mirror of
https://gitlab.com/fdroid/fdroidserver.git
synced 2024-10-03 17:50:11 +02:00
update: validate smartcardoptions when using a HSM for the keystore
This commit is contained in:
parent
7dcf4f5680
commit
d213c8b37c
@ -317,9 +317,10 @@ def read_config(opts, config_file='config.py'):
|
||||
.format(field=k))
|
||||
|
||||
# smartcardoptions must be a list since its command line args for Popen
|
||||
if 'smartcardoptions' in config:
|
||||
config['smartcardoptions'] = config['smartcardoptions'].split(' ')
|
||||
elif 'keystore' in config and config['keystore'] == 'NONE':
|
||||
smartcardoptions = config.get('smartcardoptions')
|
||||
if isinstance(smartcardoptions, str):
|
||||
config['smartcardoptions'] = re.sub(r'\s+', r' ', config['smartcardoptions']).split(' ')
|
||||
elif not smartcardoptions and 'keystore' in config and config['keystore'] == 'NONE':
|
||||
# keystore='NONE' means use smartcard, these are required defaults
|
||||
config['smartcardoptions'] = ['-storetype', 'PKCS11', '-providerName',
|
||||
'SunPKCS11-OpenSC', '-providerClass',
|
||||
@ -398,6 +399,10 @@ def assert_config_keystore(config):
|
||||
if 'keystore' not in config:
|
||||
nosigningkey = True
|
||||
logging.critical(_("'keystore' not found in config.py!"))
|
||||
elif config['keystore'] == 'NONE':
|
||||
if not config.get('smartcardoptions'):
|
||||
nosigningkey = True
|
||||
logging.critical(_("'keystore' is NONE and 'smartcardoptions' is blank!"))
|
||||
elif not os.path.exists(config['keystore']):
|
||||
nosigningkey = True
|
||||
logging.critical("'" + config['keystore'] + "' does not exist!")
|
||||
|
Loading…
Reference in New Issue
Block a user