From 4cbdeb0d3059d7b20c333e6f1410ea305202ec05 Mon Sep 17 00:00:00 2001 From: Ryan Petrello Date: Wed, 15 Feb 2017 12:22:52 -0500 Subject: [PATCH] don't allow private key passphrases for unencrypted private ssh keys see: #5311 --- awx/main/models/credential.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/awx/main/models/credential.py b/awx/main/models/credential.py index a7f77e87c2..3342c8b750 100644 --- a/awx/main/models/credential.py +++ b/awx/main/models/credential.py @@ -345,6 +345,9 @@ class Credential(PasswordFieldsModel, CommonModelNameNotUnique, ResourceMixin): if self.has_encrypted_ssh_key_data and not self.ssh_key_unlock: raise ValidationError(_('SSH key unlock must be set when SSH key ' 'is encrypted.')) + if not self.has_encrypted_ssh_key_data and self.ssh_key_unlock: + raise ValidationError(_('SSH key unlock should not be set when ' + 'SSH key is not encrypted.')) return self.ssh_key_unlock def clean(self):