URL: https://github.com/freeipa/freeipa/pull/1067
Author: stlaz
 Title: #1067: [Backport][ipa-4-5] pkinit: don't fail when no pkinit servers 
Action: opened

PR body:
This PR was opened automatically because PR #1046 was pushed to master and 
backport to ipa-4-5 is required.

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/1067/head:pr1067
git checkout pr1067
From f1fdf27c827b84e9cebe0c2d566463affff7156d Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka <slazn...@redhat.com>
Date: Wed, 6 Sep 2017 15:11:00 +0200
Subject: [PATCH] pkinit: don't fail when no pkinit servers found

If we issue pkinit-status after an upgrade from a pre-4.5 ipa
version, it would have failed with KeyError since the
pkinit_server_server of IPA config was never initialized.

 ipaserver/plugins/pkinit.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ipaserver/plugins/pkinit.py b/ipaserver/plugins/pkinit.py
index 970f955c54..2653bd0436 100644
--- a/ipaserver/plugins/pkinit.py
+++ b/ipaserver/plugins/pkinit.py
@@ -93,7 +93,9 @@ def get_pkinit_status(self, server, status):
             servers = ipa_master_config['ipa_master_server']
-        pkinit_servers = ipa_master_config['pkinit_server_server']
+        pkinit_servers = ipa_master_config.get('pkinit_server_server')
+        if pkinit_servers is None:
+            return
         for s in servers:
             pkinit_status = {
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org

Reply via email to