Added options for internal token and replication passwords.

The installation code has been modified such that the admin can optionally specify passwords for internal token and replication. Otherwise the code will generate random passwords like before. https://fedorahosted.org/pki/ticket/1354
author: Endi S. Dewata <edewata@redhat.com> 2015-05-06 16:19:19 -0400
committer: Endi S. Dewata <edewata@redhat.com> 2015-05-11 10:20:04 -0400
commit: 6ee510efe491b1e2afd7e9901eee690365fd8bbb (patch)
tree: d7c07b1380f92589adba578dff810744b17cbe52 /base/server/python/pki/server/deployment/pkiparser.py
parent: 7dca020819b7573cd05bd54482fb5d1afe9bb658 (diff)
download: pki-6ee510efe491b1e2afd7e9901eee690365fd8bbb.tar.gz
pki-6ee510efe491b1e2afd7e9901eee690365fd8bbb.tar.xz
pki-6ee510efe491b1e2afd7e9901eee690365fd8bbb.zip
1 files changed, 16 insertions, 6 deletions
diff --git a/base/server/python/pki/server/deployment/pkiparser.py b/base/server/python/pki/server/deployment/pkiparser.py
index 39cef9413..fe1a54a3a 100644
--- a/base/server/python/pki/server/deployment/pkiparser.py
+++ b/base/server/python/pki/server/deployment/pkiparser.py
@@ -327,10 +327,14 @@ class PKIConfigParser:
                 # means that we need to deal with escaping '%' characters
                 # that might be present.
                 no_interpolation = (
-                    'pki_admin_password', 'pki_backup_password',
+                    'pki_admin_password',
+                    'pki_backup_password',
                     'pki_client_database_password',
                     'pki_client_pkcs12_password',
-                    'pki_ds_password', 'pki_security_domain_password')
+                    'pki_ds_password',
+                    'pki_pin',
+                    'pki_replicationdb_password',
+                    'pki_security_domain_password')
 
                 print 'Loading deployment configuration from ' + \
                       config.user_deployment_cfg + '.'
@@ -552,18 +556,24 @@ class PKIConfigParser:
             self.mdict['pki_user_deployment_cfg'] = config.user_deployment_cfg
             self.mdict['pki_deployed_instance_name'] = \
                 config.pki_deployed_instance_name
+
+            self.flatten_master_dict()
+
             # Generate random 'pin's for use as security database passwords
             # and add these to the "sensitive" key value pairs read in from
             # the configuration file
             pin_low = 100000000000
             pin_high = 999999999999
-            self.mdict['pki_pin'] = \
-                random.randint(pin_low, pin_high)
+
+            # use user-provided PIN if specified
+            if not self.mdict['pki_pin']:
+                # otherwise generate a random password
+                self.mdict['pki_pin'] = \
+                    random.randint(pin_low, pin_high)
+
             self.mdict['pki_client_pin'] = \
                 random.randint(pin_low, pin_high)
 
-            self.flatten_master_dict()
-
             pkilogging.sensitive_parameters = \
                 self.mdict['sensitive_parameters'].split()
author	Endi S. Dewata <edewata@redhat.com>	2015-05-06 16:19:19 -0400
committer	Endi S. Dewata <edewata@redhat.com>	2015-05-11 10:20:04 -0400
commit	6ee510efe491b1e2afd7e9901eee690365fd8bbb (patch)
tree	d7c07b1380f92589adba578dff810744b17cbe52 /base/server/python/pki/server/deployment/pkiparser.py
parent	7dca020819b7573cd05bd54482fb5d1afe9bb658 (diff)
download	pki-6ee510efe491b1e2afd7e9901eee690365fd8bbb.tar.gz pki-6ee510efe491b1e2afd7e9901eee690365fd8bbb.tar.xz pki-6ee510efe491b1e2afd7e9901eee690365fd8bbb.zip