summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--base/server/python/pki/server/__init__.py54
-rw-r--r--base/server/python/pki/server/deployment/pkiparser.py18
2 files changed, 44 insertions, 28 deletions
diff --git a/base/server/python/pki/server/__init__.py b/base/server/python/pki/server/__init__.py
index 27746cf25..ee237b673 100644
--- a/base/server/python/pki/server/__init__.py
+++ b/base/server/python/pki/server/__init__.py
@@ -425,42 +425,46 @@ class PKIInstance(object):
def load(self):
# load UID and GID
- with open(self.registry_file, 'r') as registry:
- lines = registry.readlines()
+ if os.path.exists(self.registry_file):
- for line in lines:
+ with open(self.registry_file, 'r') as registry:
+ lines = registry.readlines()
- m = re.search('^PKI_USER=(.*)$', line)
- if m:
- self.user = m.group(1)
- self.uid = pwd.getpwnam(self.user).pw_uid
+ for line in lines:
+ m = re.search('^PKI_USER=(.*)$', line)
+ if m:
+ self.user = m.group(1)
+ self.uid = pwd.getpwnam(self.user).pw_uid
- m = re.search('^PKI_GROUP=(.*)$', line)
- if m:
- self.group = m.group(1)
- self.gid = grp.getgrnam(self.group).gr_gid
+ m = re.search('^PKI_GROUP=(.*)$', line)
+ if m:
+ self.group = m.group(1)
+ self.gid = grp.getgrnam(self.group).gr_gid
# load passwords
self.passwords.clear()
- lines = open(self.password_conf).read().splitlines()
+ if os.path.exists(self.password_conf):
- for line in lines:
- parts = line.split('=', 1)
- name = parts[0]
- value = parts[1]
- self.passwords[name] = value
+ lines = open(self.password_conf).read().splitlines()
+
+ for line in lines:
+ parts = line.split('=', 1)
+ name = parts[0]
+ value = parts[1]
+ self.passwords[name] = value
self.load_external_certs(self.external_certs_conf)
# load subsystems
- for subsystem_name in os.listdir(self.registry_dir):
- if subsystem_name in SUBSYSTEM_TYPES:
- if subsystem_name in SUBSYSTEM_CLASSES:
- subsystem = SUBSYSTEM_CLASSES[subsystem_name](self)
- else:
- subsystem = PKISubsystem(self, subsystem_name)
- subsystem.load()
- self.subsystems.append(subsystem)
+ if os.path.exists(self.registry_dir):
+ for subsystem_name in os.listdir(self.registry_dir):
+ if subsystem_name in SUBSYSTEM_TYPES:
+ if subsystem_name in SUBSYSTEM_CLASSES:
+ subsystem = SUBSYSTEM_CLASSES[subsystem_name](self)
+ else:
+ subsystem = PKISubsystem(self, subsystem_name)
+ subsystem.load()
+ self.subsystems.append(subsystem)
def load_external_certs(self, conf_file):
self.external_certs = PKIInstance.read_external_certs(conf_file)
diff --git a/base/server/python/pki/server/deployment/pkiparser.py b/base/server/python/pki/server/deployment/pkiparser.py
index 7749c5888..31d93d0f6 100644
--- a/base/server/python/pki/server/deployment/pkiparser.py
+++ b/base/server/python/pki/server/deployment/pkiparser.py
@@ -571,9 +571,21 @@ class PKIConfigParser:
pin_low = 100000000000
pin_high = 999999999999
- # use user-provided PIN if specified
- if 'pki_pin' not in self.mdict:
- # otherwise generate a random password
+ instance = pki.server.PKIInstance(self.mdict['pki_instance_name'])
+ instance.load()
+
+ internal_password = self.mdict['pki_self_signed_token']
+
+ # if instance already exists and has password, reuse the password
+ if internal_password in instance.passwords:
+ self.mdict['pki_pin'] = instance.passwords.get(internal_password)
+
+ # otherwise, use user-provided password if specified
+ elif 'pki_pin' in self.mdict:
+ pass
+
+ # otherwise, generate a random password
+ else:
self.mdict['pki_pin'] = \
random.randint(pin_low, pin_high)
generated by cgit (git 2.34.1) at 2024-04-19 00:00:05 +0000