internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-03-26 21:33:05 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #1348 from abbra/fix-cert-iteration

Browse Source 
Fix CA certificates iteration
This commit is contained in:
Thomas Woerner
2025-04-17 14:48:51 +02:00
committed by GitHub
parent 329c16f742 34dc75802c
commit edbdd3af79
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
roles/ipaclient/library/ipaclient_setup_nss.py
View File

@@ -340,17 +340,19 @@ def main():
ca_subject) ca_subject)
ca_certs_trust = [(c, n, ca_certs_trust = [(c, n,
certstore.key_policy_to_trust_flags(t, True, u)) certstore.key_policy_to_trust_flags(t, True, u))
for (c, n, t, u) in ca_certs] for (c, n, t, u) in [x[0:4] for x in ca_certs]]
if hasattr(paths, "KDC_CA_BUNDLE_PEM"): if hasattr(paths, "KDC_CA_BUNDLE_PEM"):
x509.write_certificate_list( x509.write_certificate_list(
[c for c, n, t, u in ca_certs if t is not False], [c for c, n, t, u in [x[0:4] for x in ca_certs]
if t is not False],
paths.KDC_CA_BUNDLE_PEM, paths.KDC_CA_BUNDLE_PEM,
# mode=0o644 # mode=0o644
) )
if hasattr(paths, "CA_BUNDLE_PEM"): if hasattr(paths, "CA_BUNDLE_PEM"):
x509.write_certificate_list( x509.write_certificate_list(
[c for c, n, t, u in ca_certs if t is not False], [c for c, n, t, u in [x[0:4] for x in ca_certs]
if t is not False],
paths.CA_BUNDLE_PEM, paths.CA_BUNDLE_PEM,
# mode=0o644 # mode=0o644
) )