From ea29720881b1929eb4034470c0ac228395b83242 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20K=C3=A1cha?= <ph@cesnet.cz>
Date: Tue, 25 Jul 2017 14:07:57 +0200
Subject: [PATCH] Fixed bug with password in arglist (which curiously sometimes
 somewhere worked)

---
 warden3/contrib/warden_ra/warden_ra.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/warden3/contrib/warden_ra/warden_ra.py b/warden3/contrib/warden_ra/warden_ra.py
index 24a7f83..f9e26c9 100755
--- a/warden3/contrib/warden_ra/warden_ra.py
+++ b/warden3/contrib/warden_ra/warden_ra.py
@@ -329,17 +329,17 @@ class CertHandler(ObjectBase):
         if self.req.client == "cert":
             # Correctly authenticated by cert, most probably not preactivated with password,
             # so generate oneshot password and allow now
-            password = "".join((random.choice(string.ascii_letters + string.digits) for dummy in range(16)))
+            password = ["".join((random.choice(string.ascii_letters + string.digits) for dummy in range(16)))]
             self.log.debug("Authorized by X509, enabling cert generation with password %s" % password)
             try:
-                client.update(status="Issuable", pwd=password)
+                client.update(status="Issuable", pwd=password[0])
                 self.registry.save_client(client)
             except ClientDisabledError as e:
                 raise self.req.error(message="Error enabling cert generation", error=403, exc=sys.exc_info())
         if not password:
             raise self.req.error(message="Missing password and certificate validation failed", error=403, name=name, password=password)
         try:
-            newcert = self.registry.new_cert(client, csr_data, password)
+            newcert = self.registry.new_cert(client, csr_data, password[0])
         except Exception as e:
             raise self.req.error(message="Processing error", error=403, exc=sys.exc_info())
         self.log.info("Generated.")
-- 
GitLab