mirror of
https://gitlab.com/fdroid/fdroidserver.git
synced 2024-10-05 18:50:09 +02:00
update: validate smartcardoptions when using a HSM for the keystore
This commit is contained in:
parent
7dcf4f5680
commit
d213c8b37c
@ -317,9 +317,10 @@ def read_config(opts, config_file='config.py'):
|
|||||||
.format(field=k))
|
.format(field=k))
|
||||||
|
|
||||||
# smartcardoptions must be a list since its command line args for Popen
|
# smartcardoptions must be a list since its command line args for Popen
|
||||||
if 'smartcardoptions' in config:
|
smartcardoptions = config.get('smartcardoptions')
|
||||||
config['smartcardoptions'] = config['smartcardoptions'].split(' ')
|
if isinstance(smartcardoptions, str):
|
||||||
elif 'keystore' in config and config['keystore'] == 'NONE':
|
config['smartcardoptions'] = re.sub(r'\s+', r' ', config['smartcardoptions']).split(' ')
|
||||||
|
elif not smartcardoptions and 'keystore' in config and config['keystore'] == 'NONE':
|
||||||
# keystore='NONE' means use smartcard, these are required defaults
|
# keystore='NONE' means use smartcard, these are required defaults
|
||||||
config['smartcardoptions'] = ['-storetype', 'PKCS11', '-providerName',
|
config['smartcardoptions'] = ['-storetype', 'PKCS11', '-providerName',
|
||||||
'SunPKCS11-OpenSC', '-providerClass',
|
'SunPKCS11-OpenSC', '-providerClass',
|
||||||
@ -398,6 +399,10 @@ def assert_config_keystore(config):
|
|||||||
if 'keystore' not in config:
|
if 'keystore' not in config:
|
||||||
nosigningkey = True
|
nosigningkey = True
|
||||||
logging.critical(_("'keystore' not found in config.py!"))
|
logging.critical(_("'keystore' not found in config.py!"))
|
||||||
|
elif config['keystore'] == 'NONE':
|
||||||
|
if not config.get('smartcardoptions'):
|
||||||
|
nosigningkey = True
|
||||||
|
logging.critical(_("'keystore' is NONE and 'smartcardoptions' is blank!"))
|
||||||
elif not os.path.exists(config['keystore']):
|
elif not os.path.exists(config['keystore']):
|
||||||
nosigningkey = True
|
nosigningkey = True
|
||||||
logging.critical("'" + config['keystore'] + "' does not exist!")
|
logging.critical("'" + config['keystore'] + "' does not exist!")
|
||||||
|
Loading…
Reference in New Issue
Block a user