mirror of
				https://github.com/xcat2/confluent.git
				synced 2025-10-25 00:15:48 +00:00 
			
		
		
		
	Flesh out the restoration of the master keys
With this commit, the key portion of import should be complete.
This commit is contained in:
		| @@ -65,6 +65,7 @@ import anydbm as dbm | ||||
| import ast | ||||
| import base64 | ||||
| import confluent.config.attributes as allattributes | ||||
| import confluent.config.conf as conf | ||||
| import confluent.log | ||||
| import confluent.util | ||||
| import confluent.exceptions as exc | ||||
| @@ -1357,7 +1358,7 @@ class ConfigManager(object): | ||||
|                                               changeset) | ||||
|  | ||||
|  | ||||
| def _restore_keys(jsond, password, newpassword): | ||||
| def _restore_keys(jsond, password, newpassword=None): | ||||
|     # the jsond from the restored file, password (if any) used to protect | ||||
|     # the file, and newpassword to use, (also check the service.cfg file) | ||||
|     global _masterkey | ||||
| @@ -1365,8 +1366,20 @@ def _restore_keys(jsond, password, newpassword): | ||||
|     keydata = json.loads(jsond) | ||||
|     cryptkey = _parse_key(keydata['cryptkey'], password) | ||||
|     integritykey = _parse_key(keydata['integritykey'], password) | ||||
|     conf.init_config() | ||||
|     cfg = conf.get_config() | ||||
|     if cfg.has_option('security', 'externalcfgkey'): | ||||
|         keyfilename = cfg.get('security', 'externalcfgkey') | ||||
|         with open(keyfilename, 'r') as keyfile: | ||||
|             newpassword = keyfile.read() | ||||
|     set_global('master_privacy_key', _format_key(cryptkey, | ||||
|                                                  password=newpassword)) | ||||
|     set_global('master_integrity_key', _format_key(integritykey, | ||||
|                                                    password=newpassword)) | ||||
|     _masterkey = cryptkey | ||||
|     _masterintegritykey = integritykey | ||||
|     ConfigManager.wait_for_sync() | ||||
|     # At this point, we should have the key situation all sorted | ||||
|  | ||||
|  | ||||
| def _dump_keys(password): | ||||
|   | ||||
		Reference in New Issue
	
	Block a user