summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEndi Sukma Dewata <edewata@redhat.com>2012-11-13 23:18:52 -0500
committerEndi Sukma Dewata <edewata@redhat.com>2012-11-14 12:58:53 -0500
commit5d36cbb886c9baa9496665630b5af0be5919936b (patch)
tree7670007081406a5ac9cf0e166b192097ab4d58ed
parent65bbd0047143141b8d2d031dcf452aaeded8e8cf (diff)
downloadpki-ticket-399-1.tar.gz
pki-ticket-399-1.tar.xz
pki-ticket-399-1.zip
Refactored str2bool().ticket-399-1
The str2bool() in pkiconfig.py has been moved into pkihelper.py for better clarity. Ticket #380
-rw-r--r--base/deploy/src/scriptlets/configuration.jy5
-rw-r--r--base/deploy/src/scriptlets/configuration.py4
-rw-r--r--base/deploy/src/scriptlets/finalization.py10
-rw-r--r--base/deploy/src/scriptlets/infrastructure_layout.py2
-rw-r--r--base/deploy/src/scriptlets/initialization.py2
-rw-r--r--base/deploy/src/scriptlets/instance_layout.py2
-rw-r--r--base/deploy/src/scriptlets/pkiconfig.py4
-rw-r--r--base/deploy/src/scriptlets/pkihelper.py37
-rw-r--r--base/deploy/src/scriptlets/pkijython.py45
-rw-r--r--base/deploy/src/scriptlets/pkiparser.py57
-rw-r--r--base/deploy/src/scriptlets/security_databases.py2
-rw-r--r--base/deploy/src/scriptlets/selinux_setup.py2
-rw-r--r--base/deploy/src/scriptlets/slot_substitution.py2
-rw-r--r--base/deploy/src/scriptlets/subsystem_layout.py2
-rw-r--r--base/deploy/src/scriptlets/webapp_deployment.py2
15 files changed, 90 insertions, 88 deletions
diff --git a/base/deploy/src/scriptlets/configuration.jy b/base/deploy/src/scriptlets/configuration.jy
index a9c7d5037..60d92a759 100644
--- a/base/deploy/src/scriptlets/configuration.jy
+++ b/base/deploy/src/scriptlets/configuration.jy
@@ -10,6 +10,7 @@ import sys
import pkijython as jyutil
import pkiconfig as config
from pkiconfig import PKIConfig
+import pkihelper as util
import pkimessages as log
@@ -35,7 +36,7 @@ def main(argv):
sensitive = pickle.loads(argv[2])
# Optionally enable a java debugger (e. g. - 'eclipse'):
- if config.str2bool(master['pki_enable_java_debugger']):
+ if util.str2bool(master['pki_enable_java_debugger']):
config.wait_to_attach_an_external_java_debugger()
@@ -105,7 +106,7 @@ def main(argv):
return rv
elif master['pki_instance_type'] == "Tomcat":
if master['pki_subsystem'] == "CA":
- if config.str2bool(master['pki_external']):
+ if util.str2bool(master['pki_external']):
print "%s '%s %s' %s" %\
(log.PKI_JYTHON_INDENTATION_2,
PKIConfig.PKI_DEPLOYMENT_EXTERNAL_CA,
diff --git a/base/deploy/src/scriptlets/configuration.py b/base/deploy/src/scriptlets/configuration.py
index 07914b970..c9a68884a 100644
--- a/base/deploy/src/scriptlets/configuration.py
+++ b/base/deploy/src/scriptlets/configuration.py
@@ -35,7 +35,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
def spawn(self):
- if config.str2bool(master['pki_skip_configuration']):
+ if util.str2bool(master['pki_skip_configuration']):
pkilogging.pki_log.info(log.SKIP_CONFIGURATION_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
return self.rv
@@ -84,7 +84,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
elif master['pki_subsystem'] in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
# Optionally prepare to enable a java debugger
# (e. g. - 'eclipse'):
- if config.str2bool(master['pki_enable_java_debugger']):
+ if util.str2bool(master['pki_enable_java_debugger']):
config.prepare_for_an_external_java_debugger(
master['pki_target_tomcat_conf_instance_id'])
tomcat_instance_subsystems =\
diff --git a/base/deploy/src/scriptlets/finalization.py b/base/deploy/src/scriptlets/finalization.py
index f11e2ed73..36068c153 100644
--- a/base/deploy/src/scriptlets/finalization.py
+++ b/base/deploy/src/scriptlets/finalization.py
@@ -35,7 +35,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
def spawn(self):
- if config.str2bool(master['pki_skip_installation']):
+ if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_FINALIZATION_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
return self.rv
@@ -59,7 +59,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
util.file.copy(master['pki_manifest'],
master['pki_manifest_spawn_archive'])
# Optionally, programmatically 'restart' the configured PKI instance
- if config.str2bool(master['pki_restart_configured_instance']):
+ if util.str2bool(master['pki_restart_configured_instance']):
util.systemd.restart()
