[Pki-devel] [PATCH] 603 Fixed overwritten deployment property.
Endi Sukma Dewata
edewata at redhat.com
Fri May 29 19:20:52 UTC 2015
The deployment tool has been modified to avoid overwriting the
property default value by moving the assignment after all the
properties are added.
https://fedorahosted.org/pki/ticket/1393
--
Endi S. Dewata
-------------- next part --------------
From 64398077fa639032d820dd379c9ecefffbb79bf7 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata at redhat.com>
Date: Fri, 29 May 2015 15:04:40 -0400
Subject: [PATCH] Fixed overwritten deployment property.
The deployment tool has been modified to avoid overwriting the
property default value by moving the assignment after all the
properties are added.
https://fedorahosted.org/pki/ticket/1393
---
base/server/python/pki/server/deployment/pkiparser.py | 6 ------
base/server/sbin/pkispawn | 17 +++++++++++++++++
2 files changed, 17 insertions(+), 6 deletions(-)
diff --git a/base/server/python/pki/server/deployment/pkiparser.py b/base/server/python/pki/server/deployment/pkiparser.py
index fe1a54a3ade302a201372287cd43c9058436f917..8ed6452a5b21d620db5020c404ca1e9ffa9172b0 100644
--- a/base/server/python/pki/server/deployment/pkiparser.py
+++ b/base/server/python/pki/server/deployment/pkiparser.py
@@ -565,12 +565,6 @@ class PKIConfigParser:
pin_low = 100000000000
pin_high = 999999999999
- # use user-provided PIN if specified
- if not self.mdict['pki_pin']:
- # otherwise generate a random password
- self.mdict['pki_pin'] = \
- random.randint(pin_low, pin_high)
-
self.mdict['pki_client_pin'] = \
random.randint(pin_low, pin_high)
diff --git a/base/server/sbin/pkispawn b/base/server/sbin/pkispawn
index d4cfe05d73d1b08e98d6db6569fa6918bd0ae2dc..b4bb4d18f3eef06e80231cb25307def2177d9dc3 100755
--- a/base/server/sbin/pkispawn
+++ b/base/server/sbin/pkispawn
@@ -20,6 +20,7 @@
#
# System Imports
+import random
import sys
import signal
@@ -570,6 +571,22 @@ def main(argv):
print('ERROR: Unable to access security domain: ' + str(e))
sys.exit(1)
+ ######################################################################
+ # Default values (e.g. pki_pin) should be assigned after all
+ # properties are added using set_property(). Otherwise, they may get
+ # overwritten in flatten_master_dict().
+ ######################################################################
+
+ # Generate random PIN for use as security database password
+ pin_low = 100000000000
+ pin_high = 999999999999
+
+ # use user-provided PIN if specified
+ if not parser.mdict['pki_pin']:
+ # otherwise generate a random password
+ parser.mdict['pki_pin'] = \
+ random.randint(pin_low, pin_high)
+
print "Installing " + config.pki_subsystem + " into " + \
parser.mdict['pki_instance_path'] + "."
--
1.9.3
More information about the Pki-devel
mailing list