[Freeipa-devel] [PATCH] 903 normalize paths in certmonger
Martin Kosek
mkosek at redhat.com
Wed Dec 7 10:24:09 UTC 2011
On Tue, 2011-11-08 at 18:33 -0500, Rob Crittenden wrote:
> There are times we need to hunt through the certmonger request files
> trying (such as trying to stop tracking a cert). One criteria is the
> cert database and they need to match exactly. We weren't normalizing
> this so something as simple as a trailing slash would cause a match to fail.
>
> Normalize both values to address this.
>
> rob
Looks good.
I just found few nitpicks that may be fixed before push:
1) I didn't like constructs like this one:
'%s' % os.path.abspath(secdir)
Simple "os.path.abspath(secdir)" would be enough
2) I think get_request_id() function documentation should contain
recognized value types:
None: Any type
1: File path
3) We may want also to normalize path to PW file. This is what we use
now in ipa-server-install:
2011-12-07T10:11:25Z DEBUG args=/usr/bin/ipa-getcert start-tracking
-d /etc/dirsrv/slapd-PKI-IPA -n Server-Cert
-p /etc/dirsrv/slapd-PKI-IPA//pwdfile.txt
This shoud be enough:
- args.append(passwd_fname)
+ args.append(os.path.abspath(passwd_fname))
Martin
More information about the Freeipa-devel
mailing list