rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0061-Optimize-cert-remove-case.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   e3da654d7451ff5e27eca512159a216221a7f23f
  2.   SOURCES
  3.   0061-Optimize-cert-remove-case.patch
Blob History Raw
760a2f 
From 964a4d858e7f30e62691e6e0a1abdcd55cc68405 Mon Sep 17 00:00:00 2001
760a2f 
From: Christian Heimes <cheimes@redhat.com>
760a2f 
Date: Fri, 25 Jan 2019 16:18:59 +0100
760a2f 
Subject: [PATCH] Optimize cert remove case
760a2f
760a2f 
The cert_remove and mod subcommands for service and host now pass in the
760a2f 
name to cert_find() to benefit from special cases.
760a2f
760a2f 
See: https://pagure.io/freeipa/issue/7835
760a2f 
Signed-off-by: Christian Heimes <cheimes@redhat.com>
760a2f 
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
760a2f 
---
760a2f 
 ipaserver/plugins/host.py    | 8 ++++++--
760a2f 
 ipaserver/plugins/service.py | 7 +++++--
760a2f 
 2 files changed, 11 insertions(+), 4 deletions(-)
760a2f
760a2f 
diff --git a/ipaserver/plugins/host.py b/ipaserver/plugins/host.py
760a2f 
index 306105d67a58fd4343933349db70a1d786eaa4b2..c74a3e58f8af6b33e284ba54b5763a684d91bac3 100644
760a2f 
--- a/ipaserver/plugins/host.py
760a2f 
+++ b/ipaserver/plugins/host.py
760a2f 
@@ -899,7 +899,9 @@ class host_mod(LDAPUpdate):
760a2f 
             old_certs = entry_attrs_old.get('usercertificate', [])
760a2f 
             removed_certs = set(old_certs) - set(certs)
760a2f 
             for cert in removed_certs:
760a2f 
-                rm_certs = api.Command.cert_find(certificate=cert)['result']
760a2f 
+                rm_certs = api.Command.cert_find(
760a2f 
+                    certificate=cert,
760a2f 
+                    host=keys)['result']
760a2f 
                 revoke_certs(rm_certs)
760a2f
760a2f 
         if certs:
760a2f 
@@ -1335,7 +1337,9 @@ class host_remove_cert(LDAPRemoveAttributeViaOption):
760a2f 
         assert isinstance(dn, DN)
760a2f
760a2f 
         for cert in options.get('usercertificate', []):
760a2f 
-            revoke_certs(api.Command.cert_find(certificate=cert)['result'])
760a2f 
+            revoke_certs(api.Command.cert_find(
760a2f 
+                certificate=cert,
760a2f 
+                host=keys)['result'])
760a2f
760a2f 
         return dn
760a2f
760a2f 
diff --git a/ipaserver/plugins/service.py b/ipaserver/plugins/service.py
760a2f 
index be31f810275214eb28a3f6b7ed9e6dc8ec808ae0..d176adddff8d2590d64ba4059018606ff1eb8d48 100644
760a2f 
--- a/ipaserver/plugins/service.py
760a2f 
+++ b/ipaserver/plugins/service.py
760a2f 
@@ -703,7 +703,8 @@ class service_mod(LDAPUpdate):
760a2f 
             removed_certs = set(old_certs) - set(certs)
760a2f 
             for cert in removed_certs:
760a2f 
                 rm_certs = api.Command.cert_find(
760a2f 
-                    certificate=cert.public_bytes(x509.Encoding.DER))['result']
760a2f 
+                    certificate=cert.public_bytes(x509.Encoding.DER),
760a2f 
+                    service=keys)['result']
760a2f 
                 revoke_certs(rm_certs)
760a2f
760a2f 
         if certs:
760a2f 
@@ -983,7 +984,9 @@ class service_remove_cert(LDAPRemoveAttributeViaOption):
760a2f 
         assert isinstance(dn, DN)
760a2f
760a2f 
         for cert in options.get('usercertificate', []):
760a2f 
-            revoke_certs(api.Command.cert_find(certificate=cert)['result'])
760a2f 
+            revoke_certs(api.Command.cert_find(
760a2f 
+                certificate=cert,
760a2f 
+                service=keys)['result'])
760a2f
760a2f 
         return dn
760a2f
760a2f 
--
760a2f 
2.20.1
760a2f

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation