pgreco / rpms / ipa

Forked from forks/areguera/rpms/ipa 4 years ago
Clone
Blob Blame History Raw
From ed1c1626a607a5292c08836d13c32464d1b71859 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy@redhat.com>
Date: Mon, 9 Sep 2019 11:02:29 +0300
Subject: [PATCH] adtrust: avoid using timestamp in klist output

When parsing a keytab to copy keys to a different keytab, we don't need
the timestamp, so don't ask klist to output it. In some locales (en_IN,
for example), the timestamp is output in a single field without a space
between date and time. In other locales it can be represented with date
and time separated by a space.

Fixes: https://pagure.io/freeipa/issue/8066
Reviewed-By: Thomas Woerner <twoerner@redhat.com>
---
 ipaserver/install/plugins/adtrust.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/ipaserver/install/plugins/adtrust.py b/ipaserver/install/plugins/adtrust.py
index 28932e6c52..3b2e49bc05 100644
--- a/ipaserver/install/plugins/adtrust.py
+++ b/ipaserver/install/plugins/adtrust.py
@@ -721,7 +721,7 @@ def execute(self, **options):
 
 
 KeyEntry = namedtuple('KeyEntry',
-                      ['kvno', 'date', 'time', 'principal', 'etype', 'key'])
+                      ['kvno', 'principal', 'etype', 'key'])
 
 
 @register()
@@ -741,7 +741,7 @@ class update_host_cifs_keytabs(Updater):
     def extract_key_refs(self, keytab):
         host_princ = self.host_princ_template.format(
             master=self.api.env.host, realm=self.api.env.realm)
-        result = ipautil.run([paths.KLIST, "-etK", "-k", keytab],
+        result = ipautil.run([paths.KLIST, "-eK", "-k", keytab],
                              capture_output=True, raiseonerr=False,
                              nolog_output=True)
         if result.returncode != 0:
@@ -752,8 +752,8 @@ def extract_key_refs(self, keytab):
             if (host_princ in l and any(e in l for e in self.valid_etypes)):
 
                 els = l.split()
-                els[4] = els[4].strip('()')
-                els[5] = els[5].strip('()')
+                els[-2] = els[-2].strip('()')
+                els[-1] = els[-1].strip('()')
                 keys_to_sync.append(KeyEntry._make(els))
 
         return keys_to_sync