summaryrefslogtreecommitdiffstats
path: root/base/deploy/src/scriptlets/pkijython.py
diff options
context:
space:
mode:
authorMatthew Harmsen <mharmsen@redhat.com>2012-07-28 18:59:30 -0700
committerAde Lee <alee@redhat.com>2012-07-30 23:51:19 -0400
commitf589cc1e267d6d7b67a6463b4495b7a9c982669f (patch)
tree765428401ea3072d768b6d5f52f366e617bcc927 /base/deploy/src/scriptlets/pkijython.py
parent2d427ce0008fb43ae9f6c02301ce6793a42904b9 (diff)
downloadpki-f589cc1e267d6d7b67a6463b4495b7a9c982669f.tar.gz
pki-f589cc1e267d6d7b67a6463b4495b7a9c982669f.tar.xz
pki-f589cc1e267d6d7b67a6463b4495b7a9c982669f.zip
PKI Deployment Scriptlets
* TRAC Ticket #263 - Dogtag 10: Fix 'pkidestroy' problem of sporadically "not" removing "/etc/sysconfig/{pki_instance_id}" . . . * TRAC Ticket #264 - Dogtag 10: Enable various other subsystems for configuration . . . * TRAC Ticket #261 - Dogtag 10: Revisit command-line options of 'pkispawn' and 'pkidestroy' . . . * TRAC Ticket #268 - Dogtag 10: Create a parameter for optional restart of configured PKI instance . . . * TRAC Ticket #270 - Dogtag 10: Add missing parameters to 'pkideployment.cfg' . . . * TRAC Ticket #265 - Dogtag 10: Provide configurable options for PKI client information . . . * TRAC Ticket #275 - Dogtag 10: Add debug information (comments) to Tomcat 7 "logging.properties" * TRAC Ticket #276 - Dogtag 10: Relocate all 'pin' data to the 'sensitive' dictionary * TRAC Ticket #277 - Dogtag 10: Create an 'archive' for 'manifest' and 'pkideployment.cfg' files * TRAC Ticket #278 - Dogtag 10: Fix Miscellaneous PKI Deployment Scriptlet Issues . . .
Diffstat (limited to 'base/deploy/src/scriptlets/pkijython.py')
-rw-r--r--base/deploy/src/scriptlets/pkijython.py33
1 files changed, 7 insertions, 26 deletions
diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py
index ffd8884cd..0c482bbdf 100644
--- a/base/deploy/src/scriptlets/pkijython.py
+++ b/base/deploy/src/scriptlets/pkijython.py
@@ -154,23 +154,6 @@ import pkimessages as log
# PKI Deployment Jython Helper Functions
-def extract_sensitive_data(configuration_file):
- "Read 'sensitive' configuration file section into a dictionary"
- try:
- parser = ConfigParser.ConfigParser()
- # Make keys case-sensitive!
- parser.optionxform = str
- parser.read(configuration_file)
- # return dict(parser._sections['Sensitive'])
- dictionary = {}
- for option in parser.options('Sensitive'):
- dictionary[option] = parser.get('Sensitive', option)
- return dictionary
- except ConfigParser.ParsingError, err:
- javasystem.out.println(log.PKI_JYTHON_EXCEPTION_PARSER + " '" +\
- configuration_file + "': " + str(err))
- javasystem.exit(1)
-
def generateCRMFRequest(token, keysize, subjectdn, dualkey):
kg = token.getKeyPairGenerator(KeyPairAlgorithm.RSA)
x = Integer(keysize)
@@ -285,7 +268,7 @@ class rest_client:
e.printStackTrace()
javasystem.exit(1)
- def construct_pki_configuration_data(self, master, token):
+ def construct_pki_configuration_data(self, master, sensitive, token):
data = None
if master['pki_jython_log_level'] >= config.PKI_JYTHON_INFO_LOG_LEVEL:
print "%s %s '%s'" %\
@@ -293,10 +276,9 @@ class rest_client:
log.PKI_JYTHON_CONSTRUCTING_PKI_DATA,
master['pki_subsystem'])
if not master['pki_dry_run_flag']:
- sensitive = extract_sensitive_data(master['pki_deployment_cfg'])
data = ConfigurationData()
# Miscellaneous Configuration Information
- data.setPin(master['pki_one_time_pin'])
+ data.setPin(sensitive['pki_one_time_pin'])
data.setToken(ConfigurationData.TOKEN_DEFAULT)
if master['pki_instance_type'] == "Tomcat":
data.setSubsystemName(master['pki_subsystem_name'])
@@ -390,7 +372,7 @@ class rest_client:
if master['pki_instance_type'] == "Tomcat":
if config.str2bool(master['pki_backup_keys']):
data.setBackupKeys("true")
- data.setBackupFile(master['pki_backup_file'])
+ data.setBackupFile(master['pki_backup_keys_p12'])
data.setBackupPassword(
sensitive['pki_backup_password'])
else:
@@ -569,7 +551,7 @@ class rest_client:
data.setSystemCerts(systemCerts)
return data
- def configure_pki_data(self, data, master):
+ def configure_pki_data(self, data, master, sensitive):
if master['pki_jython_log_level'] >= config.PKI_JYTHON_INFO_LOG_LEVEL:
print "%s %s '%s'" %\
(log.PKI_JYTHON_INDENTATION_2,
@@ -577,7 +559,6 @@ class rest_client:
master['pki_subsystem'])
if not master['pki_dry_run_flag']:
try:
- sensitive = extract_sensitive_data(master['pki_deployment_cfg'])
response = self.client.configure(data)
javasystem.out.println(log.PKI_JYTHON_RESPONSE_STATUS +\
" " + response.getStatus())
@@ -595,7 +576,7 @@ class rest_client:
javasystem.out.println(log.PKI_JYTHON_CDATA_REQUEST + " " +\
cdata.getRequest())
# Store the Administration Certificate in a file
- admin_cert_file = os.path.join(master['pki_client_path'],
+ admin_cert_file = os.path.join(master['pki_client_dir'],
master['pki_client_admin_cert'])
javasystem.out.println(log.PKI_JYTHON_ADMIN_CERT_SAVE +\
" " + "'" + admin_cert_file + "'")
@@ -626,7 +607,7 @@ class rest_client:
"-f" + " " +\
master['pki_client_password_conf'] + " " +\
"-d" + " " +\
- master['pki_client_database_path'] + " " +\
+ master['pki_client_database_dir'] + " " +\
"-a" + " " +\
"-i" + " " +\
admin_cert_file
@@ -643,7 +624,7 @@ class rest_client:
re.sub("&#39;", "'", master['pki_admin_nickname']) +\
"\"" + " " +\
"-d" + " " +\
- master['pki_client_database_path'] + " " +\
+ master['pki_client_database_dir'] + " " +\
"-k" + " " +\
master['pki_client_password_conf'] + " " +\
"-w" + " " +\