[Pki-devel] [PATCH] 974 Default NSS database for PKI CLI.

Fri, 17 Mar 2017 09:27:45 -0700 

The PKI CLI has been modified to create a default NSS database
without a password if there is no existing database at the
expected location.

Pushed to master under trivial rule.

--
Endi S. Dewata

>From 8b85ace2a2761c8451a11b4df8f142bd291cd6d4 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edew...@redhat.com>
Date: Fri, 17 Mar 2017 07:55:11 +0100
Subject: [PATCH] Default NSS database for PKI CLI.

The PKI CLI has been modified to create a default NSS database
without a password if there is no existing database at the
expected location.
---
 .../src/com/netscape/cmstools/cli/MainCLI.java     | 28 ++++++++++++++++++----
 1 file changed, 24 insertions(+), 4 deletions(-)

diff --git a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
index 0a9ddf0a6db3a205cdc0a11bdaa521d883f22d05..75904edc69b822b56007c0935f66d8b1b20960a3 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
@@ -467,12 +467,32 @@ public class MainCLI extends CLI {
 
     public void init() throws Exception {
 
-        // Main program should initialize client security database
-        if (certDatabase.exists()) {
-            if (verbose) System.out.println("Initializing client security database");
-            CryptoManager.initialize(certDatabase.getAbsolutePath());
+        // Create security database if it doesn't exist
+        if (!certDatabase.exists()) {
+
+            if (verbose) System.out.println("Creating security database");
+
+            certDatabase.mkdirs();
+
+            String[] commands = {
+                    "/usr/bin/certutil", "-N",
+                    "-d", certDatabase.getAbsolutePath(),
+                    "--empty-password"
+            };
+
+            Runtime rt = Runtime.getRuntime();
+            Process p = rt.exec(commands);
+
+            int rc = p.waitFor();
+            if (rc != 0) {
+                throw new Exception("Unable to create security database: " + certDatabase.getAbsolutePath() + " (rc: " + rc + ")");
+            }
         }
 
+        // Main program should initialize security database
+        if (verbose) System.out.println("Initializing security database");
+        CryptoManager.initialize(certDatabase.getAbsolutePath());
+
         // If password is specified, use password to access security token
         if (config.getCertPassword() != null) {
             if (verbose) System.out.println("Logging into security token");
-- 
2.9.3


_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel

Reply via email to