mirror of
https://gitlab.com/fdroid/fdroidserver.git
synced 2024-07-04 16:30:12 +02:00
Merge branch 'smartcard-hsm-fixes' into 'master'
Smart Card HSM fixes See merge request fdroid/fdroidserver!779
This commit is contained in:
commit
a997ad7b84
|
@ -317,9 +317,10 @@ def read_config(opts, config_file='config.py'):
|
|||
.format(field=k))
|
||||
|
||||
# smartcardoptions must be a list since its command line args for Popen
|
||||
if 'smartcardoptions' in config:
|
||||
config['smartcardoptions'] = config['smartcardoptions'].split(' ')
|
||||
elif 'keystore' in config and config['keystore'] == 'NONE':
|
||||
smartcardoptions = config.get('smartcardoptions')
|
||||
if isinstance(smartcardoptions, str):
|
||||
config['smartcardoptions'] = re.sub(r'\s+', r' ', config['smartcardoptions']).split(' ')
|
||||
elif not smartcardoptions and 'keystore' in config and config['keystore'] == 'NONE':
|
||||
# keystore='NONE' means use smartcard, these are required defaults
|
||||
config['smartcardoptions'] = ['-storetype', 'PKCS11', '-providerName',
|
||||
'SunPKCS11-OpenSC', '-providerClass',
|
||||
|
@ -398,13 +399,17 @@ def assert_config_keystore(config):
|
|||
if 'keystore' not in config:
|
||||
nosigningkey = True
|
||||
logging.critical(_("'keystore' not found in config.py!"))
|
||||
elif config['keystore'] == 'NONE':
|
||||
if not config.get('smartcardoptions'):
|
||||
nosigningkey = True
|
||||
logging.critical(_("'keystore' is NONE and 'smartcardoptions' is blank!"))
|
||||
elif not os.path.exists(config['keystore']):
|
||||
nosigningkey = True
|
||||
logging.critical("'" + config['keystore'] + "' does not exist!")
|
||||
if 'keystorepass' not in config:
|
||||
nosigningkey = True
|
||||
logging.critical(_("'keystorepass' not found in config.py!"))
|
||||
if 'keypass' not in config:
|
||||
if 'keypass' not in config and config.get('keystore') != 'NONE':
|
||||
nosigningkey = True
|
||||
logging.critical(_("'keypass' not found in config.py!"))
|
||||
if nosigningkey:
|
||||
|
|
|
@ -610,7 +610,7 @@ def extract_pubkey():
|
|||
'-alias', common.config['repo_keyalias'],
|
||||
'-keystore', common.config['keystore'],
|
||||
'-storepass:env', 'FDROID_KEY_STORE_PASS']
|
||||
+ common.config['smartcardoptions'],
|
||||
+ list(common.config['smartcardoptions']),
|
||||
envs=env_vars, output=False, stderr_to_stdout=False)
|
||||
if p.returncode != 0 or len(p.output) < 20:
|
||||
msg = "Failed to get repo pubkey!"
|
||||
|
|
|
@ -211,12 +211,10 @@ def main():
|
|||
opensc_so = '/usr/lib/opensc-pkcs11.so'
|
||||
logging.warning('No OpenSC PKCS#11 module found, '
|
||||
+ 'install OpenSC then edit "opensc-fdroid.cfg"!')
|
||||
with open(os.path.join(examplesdir, 'opensc-fdroid.cfg'), 'r') as f:
|
||||
opensc_fdroid = f.read()
|
||||
opensc_fdroid = re.sub('^library.*', 'library = ' + opensc_so, opensc_fdroid,
|
||||
flags=re.MULTILINE)
|
||||
with open('opensc-fdroid.cfg', 'w') as f:
|
||||
f.write(opensc_fdroid)
|
||||
f.write('name = OpenSC\nlibrary = ')
|
||||
f.write(opensc_so)
|
||||
f.write('\n')
|
||||
elif os.path.exists(keystore):
|
||||
to_set = ['keystorepass', 'keypass', 'repo_keyalias', 'keydname']
|
||||
if repo_keyalias:
|
||||
|
|
Loading…
Reference in New Issue
Block a user