Raise ACI error when CSR does not have a subject hostname.
Ticket: https://fedorahosted.org/freeipa/ticket/3123 -- Lynn Root @roguelynn Associate Software Engineer Red Hat, Inc
>From c627c853164a6eece19306938fa7d9bead4a4730 Mon Sep 17 00:00:00 2001 From: Lynn Root <lr...@redhat.com> Date: Mon, 10 Dec 2012 09:13:13 -0500 Subject: [PATCH] Raise ACI error when CSR does not have a subject hostname Raise ACI error when CSR does not have a subject hostname. Ticket: https://fedorahosted.org/freeipa/ticket/3123 --- ipalib/plugins/cert.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ipalib/plugins/cert.py b/ipalib/plugins/cert.py index c4bbf8215341d1fdbf8b84cf70ee7ebd8e2b96c4..e33a9743ba1978a3eea65326049f792d2b277e17 100644 --- a/ipalib/plugins/cert.py +++ b/ipalib/plugins/cert.py @@ -296,6 +296,10 @@ class cert_request(VirtualCommand): # Ensure that the hostname in the CSR matches the principal subject_host = get_csr_hostname(csr) + if not subject_host: + raise errors.ACIError( + info=_("No hostname was found in subject of request")) + (servicename, hostname, realm) = split_principal(principal) if subject_host.lower() != hostname.lower(): raise errors.ACIError( -- 1.8.0.1
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
