rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0058-Parse-cert-chain-as-JSON-not-XML.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   7e1b550c1767fd2de6fe4d12e2980f6ea05d0168
  2.   SOURCES
  3.   0058-Parse-cert-chain-as-JSON-not-XML.patch
Blob History Raw
7e1b55 
From 40f76a53f78267b4d2b890defa3e4f7d27fdfb7a Mon Sep 17 00:00:00 2001
7e1b55 
From: Chris Kelley <ckelley@redhat.com>
7e1b55 
Date: Thu, 5 Aug 2021 12:00:15 +0100
7e1b55 
Subject: [PATCH] Parse cert chain as JSON not XML
7e1b55
7e1b55 
On dogtagpki/pki master XML is being replaced by JSON in PKI 11.0+
7e1b55
7e1b55 
The PR for dogtagpki/pki that makes this change necessary is:
7e1b55 
https://github.com/dogtagpki/pki/pull/3677
7e1b55
7e1b55 
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
7e1b55 
---
7e1b55 
 ipapython/dogtag.py | 28 +++++++++++++++++++---------
7e1b55 
 1 file changed, 19 insertions(+), 9 deletions(-)
7e1b55
7e1b55 
diff --git a/ipapython/dogtag.py b/ipapython/dogtag.py
7e1b55 
index 0503938fb9783d397cc7366339bb9fab48033985..8f0f0473ae313edb17e10de8b2ca7f43f231e706 100644
7e1b55 
--- a/ipapython/dogtag.py
7e1b55 
+++ b/ipapython/dogtag.py
7e1b55 
@@ -20,6 +20,7 @@
7e1b55 
 import collections
7e1b55 
 import gzip
7e1b55 
 import io
7e1b55 
+import json
7e1b55 
 import logging
7e1b55 
 from urllib.parse import urlencode
7e1b55 
 import xml.dom.minidom
7e1b55 
@@ -100,6 +101,10 @@ def get_ca_certchain(ca_host=None):
7e1b55 
         data = res.read()
7e1b55 
         conn.close()
7e1b55 
         try:
7e1b55 
+            doc = json.loads(data)
7e1b55 
+            chain = doc['Response']['ChainBase64']
7e1b55 
+        except (json.JSONDecodeError, KeyError):
7e1b55 
+            logger.debug("Response is not valid JSON, try XML")
7e1b55 
             doc = xml.dom.minidom.parseString(data)
7e1b55 
             try:
7e1b55 
                 item_node = doc.getElementsByTagName("ChainBase64")
7e1b55 
@@ -107,9 +112,9 @@ def get_ca_certchain(ca_host=None):
7e1b55 
             except IndexError:
7e1b55 
                 raise error_from_xml(
7e1b55 
                     doc, _("Retrieving CA cert chain failed: %s"))
7e1b55 
-        finally:
7e1b55 
-            if doc:
7e1b55 
-                doc.unlink()
7e1b55 
+            finally:
7e1b55 
+                if doc:
7e1b55 
+                    doc.unlink()
7e1b55 
     else:
7e1b55 
         raise errors.RemoteRetrieveError(
7e1b55 
             reason=_("request failed with HTTP status %d") % res.status)
7e1b55 
@@ -118,13 +123,18 @@ def get_ca_certchain(ca_host=None):
7e1b55
7e1b55
7e1b55 
 def _parse_ca_status(body):
7e1b55 
-    doc = xml.dom.minidom.parseString(body)
7e1b55 
     try:
7e1b55 
-        item_node = doc.getElementsByTagName("XMLResponse")[0]
7e1b55 
-        item_node = item_node.getElementsByTagName("Status")[0]
7e1b55 
-        return item_node.childNodes[0].data
7e1b55 
-    except IndexError:
7e1b55 
-        raise error_from_xml(doc, _("Retrieving CA status failed: %s"))
7e1b55 
+        doc = json.loads(body)
7e1b55 
+        return doc['Response']['Status']
7e1b55 
+    except (json.JSONDecodeError, KeyError):
7e1b55 
+        logger.debug("Response is not valid JSON, try XML")
7e1b55 
+        doc = xml.dom.minidom.parseString(body)
7e1b55 
+        try:
7e1b55 
+            item_node = doc.getElementsByTagName("XMLResponse")[0]
7e1b55 
+            item_node = item_node.getElementsByTagName("Status")[0]
7e1b55 
+            return item_node.childNodes[0].data
7e1b55 
+        except IndexError:
7e1b55 
+            raise error_from_xml(doc, _("Retrieving CA status failed: %s"))
7e1b55
7e1b55
7e1b55 
 def ca_status(ca_host=None):
7e1b55 
--
7e1b55 
2.31.1
7e1b55

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation