diff options
author | Endi S. Dewata <edewata@redhat.com> | 2016-03-30 17:23:06 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2016-04-02 08:24:57 +0200 |
commit | 7ea76edd0bf1af7607cae13c6ce6d60675c361a4 (patch) | |
tree | 51b31628005f843f4d1575dbeef00b7b070f4232 /base/server/python/pki/server/deployment/pkiparser.py | |
parent | 1bbb28fb2f0cbc023b7182d42b3def0891d34b47 (diff) | |
download | pki-7ea76edd0bf1af7607cae13c6ce6d60675c361a4.tar.gz pki-7ea76edd0bf1af7607cae13c6ce6d60675c361a4.tar.xz pki-7ea76edd0bf1af7607cae13c6ce6d60675c361a4.zip |
Fixed KRA install problem.branch-10.2.7-dev1
Currently when installing an additional subsystem to an existing
instance the install tool always generates a new random password in
the pki_pin property which would not work with the existing NSS
database. The code has been modified to load the existing NSS
database password from the instance if the instance already exists.
The PKIInstance class has been modified to allow loading partially
created instance to help the installation.
https://fedorahosted.org/pki/ticket/2247
Diffstat (limited to 'base/server/python/pki/server/deployment/pkiparser.py')
-rw-r--r-- | base/server/python/pki/server/deployment/pkiparser.py | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/base/server/python/pki/server/deployment/pkiparser.py b/base/server/python/pki/server/deployment/pkiparser.py index 7749c5888..31d93d0f6 100644 --- a/base/server/python/pki/server/deployment/pkiparser.py +++ b/base/server/python/pki/server/deployment/pkiparser.py @@ -571,9 +571,21 @@ class PKIConfigParser: pin_low = 100000000000 pin_high = 999999999999 - # use user-provided PIN if specified - if 'pki_pin' not in self.mdict: - # otherwise generate a random password + instance = pki.server.PKIInstance(self.mdict['pki_instance_name']) + instance.load() + + internal_password = self.mdict['pki_self_signed_token'] + + # if instance already exists and has password, reuse the password + if internal_password in instance.passwords: + self.mdict['pki_pin'] = instance.passwords.get(internal_password) + + # otherwise, use user-provided password if specified + elif 'pki_pin' in self.mdict: + pass + + # otherwise, generate a random password + else: self.mdict['pki_pin'] = \ random.randint(pin_low, pin_high) |