From 61b5a76bcd856d679f05c5f5f12f770cc6826783 Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka <slaznick@redhat.com>
Date: Thu, 20 Apr 2017 10:09:05 +0200
Subject: [PATCH] Fix CAInstance.import_ra_cert for empty passwords
OpenSSL can't cope with empty files, add a newline after each password
https://pagure.io/freeipa/issue/6878
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
---
ipaserver/install/cainstance.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index 640d2884130dd152012e50dde45514f5ca26a523..0672bccf79d7cc6133fdb20f0854366306bfc2e0 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -687,7 +687,7 @@ class CAInstance(DogtagInstance):
Used when setting up replication
"""
- with ipautil.write_tmp_file(password) as f:
+ with ipautil.write_tmp_file(password + '\n') as f:
pwdarg = 'file:{file}'.format(file=f.name)
# get the private key from the file
ipautil.run([paths.OPENSSL,
--
2.12.2