend import MethodOverride from ipalib import errors, util, x509, Str @@ -34,13 +35,11 @@ def forward(self, *keys, **options): result = super(WithCertOutArgs, self).forward(*keys, **options) if filename: if options.get('chain', False): - certs = (x509.load_der_x509_certificate(c) - for c in result['result']['certificate_chain']) + certs = result['result']['certificate_chain'] else: - certs = [ - x509.load_der_x509_certificate( - result['result']['certificate']) - ] + certs = [result['result']['certificate']] + certs = (x509.load_der_x509_certificate(base64.b64decode(cert)) + for cert in certs) x509.write_certificate_list(certs, filename) return result diff --git a/ipatests/test_xmlrpc/test_ca_plugin.py b/ipatests/test_xmlrpc/test_ca_plugin.py index 28cd94aad0..c65d9966c8 100644 --- a/ipatests/test_xmlrpc/test_ca_plugin.py +++ b/ipatests/test_xmlrpc/test_ca_plugin.py @@ -97,6 +97,13 @@ def test_retrieve(self, crud_subca): def test_retrieve_all(self, crud_subca): crud_subca.retrieve(all=True) + def test_export_ca(self, tmpdir, crud_subca): + exported_ca = tmpdir.join('exported_ca') + command = crud_subca.make_retrieve_command( + certificate_out=str(exported_ca) + ) + command() + def test_delete(self, crud_subca): crud_subca.delete() diff --git a/ipatests/test_xmlrpc/tracker/ca_plugin.py b/ipatests/test_xmlrpc/tracker/ca_plugin.py index e18b1c1782..310a0f1733 100644 --- a/ipatests/test_xmlrpc/tracker/ca_plugin.py +++ b/ipatests/test_xmlrpc/tracker/ca_plugin.py @@ -91,9 +91,10 @@ def check_delete(self, result): result=dict(failed=[]) ), result) - def make_retrieve_command(self, all=False, raw=False): + def make_retrieve_command(self, all=False, raw=False, **options): """Make function that retrieves the entry using ${CMD}_show""" - return self.make_command('ca_show', self.name, all=all, raw=raw) + return self.make_command('ca_show', self.name, all=all, raw=raw, + **options) def check_retrieve(self, result, all=False, raw=False): """Check the plugin's `show` command result"""
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org