403b09
From 620dced81e4ef95522fcaf50c0b3e060f911754f Mon Sep 17 00:00:00 2001
403b09
From: Jan Cholasta <jcholast@redhat.com>
403b09
Date: Tue, 16 Aug 2016 17:34:06 +0200
403b09
Subject: [PATCH] server install: do not prompt for cert file PIN repeatedly
403b09
403b09
Prompt for PIN only once in interactive mode.
403b09
403b09
This fixes ipa-server-install, ipa-server-certinstall and
403b09
ipa-replica-prepare prompting over and over when the PIN is empty.
403b09
403b09
https://fedorahosted.org/freeipa/ticket/6032
403b09
403b09
Reviewed-By: Pavel Vomacka <pvomacka@redhat.com>
403b09
---
403b09
 ipaserver/install/ipa_replica_prepare.py    | 6 +++---
403b09
 ipaserver/install/ipa_server_certinstall.py | 3 ++-
403b09
 ipaserver/install/server/install.py         | 6 +++---
403b09
 3 files changed, 8 insertions(+), 7 deletions(-)
403b09
403b09
diff --git a/ipaserver/install/ipa_replica_prepare.py b/ipaserver/install/ipa_replica_prepare.py
403b09
index fdd32f0c8437a0d8c3947d57089662ea09bb2304..80813086c6a7212bdb6ef9d54202b28808b80076 100644
403b09
--- a/ipaserver/install/ipa_replica_prepare.py
403b09
+++ b/ipaserver/install/ipa_replica_prepare.py
403b09
@@ -303,7 +303,7 @@ class ReplicaPrepare(admintool.AdminTool):
403b09
             if options.http_pin is None:
403b09
                 options.http_pin = installutils.read_password(
403b09
                     "Enter Apache Server private key unlock",
403b09
-                    confirm=False, validate=False)
403b09
+                    confirm=False, validate=False, retry=False)
403b09
                 if options.http_pin is None:
403b09
                     raise admintool.ScriptError(
403b09
                         "Apache Server private key unlock password required")
403b09
@@ -317,7 +317,7 @@ class ReplicaPrepare(admintool.AdminTool):
403b09
             if options.dirsrv_pin is None:
403b09
                 options.dirsrv_pin = installutils.read_password(
403b09
                     "Enter Directory Server private key unlock",
403b09
-                    confirm=False, validate=False)
403b09
+                    confirm=False, validate=False, retry=False)
403b09
                 if options.dirsrv_pin is None:
403b09
                     raise admintool.ScriptError(
403b09
                         "Directory Server private key unlock password required")
403b09
@@ -331,7 +331,7 @@ class ReplicaPrepare(admintool.AdminTool):
403b09
             if options.pkinit_pin is None:
403b09
                 options.pkinit_pin = installutils.read_password(
403b09
                     "Enter Kerberos KDC private key unlock",
403b09
-                    confirm=False, validate=False)
403b09
+                    confirm=False, validate=False, retry=False)
403b09
                 if options.pkinit_pin is None:
403b09
                     raise admintool.ScriptError(
403b09
                         "Kerberos KDC private key unlock password required")
403b09
diff --git a/ipaserver/install/ipa_server_certinstall.py b/ipaserver/install/ipa_server_certinstall.py
403b09
index 5ab47303add479c7c492c251b0cf6646de681a4b..0a8fb214a232e60a89b6c06940b928f97c007b93 100644
403b09
--- a/ipaserver/install/ipa_server_certinstall.py
403b09
+++ b/ipaserver/install/ipa_server_certinstall.py
403b09
@@ -92,7 +92,8 @@ class ServerCertInstall(admintool.AdminTool):
403b09
 
403b09
         if self.options.pin is None:
403b09
             self.options.pin = installutils.read_password(
403b09
-                "Enter private key unlock", confirm=False, validate=False)
403b09
+                "Enter private key unlock",
403b09
+                confirm=False, validate=False, retry=False)
403b09
             if self.options.pin is None:
403b09
                 raise admintool.ScriptError(
403b09
                     "Private key unlock password required")
403b09
diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py
403b09
index 86b8402750b503ea7dacd1f4c59c82d9bd4082e6..b33b0243d4d909a561b59d93f0014c390146b333 100644
403b09
--- a/ipaserver/install/server/install.py
403b09
+++ b/ipaserver/install/server/install.py
403b09
@@ -488,7 +488,7 @@ def install_check(installer):
403b09
         if options.http_pin is None:
403b09
             options.http_pin = installutils.read_password(
403b09
                 "Enter Apache Server private key unlock",
403b09
-                confirm=False, validate=False)
403b09
+                confirm=False, validate=False, retry=False)
403b09
             if options.http_pin is None:
403b09
                 sys.exit(
403b09
                     "Apache Server private key unlock password required")
403b09
@@ -504,7 +504,7 @@ def install_check(installer):
403b09
         if options.dirsrv_pin is None:
403b09
             options.dirsrv_pin = read_password(
403b09
                 "Enter Directory Server private key unlock",
403b09
-                confirm=False, validate=False)
403b09
+                confirm=False, validate=False, retry=False)
403b09
             if options.dirsrv_pin is None:
403b09
                 sys.exit(
403b09
                     "Directory Server private key unlock password required")
403b09
@@ -520,7 +520,7 @@ def install_check(installer):
403b09
         if options.pkinit_pin is None:
403b09
             options.pkinit_pin = read_password(
403b09
                 "Enter Kerberos KDC private key unlock",
403b09
-                confirm=False, validate=False)
403b09
+                confirm=False, validate=False, retry=False)
403b09
             if options.pkinit_pin is None:
403b09
                 sys.exit(
403b09
                     "Kerberos KDC private key unlock password required")
403b09
-- 
403b09
2.9.3
403b09