rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0057-Fix-the-order-of-cert-files-check.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   460745326ba253b5c4924b624dbc2f0714a2af42
  2.   SOURCES
  3.   0057-Fix-the-order-of-cert-files-check.patch
Blob History Raw
ac7d03 
From 9bc2481d6669906e105e1035a10cd81374464e5b Mon Sep 17 00:00:00 2001
ac7d03 
From: Stanislav Laznicka <slaznick@redhat.com>
ac7d03 
Date: Wed, 22 Mar 2017 17:10:56 +0100
ac7d03 
Subject: [PATCH] Fix the order of cert-files check
ac7d03
ac7d03 
Without this patch, if either of dirsrv_cert_files, http_cert_files
ac7d03 
or pkinit_cert_files is set along with no-pkinit, the user is first
ac7d03 
requested to add the remaining options and when they do that,
ac7d03 
they are told that they are using 'no-pkinit' along with
ac7d03 
'pkinit-cert-file'.
ac7d03
ac7d03 
https://pagure.io/freeipa/issue/6801
ac7d03
ac7d03 
Reviewed-By: Martin Basti <mbasti@redhat.com>
ac7d03 
---
ac7d03 
 ipaserver/install/server/__init__.py | 10 +++++-----
ac7d03 
 1 file changed, 5 insertions(+), 5 deletions(-)
ac7d03
ac7d03 
diff --git a/ipaserver/install/server/__init__.py b/ipaserver/install/server/__init__.py
ac7d03 
index 14f1ec48a1b8c7a520db69ffad378d488efa29cc..117f51c4ebfaeba51d3c85625cda0d0eee305696 100644
ac7d03 
--- a/ipaserver/install/server/__init__.py
ac7d03 
+++ b/ipaserver/install/server/__init__.py
ac7d03 
@@ -340,16 +340,16 @@ class ServerInstallInterface(ServerCertificateInstallInterface,
ac7d03 
         cert_file_opt = (self.pkinit_cert_files,)
ac7d03 
         if not self.no_pkinit:
ac7d03 
             cert_file_req += cert_file_opt
ac7d03 
-        if any(cert_file_req + cert_file_opt) and not all(cert_file_req):
ac7d03 
-            raise RuntimeError(
ac7d03 
-                "--dirsrv-cert-file, --http-cert-file, and --pkinit-cert-file "
ac7d03 
-                "or --no-pkinit are required if any key file options are used."
ac7d03 
-            )
ac7d03 
         if self.no_pkinit and self.pkinit_cert_files:
ac7d03 
             raise RuntimeError(
ac7d03 
                 "--no-pkinit and --pkinit-cert-file cannot be specified "
ac7d03 
                 "together"
ac7d03 
             )
ac7d03 
+        if any(cert_file_req + cert_file_opt) and not all(cert_file_req):
ac7d03 
+            raise RuntimeError(
ac7d03 
+                "--dirsrv-cert-file, --http-cert-file, and --pkinit-cert-file "
ac7d03 
+                "or --no-pkinit are required if any key file options are used."
ac7d03 
+            )
ac7d03
ac7d03 
         if not self.interactive:
ac7d03 
             if self.dirsrv_cert_files and self.dirsrv_pin is None:
ac7d03 
--
ac7d03 
2.12.2
ac7d03

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation