Blob Blame History Raw
From 61b5a76bcd856d679f05c5f5f12f770cc6826783 Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka <slaznick@redhat.com>
Date: Thu, 20 Apr 2017 10:09:05 +0200
Subject: [PATCH] Fix CAInstance.import_ra_cert for empty passwords

OpenSSL can't cope with empty files, add a newline after each password

https://pagure.io/freeipa/issue/6878

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
---
 ipaserver/install/cainstance.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index 640d2884130dd152012e50dde45514f5ca26a523..0672bccf79d7cc6133fdb20f0854366306bfc2e0 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -687,7 +687,7 @@ class CAInstance(DogtagInstance):
 
         Used when setting up replication
         """
-        with ipautil.write_tmp_file(password) as f:
+        with ipautil.write_tmp_file(password + '\n') as f:
             pwdarg = 'file:{file}'.format(file=f.name)
             # get the private key from the file
             ipautil.run([paths.OPENSSL,
-- 
2.12.2