3c00769e65
Sync patches from Fedora 43, to fix multiple pccs npm security flaws, and fix typo in pccsadmin help text. CVE-2026-23745, CVE-2026-23950, CVE-2026-24842, CVE-2025-13465, CVE-2025-15284 Resolves: RHEL-145005, RHEL-144190, RHEL-142482, RHEL-138075, RHEL-140108 Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
105 lines
4.5 KiB
Diff
105 lines
4.5 KiB
Diff
From 2b540452538b12a47340b03d6118d3df281a6638 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
|
|
Date: Thu, 4 Dec 2025 13:31:54 +0000
|
|
Subject: [PATCH 120/136] pccsadmin: make 'keyring' module optional
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
This is not available in some distros, and since it is merely a
|
|
convenience to avoid repeated password entry, it can be made
|
|
optional.
|
|
|
|
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
---
|
|
.../PccsAdminTool/lib/intelsgx/credential.py | 53 +++++++++++--------
|
|
1 file changed, 30 insertions(+), 23 deletions(-)
|
|
|
|
diff --git a/tools/PccsAdminTool/lib/intelsgx/credential.py b/tools/PccsAdminTool/lib/intelsgx/credential.py
|
|
index 638cd88e..cebecade 100644
|
|
--- a/tools/PccsAdminTool/lib/intelsgx/credential.py
|
|
+++ b/tools/PccsAdminTool/lib/intelsgx/credential.py
|
|
@@ -1,4 +1,7 @@
|
|
-import keyring
|
|
+try:
|
|
+ import keyring
|
|
+except:
|
|
+ keyring = None
|
|
import getpass
|
|
|
|
class Credentials:
|
|
@@ -8,11 +11,12 @@ class Credentials:
|
|
|
|
def get_admin_token(self):
|
|
admin_token = ""
|
|
- try:
|
|
- print("Please note: A prompt may appear asking for your keyring password to access stored credentials.")
|
|
- admin_token = keyring.get_password(self.APPNAME, self.KEY_ADMINTOKEN)
|
|
- except keyring.errors.KeyringError as ke:
|
|
- admin_token = ""
|
|
+ if keyring is not None:
|
|
+ try:
|
|
+ print("Please note: A prompt may appear asking for your keyring password to access stored credentials.")
|
|
+ admin_token = keyring.get_password(self.APPNAME, self.KEY_ADMINTOKEN)
|
|
+ except keyring.errors.KeyringError as ke:
|
|
+ admin_token = ""
|
|
|
|
while admin_token is None or admin_token == '':
|
|
admin_token = getpass.getpass(prompt="Please input your administrator password for PCCS service:")
|
|
@@ -25,21 +29,23 @@ class Credentials:
|
|
return admin_token
|
|
|
|
def set_admin_token(self, token):
|
|
- try:
|
|
- print("Please note: A prompt may appear asking for your keyring password to access stored credentials.")
|
|
- keyring.set_password(self.APPNAME, self.KEY_ADMINTOKEN, token)
|
|
- except keyring.errors.PasswordSetError as ke:
|
|
- print("Failed to store admin token.")
|
|
- return False
|
|
+ if keyring is not None:
|
|
+ try:
|
|
+ print("Please note: A prompt may appear asking for your keyring password to access stored credentials.")
|
|
+ keyring.set_password(self.APPNAME, self.KEY_ADMINTOKEN, token)
|
|
+ except keyring.errors.PasswordSetError as ke:
|
|
+ print("Failed to store admin token.")
|
|
+ return False
|
|
return True
|
|
|
|
def get_pcs_api_key(self):
|
|
pcs_api_key = ""
|
|
- try:
|
|
- print("Please note: A prompt may appear asking for your keyring password to access stored credentials.")
|
|
- pcs_api_key = keyring.get_password(self.APPNAME, self.KEY_PCS_APIKEY)
|
|
- except keyring.errors.KeyringError as ke:
|
|
- pcs_api_key = ""
|
|
+ if keyring is not None:
|
|
+ try:
|
|
+ print("Please note: A prompt may appear asking for your keyring password to access stored credentials.")
|
|
+ pcs_api_key = keyring.get_password(self.APPNAME, self.KEY_PCS_APIKEY)
|
|
+ except keyring.errors.KeyringError as ke:
|
|
+ pcs_api_key = ""
|
|
|
|
while pcs_api_key is None or pcs_api_key == '':
|
|
pcs_api_key = getpass.getpass(prompt="Please input ApiKey for Intel PCS:")
|
|
@@ -52,10 +58,11 @@ class Credentials:
|
|
return pcs_api_key
|
|
|
|
def set_pcs_api_key(self, apikey):
|
|
- try:
|
|
- print("Please note: A prompt may appear asking for your keyring password to access stored credentials.")
|
|
- keyring.set_password(self.APPNAME, self.KEY_PCS_APIKEY, apikey)
|
|
- except keyring.errors.PasswordSetError as ke:
|
|
- print("Failed to store PCS API key.")
|
|
- return False
|
|
+ if keyring is not None:
|
|
+ try:
|
|
+ print("Please note: A prompt may appear asking for your keyring password to access stored credentials.")
|
|
+ keyring.set_password(self.APPNAME, self.KEY_PCS_APIKEY, apikey)
|
|
+ except keyring.errors.PasswordSetError as ke:
|
|
+ print("Failed to store PCS API key.")
|
|
+ return False
|
|
return True
|
|
--
|
|
2.52.0
|
|
|