diff options
author | Abhijeet Kasurde <akasurde@redhat.com> | 2016-06-30 15:18:24 +0530 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2016-07-01 01:42:21 +0200 |
commit | 99a93af1ca5cce26d625ce7cee07dab4a890f1be (patch) | |
tree | a8eb8d3fbb2d1d21308bdaafedb75db389fa6412 | |
parent | 1913ff38f04dd27641f23cb76b13cb4806720946 (diff) | |
download | pki-99a93af1ca5cce26d625ce7cee07dab4a890f1be.tar.gz pki-99a93af1ca5cce26d625ce7cee07dab4a890f1be.tar.xz pki-99a93af1ca5cce26d625ce7cee07dab4a890f1be.zip |
Added condition for checking instance id in kra commands
Partially Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1351295
-rw-r--r-- | base/java-tools/bin/pki | 5 | ||||
-rw-r--r-- | base/server/python/pki/server/__init__.py | 2 | ||||
-rw-r--r-- | base/server/python/pki/server/cli/kra.py | 23 | ||||
-rw-r--r-- | base/server/sbin/pki-server | 13 |
4 files changed, 36 insertions, 7 deletions
diff --git a/base/java-tools/bin/pki b/base/java-tools/bin/pki index c9170831b..6104a5f76 100644 --- a/base/java-tools/bin/pki +++ b/base/java-tools/bin/pki @@ -261,7 +261,6 @@ if __name__ == '__main__': except subprocess.CalledProcessError as e: if cli.verbose: - print('ERROR: %s' % e) - elif cli.debug: traceback.print_exc() - exit(e.returncode) + print('ERROR: %s' % e) + sys.exit(e.returncode) diff --git a/base/server/python/pki/server/__init__.py b/base/server/python/pki/server/__init__.py index 454408f6a..87303cd56 100644 --- a/base/server/python/pki/server/__init__.py +++ b/base/server/python/pki/server/__init__.py @@ -562,7 +562,7 @@ class PKIInstance(object): def get_token_password(self, token='internal'): # determine the password name for the token - if token.lower() in ['internal', 'internal key storage token']: + if not token or token.lower() in ['internal', 'internal key storage token']: name = 'internal' else: diff --git a/base/server/python/pki/server/cli/kra.py b/base/server/python/pki/server/cli/kra.py index b4f0df43f..676d1f511 100644 --- a/base/server/python/pki/server/cli/kra.py +++ b/base/server/python/pki/server/cli/kra.py @@ -132,9 +132,15 @@ class KRAClonePrepareCLI(pki.cli.CLI): sys.exit(1) instance = pki.server.PKIInstance(instance_name) + if not instance.is_valid(): + print('ERROR: Invalid instance %s.' % instance_name) + sys.exit(1) instance.load() subsystem = instance.get_subsystem('kra') + if not subsystem: + print('ERROR: No KRA subsystem in instance %s.' % instance_name) + sys.exit(1) tmpdir = tempfile.mkdtemp() @@ -151,6 +157,7 @@ class KRAClonePrepareCLI(pki.cli.CLI): 'storage', pkcs12_file, pkcs12_password_file) subsystem.export_system_cert( 'audit_signing', pkcs12_file, pkcs12_password_file) + instance.export_external_certs(pkcs12_file, pkcs12_password_file) finally: @@ -235,12 +242,15 @@ class KRADBVLVFindCLI(pki.cli.CLI): sys.exit(1) instance = pki.server.PKIInstance(instance_name) + if not instance.is_valid(): + print('ERROR: Invalid instance %s.' % instance_name) + sys.exit(1) instance.load() subsystem = instance.get_subsystem('kra') - if not subsystem: - raise Exception('Subsystem not found') + print('ERROR: No KRA subsystem in instance %s.' % instance_name) + sys.exit(1) self.find_vlv(subsystem, bind_dn, bind_password) @@ -347,6 +357,9 @@ class KRADBVLVAddCLI(pki.cli.CLI): sys.exit(1) instance = pki.server.PKIInstance(instance_name) + if not instance.is_valid(): + print('ERROR: Invalid instance %s.' % instance_name) + sys.exit(1) instance.load() self.add_vlv(instance, bind_dn, bind_password) @@ -442,6 +455,9 @@ class KRADBVLVDeleteCLI(pki.cli.CLI): sys.exit(1) instance = pki.server.PKIInstance(instance_name) + if not instance.is_valid(): + print('ERROR: Invalid instance %s.' % instance_name) + sys.exit(1) instance.load() self.delete_vlv(instance, bind_dn, bind_password) @@ -557,6 +573,9 @@ class KRADBVLVReindexCLI(pki.cli.CLI): sys.exit(1) instance = pki.server.PKIInstance(instance_name) + if not instance.is_valid(): + print('ERROR: Invalid instance %s.' % instance_name) + sys.exit(1) instance.load() self.reindex_vlv(instance, bind_dn, bind_password) diff --git a/base/server/sbin/pki-server b/base/server/sbin/pki-server index cd00de0ba..cea62b7e4 100644 --- a/base/server/sbin/pki-server +++ b/base/server/sbin/pki-server @@ -22,7 +22,9 @@ from __future__ import absolute_import from __future__ import print_function import getopt +import subprocess import sys +import traceback import pki.cli import pki.server.cli.ca @@ -103,5 +105,14 @@ class PKIServerCLI(pki.cli.CLI): if __name__ == '__main__': + cli = PKIServerCLI() - cli.execute(sys.argv) + + try: + cli.execute(sys.argv) + + except subprocess.CalledProcessError as e: + if cli.verbose: + traceback.print_exc() + print('ERROR: %s' % e) + sys.exit(e.returncode) |