diff options
author | Jan Cholasta <jcholast@redhat.com> | 2013-09-25 08:33:35 +0000 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2013-10-04 10:27:23 +0200 |
commit | c123264ac77cd533a08978909f837c8f4d3e224e (patch) | |
tree | 965318ce39f7dcec2ff871b0fed07b810f2145d2 /install/tools/ipa-server-install | |
parent | 46b358811210ecb83e5ea092d0d0554c923b9823 (diff) | |
download | freeipa-c123264ac77cd533a08978909f837c8f4d3e224e.tar.gz freeipa-c123264ac77cd533a08978909f837c8f4d3e224e.tar.xz freeipa-c123264ac77cd533a08978909f837c8f4d3e224e.zip |
Read passwords from stdin when importing PKCS#12 files with pk12util.
This works around pk12util refusing to use empty password files, which prevents
the use of PKCS#12 files with empty password.
https://fedorahosted.org/freeipa/ticket/3897
Diffstat (limited to 'install/tools/ipa-server-install')
-rw-r--r-- | install/tools/ipa-server-install | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index cf8d3d01b..aa424c377 100644 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -882,8 +882,7 @@ def main(): confirm=False, validate=False) if options.http_pin is None: sys.exit("%s unlock password required" % options.http_pkcs12) - http_pin_file = ipautil.write_tmp_file(options.http_pin) - http_pkcs12_info = (options.http_pkcs12, http_pin_file.name) + http_pkcs12_info = (options.http_pkcs12, options.http_pin) http_cert_name = installutils.check_pkcs12( http_pkcs12_info, ca_file, host_name) @@ -894,8 +893,7 @@ def main(): confirm=False, validate=False) if options.dirsrv_pin is None: sys.exit("%s unlock password required" % options.dirsrv_pkcs12) - dirsrv_pin_file = ipautil.write_tmp_file(options.dirsrv_pin) - dirsrv_pkcs12_info = (options.dirsrv_pkcs12, dirsrv_pin_file.name) + dirsrv_pkcs12_info = (options.dirsrv_pkcs12, options.dirsrv_pin) dirsrv_cert_name = installutils.check_pkcs12( dirsrv_pkcs12_info, ca_file, host_name) @@ -906,8 +904,7 @@ def main(): confirm=False, validate=False) if options.pkinit_pin is None: sys.exit("%s unlock password required" % options.pkinit_pkcs12) - pkinit_pin_file = ipautil.write_tmp_file(options.pkinit_pin) - pkinit_pkcs12_info = (options.pkinit_pkcs12, pkinit_pin_file.name) + pkinit_pkcs12_info = (options.pkinit_pkcs12, options.pkinit_pin) if not options.dm_password: dm_password = read_dm_password() |