# Optionally, 'purge' the entire temporary client infrastructure
# including the client NSS security databases and password files
@@ -68,12 +68,12 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
# placed under this infrastructure, it may accidentally
# be deleted!
#
- if config.str2bool(master['pki_client_database_purge']):
+ if util.str2bool(master['pki_client_database_purge']):
if util.directory.exists(master['pki_client_dir']):
util.directory.delete(master['pki_client_dir'])
# If instance has not been configured, print the
# configuration URL to the log
- if config.str2bool(master['pki_skip_configuration']):
+ if util.str2bool(master['pki_skip_configuration']):
util.configuration_file.log_configuration_url()
# Log final process messages
pkilogging.pki_log.info(log.PKISPAWN_END_MESSAGE_2,
@@ -83,7 +83,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
util.file.modify(master['pki_spawn_log'], silent=True)
# If instance has not been configured, print the
# configuration URL to the screen
- if config.str2bool(master['pki_skip_configuration']):
+ if util.str2bool(master['pki_skip_configuration']):
util.configuration_file.display_configuration_url()
return self.rv
diff --git a/base/deploy/src/scriptlets/infrastructure_layout.py b/base/deploy/src/scriptlets/infrastructure_layout.py
index 5e86710f2..7726133a0 100644
--- a/base/deploy/src/scriptlets/infrastructure_layout.py
+++ b/base/deploy/src/scriptlets/infrastructure_layout.py
@@ -34,7 +34,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
def spawn(self):
- if config.str2bool(master['pki_skip_installation']):
+ if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_ADMIN_DOMAIN_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
return self.rv
diff --git a/base/deploy/src/scriptlets/initialization.py b/base/deploy/src/scriptlets/initialization.py
index b64f52f1d..abd192b63 100644
--- a/base/deploy/src/scriptlets/initialization.py
+++ b/base/deploy/src/scriptlets/initialization.py
@@ -39,7 +39,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
master['pki_subsystem'],
master['pki_instance_id'],
extra=PKIConfig.PKI_INDENTATION_LEVEL_0)
- if config.str2bool(master['pki_skip_installation']):
+ if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_INITIALIZATION_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
return self.rv
diff --git a/base/deploy/src/scriptlets/instance_layout.py b/base/deploy/src/scriptlets/instance_layout.py
index aae9c0a0c..0caad1d40 100644
--- a/base/deploy/src/scriptlets/instance_layout.py
+++ b/base/deploy/src/scriptlets/instance_layout.py
@@ -39,7 +39,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
def spawn(self):
- if config.str2bool(master['pki_skip_installation']):
+ if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_INSTANCE_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
return self.rv
diff --git a/base/deploy/src/scriptlets/pkiconfig.py b/base/deploy/src/scriptlets/pkiconfig.py
index 2544aa6cf..ee35010a6 100644
--- a/base/deploy/src/scriptlets/pkiconfig.py
+++ b/base/deploy/src/scriptlets/pkiconfig.py
@@ -136,10 +136,6 @@ pki_deployed_instance_name = None
pki_root_prefix = None
-# PKI Deployment Helper Functions
-def str2bool(string):
- return string.lower() in ("yes", "true", "t", "1")
-
# NOTE: To utilize the 'preparations_for_an_external_java_debugger(master)'
# and 'wait_to_attach_an_external_java_debugger(master)' functions,
# change 'pki_enable_java_debugger=False' to
diff --git a/base/deploy/src/scriptlets/pkihelper.py b/base/deploy/src/scriptlets/pkihelper.py
index 6cf395e77..5b71ad6b9 100644
--- a/base/deploy/src/scriptlets/pkihelper.py
+++ b/base/deploy/src/scriptlets/pkihelper.py
@@ -53,6 +53,9 @@ from pkiparser import PKIConfigParser
# PKI Deployment Helper Functions
+def str2bool(string):
+ return string.lower() in ("yes", "true", "t", "1")
+
def pki_copytree(src, dst, symlinks=False, ignore=None):
"""Recursively copy a directory tree using copy2().
