URL: https://github.com/freeipa/freeipa/pull/590 Author: Akasurde Title: #590: Validate user input for cert-get-requestdata Action: synchronized
To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/590/head:pr590 git checkout pr590
From e328b31be88f825d42c7c9d56f625c0f78f49a2d Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde <akasu...@redhat.com> Date: Wed, 15 Mar 2017 12:12:56 +0530 Subject: [PATCH] Validate user input for cert-get-requestdata Fix adds validatation for Principal and CSR generation tool values Fixes https://pagure.io/freeipa/issue/6742 Signed-off-by: Abhijeet Kasurde <akasu...@redhat.com> --- ipaclient/plugins/csrgen.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/ipaclient/plugins/csrgen.py b/ipaclient/plugins/csrgen.py index a0d99ef..ebecb24 100644 --- a/ipaclient/plugins/csrgen.py +++ b/ipaclient/plugins/csrgen.py @@ -75,10 +75,23 @@ def execute(self, *args, **options): util.check_writable_file(options['out']) principal = options.get('principal') + if principal is None: + raise errors.InvocationError( + message=_('Principal is required') + ) profile_id = options.get('profile_id') if profile_id is None: profile_id = dogtag.DEFAULT_PROFILE helper = options.get('helper') + if helper is None: + raise errors.InvocationError( + message=_('CSR generation tool is required') + ) + if helper.lower() not in ['openssl', 'certutil']: + raise errors.InvocationError( + message=_('Allowed values for CSR generation tool ' + 'are (openssl | certutil)') + ) if self.api.env.in_server: backend = self.api.Backend.ldap2
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code