Hi,

the attached patch fixes an error message when user provides an empty key while adding otp token.


https://fedorahosted.org/freeipa/ticket/6200

--
Tomas Krizek

From 806e0cf73dcc3ccbfd620b7865561682ea2e37f5 Mon Sep 17 00:00:00 2001
From: Tomas Krizek <tkri...@redhat.com>
Date: Tue, 16 Aug 2016 14:10:49 +0200
Subject: [PATCH] Validate key in otptoken-add

Verify that key is not empty when adding otp token. If it is empty, raise an
appropriate error.

https://fedorahosted.org/freeipa/ticket/6200
---
 ipaserver/plugins/otptoken.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ipaserver/plugins/otptoken.py b/ipaserver/plugins/otptoken.py
index 39012e2f9106c33c520e19f14331fc440333015a..4429edc2f08a18e973773239d7b1db0a01aafb99 100644
--- a/ipaserver/plugins/otptoken.py
+++ b/ipaserver/plugins/otptoken.py
@@ -323,6 +323,10 @@ class otptoken_add(LDAPCreate):
             except (NotFound, IndexError):
                 pass
 
+        # Check if key is not empty
+        if entry_attrs['ipatokenotpkey'] is None:
+            raise ValidationError(name='key', error=_(u'can not be empty'))
+
         # Build the URI parameters
         args = {}
         args['issuer'] = issuer
-- 
2.7.4

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to