mirror of
https://gitlab.com/fdroid/fdroidserver.git
synced 2024-10-05 18:50:09 +02:00
Merge branch 'smartcard-hsm-fixes' into 'master'
Smart Card HSM fixes See merge request fdroid/fdroidserver!779
This commit is contained in:
commit
a997ad7b84
@ -317,9 +317,10 @@ def read_config(opts, config_file='config.py'):
|
|||||||
.format(field=k))
|
.format(field=k))
|
||||||
|
|
||||||
# smartcardoptions must be a list since its command line args for Popen
|
# smartcardoptions must be a list since its command line args for Popen
|
||||||
if 'smartcardoptions' in config:
|
smartcardoptions = config.get('smartcardoptions')
|
||||||
config['smartcardoptions'] = config['smartcardoptions'].split(' ')
|
if isinstance(smartcardoptions, str):
|
||||||
elif 'keystore' in config and config['keystore'] == 'NONE':
|
config['smartcardoptions'] = re.sub(r'\s+', r' ', config['smartcardoptions']).split(' ')
|
||||||
|
elif not smartcardoptions and 'keystore' in config and config['keystore'] == 'NONE':
|
||||||
# keystore='NONE' means use smartcard, these are required defaults
|
# keystore='NONE' means use smartcard, these are required defaults
|
||||||
config['smartcardoptions'] = ['-storetype', 'PKCS11', '-providerName',
|
config['smartcardoptions'] = ['-storetype', 'PKCS11', '-providerName',
|
||||||
'SunPKCS11-OpenSC', '-providerClass',
|
'SunPKCS11-OpenSC', '-providerClass',
|
||||||
@ -398,13 +399,17 @@ def assert_config_keystore(config):
|
|||||||
if 'keystore' not in config:
|
if 'keystore' not in config:
|
||||||
nosigningkey = True
|
nosigningkey = True
|
||||||
logging.critical(_("'keystore' not found in config.py!"))
|
logging.critical(_("'keystore' not found in config.py!"))
|
||||||
|
elif config['keystore'] == 'NONE':
|
||||||
|
if not config.get('smartcardoptions'):
|
||||||
|
nosigningkey = True
|
||||||
|
logging.critical(_("'keystore' is NONE and 'smartcardoptions' is blank!"))
|
||||||
elif not os.path.exists(config['keystore']):
|
elif not os.path.exists(config['keystore']):
|
||||||
nosigningkey = True
|
nosigningkey = True
|
||||||
logging.critical("'" + config['keystore'] + "' does not exist!")
|
logging.critical("'" + config['keystore'] + "' does not exist!")
|
||||||
if 'keystorepass' not in config:
|
if 'keystorepass' not in config:
|
||||||
nosigningkey = True
|
nosigningkey = True
|
||||||
logging.critical(_("'keystorepass' not found in config.py!"))
|
logging.critical(_("'keystorepass' not found in config.py!"))
|
||||||
if 'keypass' not in config:
|
if 'keypass' not in config and config.get('keystore') != 'NONE':
|
||||||
nosigningkey = True
|
nosigningkey = True
|
||||||
logging.critical(_("'keypass' not found in config.py!"))
|
logging.critical(_("'keypass' not found in config.py!"))
|
||||||
if nosigningkey:
|
if nosigningkey:
|
||||||
|
@ -610,7 +610,7 @@ def extract_pubkey():
|
|||||||
'-alias', common.config['repo_keyalias'],
|
'-alias', common.config['repo_keyalias'],
|
||||||
'-keystore', common.config['keystore'],
|
'-keystore', common.config['keystore'],
|
||||||
'-storepass:env', 'FDROID_KEY_STORE_PASS']
|
'-storepass:env', 'FDROID_KEY_STORE_PASS']
|
||||||
+ common.config['smartcardoptions'],
|
+ list(common.config['smartcardoptions']),
|
||||||
envs=env_vars, output=False, stderr_to_stdout=False)
|
envs=env_vars, output=False, stderr_to_stdout=False)
|
||||||
if p.returncode != 0 or len(p.output) < 20:
|
if p.returncode != 0 or len(p.output) < 20:
|
||||||
msg = "Failed to get repo pubkey!"
|
msg = "Failed to get repo pubkey!"
|
||||||
|
@ -211,12 +211,10 @@ def main():
|
|||||||
opensc_so = '/usr/lib/opensc-pkcs11.so'
|
opensc_so = '/usr/lib/opensc-pkcs11.so'
|
||||||
logging.warning('No OpenSC PKCS#11 module found, '
|
logging.warning('No OpenSC PKCS#11 module found, '
|
||||||
+ 'install OpenSC then edit "opensc-fdroid.cfg"!')
|
+ 'install OpenSC then edit "opensc-fdroid.cfg"!')
|
||||||
with open(os.path.join(examplesdir, 'opensc-fdroid.cfg'), 'r') as f:
|
|
||||||
opensc_fdroid = f.read()
|
|
||||||
opensc_fdroid = re.sub('^library.*', 'library = ' + opensc_so, opensc_fdroid,
|
|
||||||
flags=re.MULTILINE)
|
|
||||||
with open('opensc-fdroid.cfg', 'w') as f:
|
with open('opensc-fdroid.cfg', 'w') as f:
|
||||||
f.write(opensc_fdroid)
|
f.write('name = OpenSC\nlibrary = ')
|
||||||
|
f.write(opensc_so)
|
||||||
|
f.write('\n')
|
||||||
elif os.path.exists(keystore):
|
elif os.path.exists(keystore):
|
||||||
to_set = ['keystorepass', 'keypass', 'repo_keyalias', 'keydname']
|
to_set = ['keystorepass', 'keypass', 'repo_keyalias', 'keydname']
|
||||||
if repo_keyalias:
|
if repo_keyalias:
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
[metadata]
|
||||||
|
license_file = LICENSE
|
||||||
|
|
||||||
# uploading here requires Python 3.5.3+ or setuptools 27+,
|
# uploading here requires Python 3.5.3+ or setuptools 27+,
|
||||||
# use instead: twine upload --sign dist/fdroidserver*.tar.gz
|
# use instead: twine upload --sign dist/fdroidserver*.tar.gz
|
||||||
|
Loading…
Reference in New Issue
Block a user