freeipa

Clone
Source Code
GIT

e1df2e0 cert-request: accept CSRs with extraneous data

2 files Authored by ftweedal 7 years ago, Committed by mbabinsk 7 years ago,
raw patch tree parent
2 files changed. 6 lines added. 3 lines removed.
ipalib/pkcs10.py
file modified
+1 -1
ipaserver/plugins/cert.py
file modified
+5 -2 
    cert-request: accept CSRs with extraneous data
    
    The cert-request command used to accept CSRs that had extra data
    surrounding the PEM data, e.g. commentary about the contents of the
    CSR.  Recent commits that switch to using python-cryptography for
    cert and CSR handling broke this.  Our acceptance tests use such
    CSRs, hence the tests are now failing.
    
    To avoid the issue, freshly encode the python-cryptography
    CertificateSigningRequest object as PEM.  This avoids re-using the
    user-supplied data, in case it has extraneous data.
    
    Fixes: https://fedorahosted.org/freeipa/ticket/6472
    Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
file modified
+1 -1
file modified
+5 -2
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.