12589a1af6
pyOpenSSL 24.0.0 removed several APIs required by pccsadmin, so porting to pycryptography is required on Fedora. Since RHEL does not ship pyOpenSSL, the port is useful here too. Using pyasn1 instead of asn1 gives stronger validation during parsing and brings compatibility with RHEL that lacks python3-asn1 The keyring package needs to be optional on RHEL which lacks this module (currently). Also drop the inappropriate pccs port number change Related: https://issues.redhat.com/browse/RHEL-121612 Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
105 lines
4.4 KiB
Diff
105 lines
4.4 KiB
Diff
From 2b540452538b12a47340b03d6118d3df281a6638 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
|
|
Date: Thu, 4 Dec 2025 13:31:54 +0000
|
|
Subject: [PATCH 120/126] pccsadmin: make 'keyring' module optional
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
This is not available in some distros, and since it is merely a
|
|
convenience to avoid repeated password entry, it can be made
|
|
optional.
|
|
|
|
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
---
|
|
.../PccsAdminTool/lib/intelsgx/credential.py | 53 +++++++++++--------
|
|
1 file changed, 30 insertions(+), 23 deletions(-)
|
|
|
|
diff --git a/tools/PccsAdminTool/lib/intelsgx/credential.py b/tools/PccsAdminTool/lib/intelsgx/credential.py
|
|
index 638cd88..cebecad 100644
|
|
--- a/tools/PccsAdminTool/lib/intelsgx/credential.py
|
|
+++ b/tools/PccsAdminTool/lib/intelsgx/credential.py
|
|
@@ -1,4 +1,7 @@
|
|
-import keyring
|
|
+try:
|
|
+ import keyring
|
|
+except:
|
|
+ keyring = None
|
|
import getpass
|
|
|
|
class Credentials:
|
|
@@ -8,11 +11,12 @@ class Credentials:
|
|
|
|
def get_admin_token(self):
|
|
admin_token = ""
|
|
- try:
|
|
- print("Please note: A prompt may appear asking for your keyring password to access stored credentials.")
|
|
- admin_token = keyring.get_password(self.APPNAME, self.KEY_ADMINTOKEN)
|
|
- except keyring.errors.KeyringError as ke:
|
|
- admin_token = ""
|
|
+ if keyring is not None:
|
|
+ try:
|
|
+ print("Please note: A prompt may appear asking for your keyring password to access stored credentials.")
|
|
+ admin_token = keyring.get_password(self.APPNAME, self.KEY_ADMINTOKEN)
|
|
+ except keyring.errors.KeyringError as ke:
|
|
+ admin_token = ""
|
|
|
|
while admin_token is None or admin_token == '':
|
|
admin_token = getpass.getpass(prompt="Please input your administrator password for PCCS service:")
|
|
@@ -25,21 +29,23 @@ class Credentials:
|
|
return admin_token
|
|
|
|
def set_admin_token(self, token):
|
|
- try:
|
|
- print("Please note: A prompt may appear asking for your keyring password to access stored credentials.")
|
|
- keyring.set_password(self.APPNAME, self.KEY_ADMINTOKEN, token)
|
|
- except keyring.errors.PasswordSetError as ke:
|
|
- print("Failed to store admin token.")
|
|
- return False
|
|
+ if keyring is not None:
|
|
+ try:
|
|
+ print("Please note: A prompt may appear asking for your keyring password to access stored credentials.")
|
|
+ keyring.set_password(self.APPNAME, self.KEY_ADMINTOKEN, token)
|
|
+ except keyring.errors.PasswordSetError as ke:
|
|
+ print("Failed to store admin token.")
|
|
+ return False
|
|
return True
|
|
|
|
def get_pcs_api_key(self):
|
|
pcs_api_key = ""
|
|
- try:
|
|
- print("Please note: A prompt may appear asking for your keyring password to access stored credentials.")
|
|
- pcs_api_key = keyring.get_password(self.APPNAME, self.KEY_PCS_APIKEY)
|
|
- except keyring.errors.KeyringError as ke:
|
|
- pcs_api_key = ""
|
|
+ if keyring is not None:
|
|
+ try:
|
|
+ print("Please note: A prompt may appear asking for your keyring password to access stored credentials.")
|
|
+ pcs_api_key = keyring.get_password(self.APPNAME, self.KEY_PCS_APIKEY)
|
|
+ except keyring.errors.KeyringError as ke:
|
|
+ pcs_api_key = ""
|
|
|
|
while pcs_api_key is None or pcs_api_key == '':
|
|
pcs_api_key = getpass.getpass(prompt="Please input ApiKey for Intel PCS:")
|
|
@@ -52,10 +58,11 @@ class Credentials:
|
|
return pcs_api_key
|
|
|
|
def set_pcs_api_key(self, apikey):
|
|
- try:
|
|
- print("Please note: A prompt may appear asking for your keyring password to access stored credentials.")
|
|
- keyring.set_password(self.APPNAME, self.KEY_PCS_APIKEY, apikey)
|
|
- except keyring.errors.PasswordSetError as ke:
|
|
- print("Failed to store PCS API key.")
|
|
- return False
|
|
+ if keyring is not None:
|
|
+ try:
|
|
+ print("Please note: A prompt may appear asking for your keyring password to access stored credentials.")
|
|
+ keyring.set_password(self.APPNAME, self.KEY_PCS_APIKEY, apikey)
|
|
+ except keyring.errors.PasswordSetError as ke:
|
|
+ print("Failed to store PCS API key.")
|
|
+ return False
|
|
return True
|
|
--
|
|
2.51.1
|
|
|