https://fedorahosted.org/freeipa/ticket/5195
--
Petr Vobornik
From d09e625defca7db06ee2ef8de3451ec3f6eb026d Mon Sep 17 00:00:00 2001
From: Petr Vobornik <pvobo...@redhat.com>
Date: Wed, 12 Aug 2015 11:07:22 +0200
Subject: [PATCH] validate mutually exclusive options in vault-add

https://fedorahosted.org/freeipa/ticket/5195
---
 ipalib/plugins/vault.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/ipalib/plugins/vault.py b/ipalib/plugins/vault.py
index 423df6b7c0e39c46b20561133be8cd54560bf8b9..062fa0018ca6ac79c056d1d6f6b2496254ede994 100644
--- a/ipalib/plugins/vault.py
+++ b/ipalib/plugins/vault.py
@@ -597,6 +597,18 @@ class vault_add(PKQuery, Local):
         if 'public_key_file' in options:
             del options['public_key_file']
 
+        if vault_type != u'symmetric' and (password or password_file):
+            raise errors.MutuallyExclusiveError(
+                reason=_('Password could be specified only for '
+                         'symmetric vault')
+            )
+
+        if vault_type != u'asymmetric' and (public_key or public_key_file):
+            raise errors.MutuallyExclusiveError(
+                reason=_('Public key could be specified only for '
+                         'asymmetric vault')
+            )
+
         if self.api.env.in_server:
             backend = self.api.Backend.ldap2
         else:
-- 
2.4.3

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to