From f85c60676cd2d31a16cfb95014e5c1a14cc5000c Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Thu, 21 Jul 2022 18:50:00 +0200
Subject: [PATCH] ipaserver,ipareplica: Fix Random Serial Numbers always
 enabled

The option _random_serial_numbers was using with the wrong type in
ipaserver_setup_ca.py and ipareplica_setup_ca.py. Therefore RSN was
always enabled.

Fixes:
- https://bugzilla.redhat.com/show_bug.cgi?id=2110523
- https://bugzilla.redhat.com/show_bug.cgi?id=2110526
---
 roles/ipareplica/library/ipareplica_setup_ca.py | 2 +-
 roles/ipaserver/library/ipaserver_prepare.py    | 2 +-
 roles/ipaserver/library/ipaserver_setup_ca.py   | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/ipareplica/library/ipareplica_setup_ca.py b/roles/ipareplica/library/ipareplica_setup_ca.py
index 951bcbe2..01d00a8e 100644
--- a/roles/ipareplica/library/ipareplica_setup_ca.py
+++ b/roles/ipareplica/library/ipareplica_setup_ca.py
@@ -147,7 +147,7 @@ def main():
             _top_dir=dict(required=True),
             _ca_subject=dict(required=True),
             _subject_base=dict(required=True),
-            _random_serial_numbers=dict(required=True),
+            _random_serial_numbers=dict(required=True, type='bool'),
             dirman_password=dict(required=True, no_log=True),
             config_setup_ca=dict(required=True, type='bool'),
             config_master_host_name=dict(required=True),
diff --git a/roles/ipaserver/library/ipaserver_prepare.py b/roles/ipaserver/library/ipaserver_prepare.py
index f7590be8..e75b6858 100644
--- a/roles/ipaserver/library/ipaserver_prepare.py
+++ b/roles/ipaserver/library/ipaserver_prepare.py
@@ -231,7 +231,7 @@ def main():
     # in the _setup_ca module and also some others.
     options._subject_base = None
     options._ca_subject = None
-    options._random_serial_numbers = None
+    options._random_serial_numbers = False
 
     # set values ####################################################
 
diff --git a/roles/ipaserver/library/ipaserver_setup_ca.py b/roles/ipaserver/library/ipaserver_setup_ca.py
index 5863f4bc..0b03f619 100644
--- a/roles/ipaserver/library/ipaserver_setup_ca.py
+++ b/roles/ipaserver/library/ipaserver_setup_ca.py
@@ -207,7 +207,7 @@ def main():
             ca_subject=dict(required=False),
             _ca_subject=dict(required=False),
             ca_signing_algorithm=dict(required=False),
-            _random_serial_numbers=dict(required=True),
+            _random_serial_numbers=dict(required=True, type='bool'),
             # dns
             reverse_zones=dict(required=False, type='list', default=[]),
             no_reverse=dict(required=False, type='bool', default=False),