@@ -450,7 +453,7 @@ class configuration_file:
extra=PKIConfig.PKI_INDENTATION_LEVEL_2)
sys.exit(1)
# Verify existence of Admin Password (except for Clones)
- if not config.str2bool(master['pki_clone']):
+ if not str2bool(master['pki_clone']):
if not sensitive.has_key('pki_admin_password') or\
not len(sensitive['pki_admin_password']):
pkilogging.pki_log.error(
@@ -460,7 +463,7 @@ class configuration_file:
extra=PKIConfig.PKI_INDENTATION_LEVEL_2)
sys.exit(1)
# If required, verify existence of Backup Password
- if config.str2bool(master['pki_backup_keys']):
+ if str2bool(master['pki_backup_keys']):
if not sensitive.has_key('pki_backup_password') or\
not len(sensitive['pki_backup_password']):
pkilogging.pki_log.error(
@@ -488,7 +491,7 @@ class configuration_file:
extra=PKIConfig.PKI_INDENTATION_LEVEL_2)
sys.exit(1)
# Verify existence of PKCS #12 Password (ONLY for Clones)
- if config.str2bool(master['pki_clone']):
+ if str2bool(master['pki_clone']):
if not sensitive.has_key('pki_clone_pkcs12_password') or\
not len(sensitive['pki_clone_pkcs12_password']):
pkilogging.pki_log.error(
@@ -499,9 +502,9 @@ class configuration_file:
sys.exit(1)
# Verify existence of Security Domain Password File
# (ONLY for Clones, KRA, OCSP, TKS, or Subordinate CA)
- if config.str2bool(master['pki_clone']) or\
+ if str2bool(master['pki_clone']) or\
not master['pki_subsystem'] == "CA" or\
- config.str2bool(master['pki_subordinate']):
+ str2bool(master['pki_subordinate']):
if not sensitive.has_key('pki_security_domain_password') or\
not len(sensitive['pki_security_domain_password']):
pkilogging.pki_log.error(
@@ -526,30 +529,30 @@ class configuration_file:
# Silently verify the existence of 'mutually exclusive' data
if master['pki_subsystem'] in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
if master['pki_subsystem'] == "CA":
- if config.str2bool(master['pki_clone']) and\
- config.str2bool(master['pki_external']) and\
- config.str2bool(master['pki_subordinate']):
+ if str2bool(master['pki_clone']) and\
+ str2bool(master['pki_external']) and\
+ str2bool(master['pki_subordinate']):
pkilogging.pki_log.error(
log.PKIHELPER_MUTUALLY_EXCLUSIVE_CLONE_EXTERNAL_SUB_CA,
master['pki_deployment_cfg'],
extra=PKIConfig.PKI_INDENTATION_LEVEL_2)
sys.exit(1)
- elif config.str2bool(master['pki_clone']) and\
- config.str2bool(master['pki_external']):
+ elif str2bool(master['pki_clone']) and\
+ str2bool(master['pki_external']):
pkilogging.pki_log.error(
log.PKIHELPER_MUTUALLY_EXCLUSIVE_CLONE_EXTERNAL_CA,
master['pki_deployment_cfg'],
extra=PKIConfig.PKI_INDENTATION_LEVEL_2)
sys.exit(1)
- elif config.str2bool(master['pki_clone']) and\
- config.str2bool(master['pki_subordinate']):
+ elif str2bool(master['pki_clone']) and\
+ str2bool(master['pki_subordinate']):
pkilogging.pki_log.error(
log.PKIHELPER_MUTUALLY_EXCLUSIVE_CLONE_SUB_CA,
master['pki_deployment_cfg'],
extra=PKIConfig.PKI_INDENTATION_LEVEL_2)
sys.exit(1)
- elif config.str2bool(master['pki_external']) and\
- config.str2bool(master['pki_subordinate']):
+ elif str2bool(master['pki_external']) and\
+ str2bool(master['pki_subordinate']):
pkilogging.pki_log.error(
log.PKIHELPER_MUTUALLY_EXCLUSIVE_EXTERNAL_SUB_CA,
master['pki_deployment_cfg'],
@@ -568,7 +571,7 @@ class configuration_file:
# 'True' or 'False', etc.) of ALL required "value" parameters.
#
if master['pki_subsystem'] in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
- if config.str2bool(master['pki_clone']):
+ if str2bool(master['pki_clone']):
# Verify existence of clone parameters
if not master.has_key('pki_ds_base_dn') or\
not len(master['pki_ds_base_dn']):
@@ -680,7 +683,7 @@ class configuration_file:
extra=PKIConfig.PKI_INDENTATION_LEVEL_2)
sys.exit(1)
elif master['pki_subsystem'] == "CA" and\
- config.str2bool(master['pki_external']):
+ str2bool(master['pki_external']):
if not master.has_key('pki_external_step_two') or\
not len(master['pki_external_step_two']):
pkilogging.pki_log.error(
@@ -689,7 +692,7 @@ class configuration_file:
master['pki_deployment_cfg'],
extra=PKIConfig.PKI_INDENTATION_LEVEL_2)
sys.exit(1)
- if not config.str2bool(master['pki_step_two']):
+ if not str2bool(master['pki_step_two']):
if not master.has_key('pki_external_csr_path') or\
not len(master['pki_external_csr_path']):
pkilogging.pki_log.error(
diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py
index 3753c9e49..306f203cd 100644
--- a/base/deploy/src/scriptlets/pkijython.py
+++ b/base/deploy/src/scriptlets/pkijython.py
@@ -152,6 +152,7 @@ from netscape.security.x509 import X500Name
# PKI Python Imports
import pkiconfig as config
from pkiconfig import PKIConfig
+import pkihelper as util
import pkimessages as log
@@ -182,7 +183,7 @@ def generateCRMFRequest(token, keysize, subjectdn, dualkey):
# 1st : Encryption key
s1.addElement(crmfMsg)
# 2nd : Signing Key
- if config.str2bool(dualkey):
+ if util.str2bool(dualkey):
javasystem.out.println(log.PKI_JYTHON_IS_DUALKEY)
seq1 = SEQUENCE()
certReqSigning = CertRequest(INTEGER(1), certTemplate, seq1)
@@ -326,17 +327,17 @@ class rest_client:
data.setBindDN(self.master['pki_ds_bind_dn'])
data.setDatabase(self.master['pki_ds_database'])
data.setBindpwd(self.sensitive['pki_ds_password'])
- if config.str2bool(self.master['pki_ds_remove_data']):
+ if util.str2bool(self.master['pki_ds_remove_data']):
data.setRemoveData("true")
else:
data.setRemoveData("false")
- if config.str2bool(self.master['pki_ds_secure_connection']):
+ if util.str2bool(self.master['pki_ds_secure_connection']):
data.setSecureConn("true")
else:
data.setSecureConn("false")
def set_backup_parameters(self, data):
- if config.str2bool(self.master['pki_backup_keys']):
+ if util.str2bool(self.master['pki_backup_keys']):
data.setBackupKeys("true")
data.setBackupFile(self.master['pki_backup_keys_p12'])
data.setBackupPassword(self.sensitive['pki_backup_password'])
@@ -352,7 +353,7 @@ class rest_client:
data.setAdminSubjectDN(self.master['pki_admin_subject_dn'])
if self.master['pki_admin_cert_request_type'] == "crmf":
data.setAdminCertRequestType("crmf")
- if config.str2bool(self.master['pki_admin_dualkey']):
+ if util.str2bool(self.master['pki_admin_dualkey']):
crmf_request = generateCRMFRequest(
token,
self.master['pki_admin_keysize'],
@@ -428,14 +429,14 @@ class rest_client:
# Hierarchy
if master['pki_instance_type'] == "Tomcat":
if master['pki_subsystem'] == "CA":
- if config.str2bool(master['pki_clone']):
+ if util.str2bool(master['pki_clone']):
# Cloned CA
# alee - is this correct?
data.setHierarchy("root")
- elif config.str2bool(master['pki_external']):
+ elif util.str2bool(master['pki_external']):
# External CA
data.setHierarchy("join")
- elif config.str2bool(master['pki_subordinate']):
+ elif util.str2bool(master['pki_subordinate']):
# Subordinate CA
data.setHierarchy("join")
else:
@@ -444,20 +445,20 @@ class rest_client:
# Cloning parameters
if master['pki_instance_type'] == "Tomcat":
- if config.str2bool(master['pki_clone']):
+ if util.str2bool(master['pki_clone']):
self.set_cloning_parameters(data)
else:
data.setIsClone("false")
# Security Domain
if master['pki_subsystem'] != "CA" or\
- config.str2bool(master['pki_clone']) or\
- config.str2bool(master['pki_subordinate']):
+ util.str2bool(master['pki_clone']) or\
+ util.str2bool(master['pki_subordinate']):
# PKI KRA, PKI OCSP, PKI RA, PKI TKS, PKI TPS,
# CA Clone, KRA Clone, OCSP Clone, TKS Clone, or
# Subordinate CA
self.set_existing_security_domain(data)
- elif not config.str2bool(master['pki_external']):
+ elif not util.str2bool(master['pki_external']):
# PKI CA
self.set_new_security_domain(data)
@@ -467,14 +468,14 @@ class rest_client:
if master['pki_instance_type'] == "Tomcat":
self.set_backup_parameters(data)
- if not config.str2bool(master['pki_clone']):
+ if not util.str2bool(master['pki_clone']):
self.set_admin_parameters(token, data)
# Issuing CA Information
if master['pki_subsystem'] != "CA" or\
- config.str2bool(master['pki_clone']) or\
- config.str2bool(master['pki_subordinate']) or\
- config.str2bool(master['pki_external']):
+ util.str2bool(master['pki_clone']) or\
+ util.str2bool(master['pki_subordinate']) or\
+ util.str2bool(master['pki_external']):
# PKI KRA, PKI OCSP, PKI RA, PKI TKS, PKI TPS,
# CA Clone, KRA Clone, OCSP Clone, TKS Clone,
# Subordinate CA, or External CA
@@ -485,14 +486,14 @@ class rest_client:
# Create 'CA Signing Certificate'
if master['pki_subsystem'] == "CA":
- if not config.str2bool(master['pki_clone']):
+ if not util.str2bool(master['pki_clone']):
cert = self.create_system_cert("ca_signing")
cert.setSigningAlgorithm(
master['pki_ca_signing_signing_algorithm'])
systemCerts.add(cert)
# Create 'OCSP Signing Certificate'
- if not config.str2bool(master['pki_clone']):
+ if not util.str2bool(master['pki_clone']):
if master['pki_subsystem'] == "CA" or\
master['pki_subsystem'] == "OCSP":
# External CA, Subordinate CA, PKI CA, or PKI OCSP
@@ -521,12 +522,12 @@ class rest_client:
systemCerts.add(cert3)
# Create 'Subsystem Certificate'
- if not config.str2bool(master['pki_clone']):
+ if not util.str2bool(master['pki_clone']):
cert4 = self.create_system_cert("subsystem")
systemCerts.add(cert4)
# Create 'Audit Signing Certificate'
- if not config.str2bool(master['pki_clone']):
+ if not util.str2bool(master['pki_clone']):
if master['pki_subsystem'] != "RA":
cert5 = self.create_system_cert("audit_signing")
cert5.setSigningAlgorithm(
@@ -534,7 +535,7 @@ class rest_client:
systemCerts.add(cert5)
# Create DRM Transport and storage Certificates
- if not config.str2bool(master['pki_clone']):
+ if not util.str2bool(master['pki_clone']):
if master['pki_subsystem'] == "KRA":
cert6 = self.create_system_cert("transport")
systemCerts.add(cert6)
@@ -568,7 +569,7 @@ class rest_client:
javasystem.out.println(log.PKI_JYTHON_CDATA_REQUEST + " " +\
cdata.getRequest())
# Cloned PKI subsystems do not return an Admin Certificate
- if not config.str2bool(master['pki_clone']):
+ if not util.str2bool(master['pki_clone']):
admin_cert = response.getAdminCert().getCert()
javasystem.out.println(log.PKI_JYTHON_RESPONSE_ADMIN_CERT +\
" " + admin_cert)
diff --git a/base/deploy/src/scriptlets/pkiparser.py b/base/deploy/src/scriptlets/pkiparser.py
index 9ac4be2ae..7846537df 100644
--- a/base/deploy/src/scriptlets/pkiparser.py
+++ b/base/deploy/src/scriptlets/pkiparser.py
@@ -33,6 +33,7 @@ import time
# PKI Deployment Imports
import pkiconfig as config
from pkiconfig import PKIConfig
+import pkihelper as util
import pkilogging
import pkimessages as log
@@ -1181,7 +1182,7 @@ class PKIConfigParser:
config.pki_master_dict['PKI_PIDDIR_SLOT'] =\
os.path.join("/var/run/pki",
"tomcat")
- if config.str2bool(config.pki_master_dict['pki_enable_proxy']):
+ if util.str2bool(config.pki_master_dict['pki_enable_proxy']):
config.pki_master_dict['PKI_CLOSE_AJP_PORT_COMMENT_SLOT'] =\
""
config.pki_master_dict['PKI_CLOSE_ENABLE_PROXY_COMMENT_SLOT'] =\
@@ -1469,21 +1470,21 @@ class PKIConfigParser:
if not len(config.pki_master_dict['pki_subsystem_name']):
if config.pki_master_dict['pki_subsystem'] in\
PKIConfig.PKI_TOMCAT_SUBSYSTEMS and \
- config.str2bool(config.pki_master_dict['pki_clone']):
+ util.str2bool(config.pki_master_dict['pki_clone']):
config.pki_master_dict['pki_subsystem_name'] =\
PKIConfig.PKI_DEPLOYMENT_CLONED_PKI_SUBSYSTEM + " " +\
config.pki_subsystem + " " +\
config.pki_master_dict['pki_hostname'] + " " +\
config.pki_master_dict['pki_https_port']
elif config.pki_subsystem == "CA" and \
- config.str2bool(config.pki_master_dict['pki_external']):
+ util.str2bool(config.pki_master_dict['pki_external']):
config.pki_master_dict['pki_subsystem_name'] =\
PKIConfig.PKI_DEPLOYMENT_EXTERNAL_CA + " " +\
config.pki_subsystem + " " +\
config.pki_master_dict['pki_hostname'] + " " +\
config.pki_master_dict['pki_https_port']
elif config.pki_subsystem == "CA" and \
- config.str2bool(config.pki_master_dict['pki_subordinate']):
+ util.str2bool(config.pki_master_dict['pki_subordinate']):
config.pki_master_dict['pki_subsystem_name'] =\
PKIConfig.PKI_DEPLOYMENT_SUBORDINATE_CA + " " +\
config.pki_subsystem + " " +\
@@ -1495,8 +1496,8 @@ class PKIConfigParser:
config.pki_master_dict['pki_hostname'] + " " +\
config.pki_master_dict['pki_https_port']
if config.pki_subsystem != "CA" or\
- config.str2bool(config.pki_master_dict['pki_clone']) or\
- config.str2bool(config.pki_master_dict['pki_subordinate']):
+ util.str2bool(config.pki_master_dict['pki_clone']) or\
+ util.str2bool(config.pki_master_dict['pki_subordinate']):
# PKI KRA, PKI OCSP, PKI RA, PKI TKS, PKI TPS,
# CA Clone, KRA Clone, OCSP Clone, TKS Clone, or
# Subordinate CA
@@ -1520,7 +1521,7 @@ class PKIConfigParser:
# config.pki_master_dict['pki_security_domain_uri']
config.pki_master_dict['pki_issuing_ca'] =\
config.pki_master_dict['pki_security_domain_uri']
- elif config.str2bool(config.pki_master_dict['pki_external']):
+ elif util.str2bool(config.pki_master_dict['pki_external']):
# External CA
#
# NOTE: External CA's DO NOT require a security domain
@@ -1562,7 +1563,7 @@ class PKIConfigParser:
# config.pki_master_dict['pki_ds_database']
# config.pki_master_dict['pki_ds_hostname']
#
- if not config.str2bool(config.pki_master_dict['pki_clone']):
+ if not util.str2bool(config.pki_master_dict['pki_clone']):
if not len(config.pki_master_dict['pki_ds_base_dn']):
# if the instance is NOT a clone, create a default BASE DN
# of "o=${pki_instance_id}"; the reason that this default
@@ -1610,7 +1611,7 @@ class PKIConfigParser:
# config.pki_sensitive_dict['pki_backup_password']
# config.pki_master_dict['pki_backup_keys']
#
- if config.str2bool(config.pki_master_dict['pki_backup_keys']):
+ if util.str2bool(config.pki_master_dict['pki_backup_keys']):
# NOTE: ALWAYS store the PKCS #12 backup keys file
# in with the NSS "server" security databases
config.pki_master_dict['pki_backup_keys_p12'] =\
@@ -1668,9 +1669,9 @@ class PKIConfigParser:
config.pki_master_dict['pki_security_domain_name'] +\
" " + "ID"
elif config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
- if not config.str2bool(config.pki_master_dict['pki_clone']):
+ if not util.str2bool(config.pki_master_dict['pki_clone']):
if config.pki_master_dict['pki_subsystem'] == "CA":
- if config.str2bool(
+ if util.str2bool(
config.pki_master_dict['pki_external']):
# External CA
config.pki_master_dict['pki_admin_nickname'] =\
@@ -1731,9 +1732,9 @@ class PKIConfigParser:
"," + "o=" +\
config.pki_master_dict['pki_security_domain_name']
elif config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
- if not config.str2bool(config.pki_master_dict['pki_clone']):
+ if not util.str2bool(config.pki_master_dict['pki_clone']):
if config.pki_master_dict['pki_subsystem'] == "CA":
