From fabb0b9c7bad45dda80930af88fa41713c1aa72d Mon Sep 17 00:00:00 2001
From: themylogin <themylogin@gmail.com>
Date: Tue, 28 Jan 2025 14:00:01 +0100
Subject: [PATCH] Prevent crashes when `pwenc_secret` is missing

---
 src/middlewared/middlewared/plugins/pwenc.py | 21 ++++++++++++++------
 1 file changed, 15 insertions(+), 6 deletions(-)

diff --git a/src/middlewared/middlewared/plugins/pwenc.py b/src/middlewared/middlewared/plugins/pwenc.py
index f052d06b9e3b5..cddf342d7f256 100644
--- a/src/middlewared/middlewared/plugins/pwenc.py
+++ b/src/middlewared/middlewared/plugins/pwenc.py
@@ -37,6 +37,17 @@ def _reset_passwords(self):
         ):
             self.middleware.call_sync('datastore.sql', f'UPDATE {table} SET {field} = \'\'')
 
+        self.middleware.call_sync('datastore.sql', 'DELETE FROM tasks_cloud_backup')
+        self.middleware.call_sync('datastore.sql', 'DELETE FROM tasks_cloudsync')
+        self.middleware.call_sync('datastore.sql', 'DELETE FROM system_cloudcredentials')
+        self.middleware.call_sync(
+            'datastore.sql',
+            'DELETE FROM storage_replication WHERE repl_ssh_credentials_id IS NOT NULL',
+        )
+        self.middleware.call_sync('datastore.sql', 'DELETE FROM tasks_rsync WHERE rsync_ssh_credentials_id IS NOT NULL')
+        self.middleware.call_sync('datastore.sql', 'DELETE FROM system_keychaincredential')
+        self.middleware.call_sync('datastore.sql', 'DELETE FROM vm_device')
+
     @staticmethod
     def _secret_opener(path, flags):
         with pathref_open(os.path.dirname(path), force=True, mode=0o755) as secret_path:
@@ -61,7 +72,7 @@ def _read_secret(self):
         with open(self.secret_path, 'rb', opener=self._secret_opener) as f:
             self.secret = f.read()
 
-    def _write_secret(self, secret, reset_passwords):
+    def _write_secret(self, secret):
         with open(self.secret_path, 'wb', opener=self._secret_opener) as f:
             with self._lock_secrets(f.fileno()):
                 os.fchmod(f.fileno(), PWENC_FILE_SECRET_MODE)
@@ -71,12 +82,10 @@ def _write_secret(self, secret, reset_passwords):
 
                 self.reset_secret_cache()
                 self._reset_pwenc_check_field()
+                self._reset_passwords()
 
-                if reset_passwords:
-                    self._reset_passwords()
-
-    def generate_secret(self, reset_passwords=True):
-        self._write_secret(os.urandom(PWENC_BLOCK_SIZE), reset_passwords)
+    def generate_secret(self):
+        self._write_secret(os.urandom(PWENC_BLOCK_SIZE))
 
     def check(self):
         try: