URL: https://github.com/freeipa/freeipa/pull/1046
Author: stlaz
 Title: #1046: pkinit: don't fail when no pkinit servers found
Action: opened

PR body:
"""
If we issue pkinit-status after an upgrade from a pre-4.5 ipa
version, it would have failed with KeyError since the
pkinit_server_server of IPA config was never initialized.

https://pagure.io/freeipa/issue/7144
"""

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/1046/head:pr1046
git checkout pr1046
From 55670ff7348934a865c69786d359a83f256e4c20 Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka <slazn...@redhat.com>
Date: Wed, 6 Sep 2017 15:11:00 +0200
Subject: [PATCH] pkinit: don't fail when no pkinit servers found

If we issue pkinit-status after an upgrade from a pre-4.5 ipa
version, it would have failed with KeyError since the
pkinit_server_server of IPA config was never initialized.

https://pagure.io/freeipa/issue/7144
---
 ipaserver/plugins/pkinit.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ipaserver/plugins/pkinit.py b/ipaserver/plugins/pkinit.py
index 970f955c54..2653bd0436 100644
--- a/ipaserver/plugins/pkinit.py
+++ b/ipaserver/plugins/pkinit.py
@@ -93,7 +93,9 @@ def get_pkinit_status(self, server, status):
         else:
             servers = ipa_master_config['ipa_master_server']
 
-        pkinit_servers = ipa_master_config['pkinit_server_server']
+        pkinit_servers = ipa_master_config.get('pkinit_server_server')
+        if pkinit_servers is None:
+            return
 
         for s in servers:
             pkinit_status = {
_______________________________________________
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org

Reply via email to