Commit 15591d92 authored by Gary Wong's avatar Gary Wong

Be more robust about unexpected nodes in XML credentials.

parent dde47fa2
......@@ -68,6 +68,10 @@ def Lookup( node, name ):
if len( cnodes ) != 1:
print >> sys.stderr, sys.argv[ 0 ] + ": invalid credential\n"
if debug:
print >> sys.stderr, "(Element \"" + name + "\" was found",
print >> sys.stderr, str( len( cnodes ) ) + " times (expected once)"
sys.exit( 1 )
return cnodes[ 0 ]
......@@ -184,7 +188,8 @@ for n in old.childNodes:
clone = n.cloneNode( True )
c.appendChild( clone )
for child in clone.childNodes:
if Lookup( child, "can_delegate" ).firstChild.nodeValue == "0":
if child.nodeName in ( "privilege", "capability" ) and \
Lookup( child, "can_delegate" ).firstChild.nodeValue == "0":
# a privilege which cannot be delegated: delete it
# from the clone
clone.removeChild( child )
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment