From 4f76c143d2f2036af02677469c542f563a10158d Mon Sep 17 00:00:00 2001
From: Petr Viktorin <pviktori@redhat.com>
Date: Thu, 23 Aug 2012 12:38:45 -0400
Subject: Use Dogtag 10 only when it is available

Put the changes from Ade's dogtag 10 patch into namespaced constants in
dogtag.py, which are then referenced in the code.

Make ipaserver.install.CAInstance use the service name specified in the
configuration. Uninstallation, where config is removed before CA uninstall,
also uses the (previously) configured value.

This and Ade's patch address https://fedorahosted.org/freeipa/ticket/2846
---
 ipaserver/install/certs.py | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

(limited to 'ipaserver/install/certs.py')

diff --git a/ipaserver/install/certs.py b/ipaserver/install/certs.py
index f0f0f1dfd..0094d0b89 100644
--- a/ipaserver/install/certs.py
+++ b/ipaserver/install/certs.py
@@ -660,8 +660,13 @@ class CertDB(object):
             f = open(self.passwd_fname, "r")
             password = f.readline()
             f.close()
-            http_status, http_reason_phrase, http_headers, http_body = \
-                dogtag.https_request(self.host_name, api.env.ca_ee_install_port, "/ca/ee/ca/profileSubmitSSLClient", self.secdir, password, "ipaCert", **params)
+            result = dogtag.https_request(
+                self.host_name,
+                api.env.ca_ee_install_port or
+                    dogtag.install_constants.EE_SECURE_PORT,
+                "/ca/ee/ca/profileSubmitSSLClient",
+                self.secdir, password, "ipaCert", **params)
+            http_status, http_reason_phrase, http_headers, http_body = result
 
             if http_status != 200:
                 raise CertificateOperationError(
@@ -743,8 +748,13 @@ class CertDB(object):
             f = open(self.passwd_fname, "r")
             password = f.readline()
             f.close()
-            http_status, http_reason_phrase, http_headers, http_body = \
-                dogtag.https_request(self.host_name, api.env.ca_ee_install_port, "/ca/ee/ca/profileSubmitSSLClient", self.secdir, password, "ipaCert", **params)
+            result = dogtag.https_request(
+                self.host_name,
+                api.env.ca_ee_install_port or
+                    dogtag.install_constants.EE_SECURE_PORT,
+                "/ca/ee/ca/profileSubmitSSLClient",
+                self.secdir, password, "ipaCert", **params)
+            http_status, http_reason_phrase, http_headers, http_body = result
             if http_status != 200:
                 raise RuntimeError("Unable to submit cert request")
 
-- 
cgit