[Freeipa-devel] [PATCH] 0108 cert-request: raise error when request fails
Fraser Tweedale
ftweedal at redhat.com
Thu Sep 8 02:00:25 UTC 2016
The attached patch fixes regression in cert-request:
https://fedorahosted.org/freeipa/ticket/6309
Thanks,
Fraser
-------------- next part --------------
From b27eef53ee36b7cae70206c37dea6aaa3bcfc940 Mon Sep 17 00:00:00 2001
From: Fraser Tweedale <ftweedal at redhat.com>
Date: Thu, 8 Sep 2016 11:56:16 +1000
Subject: [PATCH] cert-request: raise error when request fails
Fix a regression in recent change to request cert via Dogtag REST
API. 'ra.request_certificate' was no longer raising
CertificateOperationError when the cert request failed. Inspect the
request result to determine if the request completed, and raise if
it did not.
Fixes: https://fedorahosted.org/freeipa/ticket/6309
---
ipaserver/plugins/dogtag.py | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py
index 77d24731bbc102ace3123a6fe41a631ea7c24f3b..644b41e90f2d377ae9b70cf4719ab8789fdfc649 100644
--- a/ipaserver/plugins/dogtag.py
+++ b/ipaserver/plugins/dogtag.py
@@ -1678,6 +1678,10 @@ class ra(rabase.rabase, RestClient):
return cmd_result
certinfo = entries[0]
+ if certinfo['requestStatus'] != 'complete':
+ raise errors.CertificateOperationError(
+ error=certinfo.get('errorMessage'))
+
if 'certId' in certinfo:
cmd_result = self.get_certificate(certinfo['certId'])
cert = ''.join(cmd_result['certificate'].splitlines())
--
2.5.5
More information about the Freeipa-devel
mailing list