URL: https://github.com/freeipa/freeipa/pull/524 Author: tiran Title: #524: Remove NSPRError exception from platform tasks Action: synchronized
To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/524/head:pr524 git checkout pr524
From 44ab7a6f56c3838dacb08156818ba641390ef38b Mon Sep 17 00:00:00 2001 From: Christian Heimes <chei...@redhat.com> Date: Wed, 1 Mar 2017 11:19:08 +0100 Subject: [PATCH] Remove NSPRError exception from platform tasks ipalib.x509 no longer raises NSPRError. PyCA cryptography raises ValueError for invalid certs. https://fedorahosted.org/freeipa/ticket/5695 Signed-off-by: Christian Heimes <chei...@redhat.com> --- ipaplatform/redhat/tasks.py | 11 +++++------ ipaplatform/setup.py | 1 - 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/ipaplatform/redhat/tasks.py b/ipaplatform/redhat/tasks.py index 123595e..018e0bb 100644 --- a/ipaplatform/redhat/tasks.py +++ b/ipaplatform/redhat/tasks.py @@ -33,18 +33,17 @@ import traceback import errno -from cffi import FFI from ctypes.util import find_library from functools import total_ordering - from subprocess import CalledProcessError -from nss.error import NSPRError + +from cffi import FFI from pyasn1.error import PyAsn1Error from six.moves import urllib from ipapython.ipa_log_manager import root_logger, log_mgr from ipapython import ipautil -import ipapython.errors +from ipapython import errors from ipaplatform.constants import constants from ipaplatform.paths import paths @@ -252,7 +251,7 @@ def insert_ca_certs_into_systemwide_ca_store(self, ca_certs): issuer = x509.get_der_issuer(cert, x509.DER) serial_number = x509.get_der_serial_number(cert, x509.DER) public_key_info = x509.get_der_public_key_info(cert, x509.DER) - except (NSPRError, PyAsn1Error, ValueError) as e: + except (PyAsn1Error, ValueError, errors.CertificateError) as e: root_logger.warning( "Failed to decode certificate \"%s\": %s", nickname, e) continue @@ -407,7 +406,7 @@ def get_setsebool_args(changes): failed_vars.update(updated_vars) if failed_vars: - raise ipapython.errors.SetseboolError( + raise errors.SetseboolError( failed=failed_vars, command=' '.join(get_setsebool_args(failed_vars))) diff --git a/ipaplatform/setup.py b/ipaplatform/setup.py index 6637830..501e2bc 100644 --- a/ipaplatform/setup.py +++ b/ipaplatform/setup.py @@ -45,7 +45,6 @@ # "ipalib", # circular dependency "ipapython", "pyasn1", - "python-nss", "six", ], )
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
