diff options
Diffstat (limited to 'base/server/python')
-rw-r--r-- | base/server/python/pki/server/__init__.py | 54 | ||||
-rw-r--r-- | base/server/python/pki/server/deployment/pkiparser.py | 18 |
2 files changed, 44 insertions, 28 deletions
diff --git a/base/server/python/pki/server/__init__.py b/base/server/python/pki/server/__init__.py index 2f0b5bdf0..b01c1ff75 100644 --- a/base/server/python/pki/server/__init__.py +++ b/base/server/python/pki/server/__init__.py @@ -415,40 +415,44 @@ class PKIInstance(object): def load(self): # load UID and GID - with open(self.registry_file, 'r') as registry: - lines = registry.readlines() + if os.path.exists(self.registry_file): - for line in lines: + with open(self.registry_file, 'r') as registry: + lines = registry.readlines() - m = re.search('^PKI_USER=(.*)$', line) - if m: - self.user = m.group(1) - self.uid = pwd.getpwnam(self.user).pw_uid + for line in lines: + m = re.search('^PKI_USER=(.*)$', line) + if m: + self.user = m.group(1) + self.uid = pwd.getpwnam(self.user).pw_uid - m = re.search('^PKI_GROUP=(.*)$', line) - if m: - self.group = m.group(1) - self.gid = grp.getgrnam(self.group).gr_gid + m = re.search('^PKI_GROUP=(.*)$', line) + if m: + self.group = m.group(1) + self.gid = grp.getgrnam(self.group).gr_gid # load passwords self.passwords.clear() - lines = open(self.password_conf).read().splitlines() + if os.path.exists(self.password_conf): - for line in lines: - parts = line.split('=', 1) - name = parts[0] - value = parts[1] - self.passwords[name] = value + lines = open(self.password_conf).read().splitlines() + + for line in lines: + parts = line.split('=', 1) + name = parts[0] + value = parts[1] + self.passwords[name] = value # load subsystems - for subsystem_name in os.listdir(self.registry_dir): - if subsystem_name in SUBSYSTEM_TYPES: - if subsystem_name in SUBSYSTEM_CLASSES: - subsystem = SUBSYSTEM_CLASSES[subsystem_name](self) - else: - subsystem = PKISubsystem(self, subsystem_name) - subsystem.load() - self.subsystems.append(subsystem) + if os.path.exists(self.registry_dir): + for subsystem_name in os.listdir(self.registry_dir): + if subsystem_name in SUBSYSTEM_TYPES: + if subsystem_name in SUBSYSTEM_CLASSES: + subsystem = SUBSYSTEM_CLASSES[subsystem_name](self) + else: + subsystem = PKISubsystem(self, subsystem_name) + subsystem.load() + self.subsystems.append(subsystem) def get_password(self, name): if name in self.passwords: diff --git a/base/server/python/pki/server/deployment/pkiparser.py b/base/server/python/pki/server/deployment/pkiparser.py index 7d4621555..80f3b55d3 100644 --- a/base/server/python/pki/server/deployment/pkiparser.py +++ b/base/server/python/pki/server/deployment/pkiparser.py @@ -570,9 +570,21 @@ class PKIConfigParser: pin_low = 100000000000 pin_high = 999999999999 - # use user-provided PIN if specified - if 'pki_pin' not in self.mdict: - # otherwise generate a random password + instance = pki.server.PKIInstance(self.mdict['pki_instance_name']) + instance.load() + + internal_password = self.mdict['pki_self_signed_token'] + + # if instance already exists and has password, reuse the password + if internal_password in instance.passwords: + self.mdict['pki_pin'] = instance.passwords.get(internal_password) + + # otherwise, use user-provided password if specified + elif 'pki_pin' in self.mdict: + pass + + # otherwise, generate a random password + else: self.mdict['pki_pin'] = \ random.randint(pin_low, pin_high) |