Have apiarmed continuous be properly respected for shared secret

Remote media was erroneously being invalidated, despite user opting out of the strict security.
2024-11-22 09:32:21 +00:00 · 2023-01-19 14:54:18 -05:00 · 2023-01-19 14:54:18 -05:00 · 75f020f53c
commit 75f020f53c
parent c09e8448c2
1 changed files with 4 additions and 4 deletions
--- a/confluent_server/confluent/credserver.py
+++ b/confluent_server/confluent/credserver.py
@ -79,14 +79,14 @@ class CredServer(object):
                hmackey = hmackey.get(nodename, {}).get('secret.selfapiarmtoken', {}).get('value', None)
            elif tlv[1]:
                client.recv(tlv[1])
+            apimats = self.cfm.get_node_attributes(nodename,
+                    ['deployment.apiarmed', 'deployment.sealedapikey'])
+            apiarmed = apimats.get(nodename, {}).get('deployment.apiarmed', {}).get(
+                    'value', None)
            if not hmackey:
                if not address_is_somewhat_trusted(peer[0], nodename, self.cfm):
                    client.close()
                    return
-                apimats = self.cfm.get_node_attributes(nodename,
-                    ['deployment.apiarmed', 'deployment.sealedapikey'])
-                apiarmed = apimats.get(nodename, {}).get('deployment.apiarmed', {}).get(
-                    'value', None)
                if not apiarmed:
                    if apimats.get(nodename, {}).get(
                        'deployment.sealedapikey', {}).get('value', None):