|
 |
89cb6d |
From e73e728e10739792d7bf45134507b12407326502 Mon Sep 17 00:00:00 2001
|
|
|
89cb6d |
From: Fraser Tweedale <ftweedal@redhat.com>
|
|
|
89cb6d |
Date: Mon, 15 Jun 2020 14:55:57 +1000
|
|
|
89cb6d |
Subject: [PATCH] fix cert-find errors in CA-less deployment
|
|
|
89cb6d |
|
|
|
89cb6d |
Under some search conditions (in particular, when user is
|
|
|
89cb6d |
specified), the CA sub-search of cert-find command throws an error
|
|
|
89cb6d |
on CA-less deployments. Do not execute the CA sub-search on CA-less
|
|
|
89cb6d |
deployments.
|
|
|
89cb6d |
|
|
|
89cb6d |
Fixes: https://pagure.io/freeipa/issue/8369
|
|
|
89cb6d |
Reviewed-By: Christian Heimes <cheimes@redhat.com>
|
|
|
89cb6d |
---
|
|
|
89cb6d |
ipaserver/plugins/cert.py | 11 ++++++++---
|
|
|
89cb6d |
1 file changed, 8 insertions(+), 3 deletions(-)
|
|
|
89cb6d |
|
|
|
89cb6d |
diff --git a/ipaserver/plugins/cert.py b/ipaserver/plugins/cert.py
|
|
|
89cb6d |
index de47ba95b11e9aca31f1417fa7571bc7e3b48321..57ad1327feb62d5f45266bc9d5c6b8fba75a81aa 100644
|
|
|
89cb6d |
--- a/ipaserver/plugins/cert.py
|
|
|
89cb6d |
+++ b/ipaserver/plugins/cert.py
|
|
|
89cb6d |
@@ -1826,9 +1826,14 @@ class cert_find(Search, CertMethod):
|
|
|
89cb6d |
truncated = False
|
|
|
89cb6d |
complete = False
|
|
|
89cb6d |
|
|
|
89cb6d |
- for sub_search in (self._cert_search,
|
|
|
89cb6d |
- self._ca_search,
|
|
|
89cb6d |
- self._ldap_search):
|
|
|
89cb6d |
+ # Do not execute the CA sub-search in CA-less deployment.
|
|
|
89cb6d |
+ # See https://pagure.io/freeipa/issue/8369.
|
|
|
89cb6d |
+ if ca_enabled:
|
|
|
89cb6d |
+ searches = [self._cert_search, self._ca_search, self._ldap_search]
|
|
|
89cb6d |
+ else:
|
|
|
89cb6d |
+ searches = [self._cert_search, self._ldap_search]
|
|
|
89cb6d |
+
|
|
|
89cb6d |
+ for sub_search in searches:
|
|
|
89cb6d |
sub_result, sub_truncated, sub_complete = sub_search(
|
|
|
89cb6d |
all=all,
|
|
|
89cb6d |
raw=raw,
|
|
|
89cb6d |
--
|
|
|
89cb6d |
2.26.2
|
|
|
89cb6d |
|