On 6/13/2016 9:38 PM, Fraser Tweedale wrote:
Hi all,
The attached patch fixes https://fedorahosted.org/pki/ticket/2359.
Please review for inclusion in 10.3.3.
Thanks,
Fraser
It looks like the initSignUnit() is only called with retrieveKeys=true
in init(). So the code that starts the key retriever thread probably can
be moved out, becoming something like this:
initDefCaAttrs();
try {
initSignUnit();
checkForNewerCert();
} catch (CAMissingCertException | CAMissingKeyException e) {
// start key retriever thread
} catch (EBaseException e) {
...
}
I think it would clarify a little bit how the missing cert/key is handled.
So if I understand correctly if the cert/key is missing the LWCA object
will still be created and registered, but it will be disabled
(hasKeys=false)?
When the key retriever thread is complete, will it automatically
reinitialize and enable the LWCA object?
Regardless, feel free to push the patch as is.
--
Endi S. Dewata
_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
