[Freeipa-devel] [PATCH 688] server install: do not prompt for cert file PIN repeatedly

Wed, 17 Aug 2016 01:21:08 -0700 

Hi,

the attached patch fixes <https://fedorahosted.org/freeipa/ticket/6032>.

Honza

--
Jan Cholasta

From 5dc9e3a60dcdec0d9cd00bfc8819c1c01e2c4e0f Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jchol...@redhat.com>
Date: Tue, 16 Aug 2016 17:34:06 +0200
Subject: [PATCH] server install: do not prompt for cert file PIN repeatedly

Prompt for PIN only once in interactive mode.

This fixes ipa-server-install, ipa-server-certinstall and
ipa-replica-prepare prompting over and over when the PIN is empty.

https://fedorahosted.org/freeipa/ticket/6032
---
 ipaserver/install/ipa_replica_prepare.py    | 6 +++---
 ipaserver/install/ipa_server_certinstall.py | 3 ++-
 ipaserver/install/server/install.py         | 6 +++---
 3 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/ipaserver/install/ipa_replica_prepare.py b/ipaserver/install/ipa_replica_prepare.py
index a6f0f1e..9467276 100644
--- a/ipaserver/install/ipa_replica_prepare.py
+++ b/ipaserver/install/ipa_replica_prepare.py
@@ -307,7 +307,7 @@ class ReplicaPrepare(admintool.AdminTool):
             if options.http_pin is None:
                 options.http_pin = installutils.read_password(
                     "Enter Apache Server private key unlock",
-                    confirm=False, validate=False)
+                    confirm=False, validate=False, retry=False)
                 if options.http_pin is None:
                     raise admintool.ScriptError(
                         "Apache Server private key unlock password required")
@@ -321,7 +321,7 @@ class ReplicaPrepare(admintool.AdminTool):
             if options.dirsrv_pin is None:
                 options.dirsrv_pin = installutils.read_password(
                     "Enter Directory Server private key unlock",
-                    confirm=False, validate=False)
+                    confirm=False, validate=False, retry=False)
                 if options.dirsrv_pin is None:
                     raise admintool.ScriptError(
                         "Directory Server private key unlock password required")
@@ -335,7 +335,7 @@ class ReplicaPrepare(admintool.AdminTool):
             if options.pkinit_pin is None:
                 options.pkinit_pin = installutils.read_password(
                     "Enter Kerberos KDC private key unlock",
-                    confirm=False, validate=False)
+                    confirm=False, validate=False, retry=False)
                 if options.pkinit_pin is None:
                     raise admintool.ScriptError(
                         "Kerberos KDC private key unlock password required")
diff --git a/ipaserver/install/ipa_server_certinstall.py b/ipaserver/install/ipa_server_certinstall.py
index 5ab4730..0a8fb21 100644
--- a/ipaserver/install/ipa_server_certinstall.py
+++ b/ipaserver/install/ipa_server_certinstall.py
@@ -92,7 +92,8 @@ class ServerCertInstall(admintool.AdminTool):
 
         if self.options.pin is None:
             self.options.pin = installutils.read_password(
-                "Enter private key unlock", confirm=False, validate=False)
+                "Enter private key unlock",
+                confirm=False, validate=False, retry=False)
             if self.options.pin is None:
                 raise admintool.ScriptError(
                     "Private key unlock password required")
diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py
index 8dc7a68..8d7fa9c 100644
--- a/ipaserver/install/server/install.py
+++ b/ipaserver/install/server/install.py
@@ -488,7 +488,7 @@ def install_check(installer):
         if options.http_pin is None:
             options.http_pin = installutils.read_password(
                 "Enter Apache Server private key unlock",
-                confirm=False, validate=False)
+                confirm=False, validate=False, retry=False)
             if options.http_pin is None:
                 raise ScriptError(
                     "Apache Server private key unlock password required")
@@ -504,7 +504,7 @@ def install_check(installer):
         if options.dirsrv_pin is None:
             options.dirsrv_pin = read_password(
                 "Enter Directory Server private key unlock",
-                confirm=False, validate=False)
+                confirm=False, validate=False, retry=False)
             if options.dirsrv_pin is None:
                 raise ScriptError(
                     "Directory Server private key unlock password required")
@@ -520,7 +520,7 @@ def install_check(installer):
         if options.pkinit_pin is None:
             options.pkinit_pin = read_password(
                 "Enter Kerberos KDC private key unlock",
-                confirm=False, validate=False)
+                confirm=False, validate=False, retry=False)
             if options.pkinit_pin is None:
                 raise ScriptError(
                     "Kerberos KDC private key unlock password required")
-- 
2.7.4


-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to