- if config.str2bool(
+ if util.str2bool(
config.pki_master_dict['pki_external']):
# External CA
config.pki_master_dict['pki_admin_subject_dn'] =\
@@ -1813,7 +1814,7 @@ class PKIConfigParser:
# config.pki_master_dict['pki_ca_signing_token']
#
if config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
- if not config.str2bool(config.pki_master_dict['pki_clone']):
+ if not util.str2bool(config.pki_master_dict['pki_clone']):
if config.pki_master_dict['pki_subsystem'] == "CA":
# config.pki_master_dict['pki_ca_signing_nickname']
if not len(config.pki_master_dict\
@@ -1823,13 +1824,13 @@ class PKIConfigParser:
config.pki_master_dict['pki_instance_id'] + " " +\
config.pki_subsystem
# config.pki_master_dict['pki_ca_signing_subject_dn']
- if config.str2bool(config.pki_master_dict['pki_external']):
+ if util.str2bool(config.pki_master_dict['pki_external']):
# External CA
if not len(config.pki_master_dict\
['pki_ca_signing_subject_dn']):
config.pki_master_dict['pki_ca_signing_subject_dn']\
= "cn=" + "External CA Signing Certificate"
- elif config.str2bool(
+ elif util.str2bool(
config.pki_master_dict['pki_subordinate']):
# Subordinate CA
if not len(config.pki_master_dict\
@@ -1882,7 +1883,7 @@ class PKIConfigParser:
# config.pki_master_dict['pki_ocsp_signing_token']
#
if config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
- if not config.str2bool(config.pki_master_dict['pki_clone']):
+ if not util.str2bool(config.pki_master_dict['pki_clone']):
if config.pki_master_dict['pki_subsystem'] == "CA":
if not len(config.pki_master_dict\
['pki_ocsp_signing_nickname']):
@@ -1890,14 +1891,14 @@ class PKIConfigParser:
"ocspSigningCert" + " " + "cert-" +\
config.pki_master_dict['pki_instance_id'] + " " +\
config.pki_subsystem
- if config.str2bool(config.pki_master_dict['pki_external']):
+ if util.str2bool(config.pki_master_dict['pki_external']):
# External CA
if not len(config.pki_master_dict\
['pki_ocsp_signing_subject_dn']):
config.pki_master_dict\
['pki_ocsp_signing_subject_dn'] =\
"cn=" + "External CA OCSP Signing Certificate"
- elif config.str2bool(
+ elif util.str2bool(
config.pki_master_dict['pki_subordinate']):
# Subordinate CA
if not len(config.pki_master_dict\
@@ -1983,7 +1984,7 @@ class PKIConfigParser:
config.pki_master_dict['pki_security_domain_name']
elif config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
if config.pki_master_dict['pki_subsystem'] == "CA" and\
- config.str2bool(config.pki_master_dict['pki_external']):
+ util.str2bool(config.pki_master_dict['pki_external']):
# External CA
config.pki_master_dict['pki_ssl_server_subject_dn'] =\
"cn=" + config.pki_master_dict['pki_hostname'] +\
@@ -2050,7 +2051,7 @@ class PKIConfigParser:
config.pki_master_dict['pki_subsystem_token'] =\
"Internal Key Storage Token"
elif config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
- if not config.str2bool(config.pki_master_dict['pki_clone']):
+ if not util.str2bool(config.pki_master_dict['pki_clone']):
if not len(config.pki_master_dict['pki_subsystem_nickname']):
config.pki_master_dict['pki_subsystem_nickname'] =\
"subsystemCert" + " " + "cert-" +\
@@ -2058,12 +2059,12 @@ class PKIConfigParser:
config.pki_subsystem
if not len(config.pki_master_dict['pki_subsystem_subject_dn']):
if config.pki_master_dict['pki_subsystem'] == "CA":
- if config.str2bool(
+ if util.str2bool(
config.pki_master_dict['pki_external']):
# External CA
config.pki_master_dict['pki_subsystem_subject_dn']\
= "cn=" + "External CA Subsystem Certificate"
- elif config.str2bool(
+ elif util.str2bool(
config.pki_master_dict['pki_subordinate']):
# Subordinate CA
config.pki_master_dict['pki_subsystem_subject_dn']\
@@ -2151,7 +2152,7 @@ class PKIConfigParser:
config.pki_master_dict['pki_audit_signing_token'] =\
"Internal Key Storage Token"
elif config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
- if not config.str2bool(config.pki_master_dict['pki_clone']):
+ if not util.str2bool(config.pki_master_dict['pki_clone']):
if not len(config.pki_master_dict\
['pki_audit_signing_nickname']):
config.pki_master_dict['pki_audit_signing_nickname'] =\
