From 95a8519afa82707c8d3b2e60f65cbc4d79d144e2 Mon Sep 17 00:00:00 2001 From: Jan Cholasta Date: Wed, 7 Sep 2016 08:06:10 +0200 Subject: [PATCH] cert: fix cert-find --certificate when the cert is not in LDAP Always return the cert specified in --certificate in cert-find result, even when the cert is not found in LDAP. https://fedorahosted.org/freeipa/ticket/6304 Reviewed-By: David Kupka --- ipaserver/plugins/cert.py | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/ipaserver/plugins/cert.py b/ipaserver/plugins/cert.py index 6495bf1491f939a032fad03fe4ef86839c0575ef..00bae4560d601e28e0b983786bff9144bcc1b065 100644 --- a/ipaserver/plugins/cert.py +++ b/ipaserver/plugins/cert.py @@ -1142,17 +1142,15 @@ class cert_find(Search, CertMethod): rule) filters.append(filter) - cert = options.get('certificate') - if cert is not None: - filter = ldap.make_filter_from_attr('usercertificate', cert) - filters.append(filter) - result = collections.OrderedDict() complete = bool(filters) - if cert is None: + cert = options.get('certificate') + if cert is not None: + filter = ldap.make_filter_from_attr('usercertificate', cert) + else: filter = '(usercertificate=*)' - filters.append(filter) + filters.append(filter) filter = ldap.combine_filters(filters, ldap.MATCH_ALL) try: -- 2.7.4