@@ -2161,13 +2162,13 @@ class PKIConfigParser:
if not len(config.pki_master_dict\
['pki_audit_signing_subject_dn']):
if config.pki_master_dict['pki_subsystem'] == "CA":
- if config.str2bool(
+ if util.str2bool(
config.pki_master_dict['pki_external']):
# External CA
config.pki_master_dict\
['pki_audit_signing_subject_dn'] =\
"cn=" + "External CA Audit Signing Certificate"
- elif config.str2bool(
+ elif util.str2bool(
config.pki_master_dict['pki_subordinate']):
# Subordinate CA
config.pki_master_dict\
@@ -2232,7 +2233,7 @@ class PKIConfigParser:
# config.pki_master_dict['pki_transport_token']
#
if config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
- if not config.str2bool(config.pki_master_dict['pki_clone']):
+ if not util.str2bool(config.pki_master_dict['pki_clone']):
if config.pki_master_dict['pki_subsystem'] == "KRA":
# PKI KRA
if not len(config.pki_master_dict\
@@ -2277,7 +2278,7 @@ class PKIConfigParser:
# config.pki_master_dict['pki_storage_token']
#
if config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
- if not config.str2bool(config.pki_master_dict['pki_clone']):
+ if not util.str2bool(config.pki_master_dict['pki_clone']):
if config.pki_master_dict['pki_subsystem'] == "KRA":
# PKI KRA
if not len(config.pki_master_dict['pki_storage_nickname']):
diff --git a/base/deploy/src/scriptlets/security_databases.py b/base/deploy/src/scriptlets/security_databases.py
index 5e4cb718b..19da1d5df 100644
--- a/base/deploy/src/scriptlets/security_databases.py
+++ b/base/deploy/src/scriptlets/security_databases.py
@@ -35,7 +35,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
def spawn(self):
- if config.str2bool(master['pki_skip_installation']):
+ if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_SECURITY_DATABASES_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
return self.rv
diff --git a/base/deploy/src/scriptlets/selinux_setup.py b/base/deploy/src/scriptlets/selinux_setup.py
index 130593953..57c335ee1 100644
--- a/base/deploy/src/scriptlets/selinux_setup.py
+++ b/base/deploy/src/scriptlets/selinux_setup.py
@@ -42,7 +42,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
selinux.restorecon(master['pki_instance_configuration_path'], True)
def spawn(self):
- if config.str2bool(master['pki_skip_installation']):
+ if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_SELINUX_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
return self.rv
diff --git a/base/deploy/src/scriptlets/slot_substitution.py b/base/deploy/src/scriptlets/slot_substitution.py
index 7e3971ab1..e0451f327 100644
--- a/base/deploy/src/scriptlets/slot_substitution.py
+++ b/base/deploy/src/scriptlets/slot_substitution.py
@@ -35,7 +35,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
def spawn(self):
- if config.str2bool(master['pki_skip_installation']):
+ if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_SLOT_ASSIGNMENT_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
return self.rv
diff --git a/base/deploy/src/scriptlets/subsystem_layout.py b/base/deploy/src/scriptlets/subsystem_layout.py
index 65b760fc2..22d569906 100644
--- a/base/deploy/src/scriptlets/subsystem_layout.py
+++ b/base/deploy/src/scriptlets/subsystem_layout.py
@@ -34,7 +34,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
def spawn(self):
- if config.str2bool(master['pki_skip_installation']):
+ if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_SUBSYSTEM_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
return self.rv
diff --git a/base/deploy/src/scriptlets/webapp_deployment.py b/base/deploy/src/scriptlets/webapp_deployment.py
index 3f487be58..d707d48ea 100644
--- a/base/deploy/src/scriptlets/webapp_deployment.py
+++ b/base/deploy/src/scriptlets/webapp_deployment.py
@@ -39,7 +39,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
def spawn(self):
if master['pki_subsystem'] in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
- if config.str2bool(master['pki_skip_installation']):
+ if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_WEBAPP_DEPLOYMENT_SPAWN_1,
__name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)