diff options
Diffstat (limited to 'base/deploy/src/scriptlets/pkiparser.py')
-rw-r--r-- | base/deploy/src/scriptlets/pkiparser.py | 57 |
1 files changed, 29 insertions, 28 deletions
diff --git a/base/deploy/src/scriptlets/pkiparser.py b/base/deploy/src/scriptlets/pkiparser.py index 29d97f9c9..4b13c2e4a 100644 --- a/base/deploy/src/scriptlets/pkiparser.py +++ b/base/deploy/src/scriptlets/pkiparser.py @@ -33,6 +33,7 @@ import time # PKI Deployment Imports import pkiconfig as config from pkiconfig import PKIConfig +import pkihelper as util import pkilogging import pkimessages as log @@ -1158,7 +1159,7 @@ class PKIConfigParser: config.pki_master_dict['PKI_PIDDIR_SLOT'] =\ os.path.join("/var/run/pki", "tomcat") - if config.str2bool(config.pki_master_dict['pki_enable_proxy']): + if util.str2bool(config.pki_master_dict['pki_enable_proxy']): config.pki_master_dict['PKI_CLOSE_AJP_PORT_COMMENT_SLOT'] =\ "" config.pki_master_dict['PKI_CLOSE_ENABLE_PROXY_COMMENT_SLOT'] =\ @@ -1428,21 +1429,21 @@ class PKIConfigParser: if not len(config.pki_master_dict['pki_subsystem_name']): if config.pki_master_dict['pki_subsystem'] in\ PKIConfig.PKI_TOMCAT_SUBSYSTEMS and \ - config.str2bool(config.pki_master_dict['pki_clone']): + util.str2bool(config.pki_master_dict['pki_clone']): config.pki_master_dict['pki_subsystem_name'] =\ PKIConfig.PKI_DEPLOYMENT_CLONED_PKI_SUBSYSTEM + " " +\ config.pki_subsystem + " " +\ config.pki_master_dict['pki_hostname'] + " " +\ config.pki_master_dict['pki_https_port'] elif config.pki_subsystem == "CA" and \ - config.str2bool(config.pki_master_dict['pki_external']): + util.str2bool(config.pki_master_dict['pki_external']): config.pki_master_dict['pki_subsystem_name'] =\ PKIConfig.PKI_DEPLOYMENT_EXTERNAL_CA + " " +\ config.pki_subsystem + " " +\ config.pki_master_dict['pki_hostname'] + " " +\ config.pki_master_dict['pki_https_port'] elif config.pki_subsystem == "CA" and \ - config.str2bool(config.pki_master_dict['pki_subordinate']): + util.str2bool(config.pki_master_dict['pki_subordinate']): config.pki_master_dict['pki_subsystem_name'] =\ PKIConfig.PKI_DEPLOYMENT_SUBORDINATE_CA + " " +\ config.pki_subsystem + " " +\ @@ -1454,8 +1455,8 @@ class PKIConfigParser: config.pki_master_dict['pki_hostname'] + " " +\ config.pki_master_dict['pki_https_port'] if config.pki_subsystem != "CA" or\ - config.str2bool(config.pki_master_dict['pki_clone']) or\ - config.str2bool(config.pki_master_dict['pki_subordinate']): + util.str2bool(config.pki_master_dict['pki_clone']) or\ + util.str2bool(config.pki_master_dict['pki_subordinate']): # PKI KRA, PKI OCSP, PKI RA, PKI TKS, PKI TPS, # CA Clone, KRA Clone, OCSP Clone, TKS Clone, or # Subordinate CA @@ -1479,7 +1480,7 @@ class PKIConfigParser: # config.pki_master_dict['pki_security_domain_uri'] config.pki_master_dict['pki_issuing_ca'] =\ config.pki_master_dict['pki_security_domain_uri'] - elif config.str2bool(config.pki_master_dict['pki_external']): + elif util.str2bool(config.pki_master_dict['pki_external']): # External CA # # NOTE: External CA's DO NOT require a security domain @@ -1521,7 +1522,7 @@ class PKIConfigParser: # config.pki_master_dict['pki_ds_database'] # config.pki_master_dict['pki_ds_hostname'] # - if not config.str2bool(config.pki_master_dict['pki_clone']): + if not util.str2bool(config.pki_master_dict['pki_clone']): if not len(config.pki_master_dict['pki_ds_base_dn']): # if the instance is NOT a clone, create a default BASE DN # of "o=${pki_instance_id}"; the reason that this default @@ -1569,7 +1570,7 @@ class PKIConfigParser: # config.pki_sensitive_dict['pki_backup_password'] # config.pki_master_dict['pki_backup_keys'] # - if config.str2bool(config.pki_master_dict['pki_backup_keys']): + if util.str2bool(config.pki_master_dict['pki_backup_keys']): # NOTE: ALWAYS store the PKCS #12 backup keys file # in with the NSS "server" security databases config.pki_master_dict['pki_backup_keys_p12'] =\ @@ -1627,9 +1628,9 @@ class PKIConfigParser: config.pki_master_dict['pki_security_domain_name'] +\ " " + "ID" elif config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS: - if not config.str2bool(config.pki_master_dict['pki_clone']): + if not util.str2bool(config.pki_master_dict['pki_clone']): if config.pki_master_dict['pki_subsystem'] == "CA": - if config.str2bool( + if util.str2bool( config.pki_master_dict['pki_external']): # External CA config.pki_master_dict['pki_admin_nickname'] =\ @@ -1690,9 +1691,9 @@ class PKIConfigParser: "," + "o=" +\ config.pki_master_dict['pki_security_domain_name'] elif config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS: - if not config.str2bool(config.pki_master_dict['pki_clone']): + if not util.str2bool(config.pki_master_dict['pki_clone']): if config.pki_master_dict['pki_subsystem'] == "CA": - if config.str2bool( + if util.str2bool( config.pki_master_dict['pki_external']): # External CA config.pki_master_dict['pki_admin_subject_dn'] =\ @@ -1772,7 +1773,7 @@ class PKIConfigParser: # config.pki_master_dict['pki_ca_signing_token'] # if config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS: - if not config.str2bool(config.pki_master_dict['pki_clone']): + if not util.str2bool(config.pki_master_dict['pki_clone']): if config.pki_master_dict['pki_subsystem'] == "CA": # config.pki_master_dict['pki_ca_signing_nickname'] if not len(config.pki_master_dict\ @@ -1782,13 +1783,13 @@ class PKIConfigParser: config.pki_master_dict['pki_instance_id'] + " " +\ config.pki_subsystem # config.pki_master_dict['pki_ca_signing_subject_dn'] - if config.str2bool(config.pki_master_dict['pki_external']): + if util.str2bool(config.pki_master_dict['pki_external']): # External CA if not len(config.pki_master_dict\ ['pki_ca_signing_subject_dn']): config.pki_master_dict['pki_ca_signing_subject_dn']\ = "cn=" + "External CA Signing Certificate" - elif config.str2bool( + elif util.str2bool( config.pki_master_dict['pki_subordinate']): # Subordinate CA if not len(config.pki_master_dict\ @@ -1841,7 +1842,7 @@ class PKIConfigParser: # config.pki_master_dict['pki_ocsp_signing_token'] # if config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS: - if not config.str2bool(config.pki_master_dict['pki_clone']): + if not util.str2bool(config.pki_master_dict['pki_clone']): if config.pki_master_dict['pki_subsystem'] == "CA": if not len(config.pki_master_dict\ ['pki_ocsp_signing_nickname']): @@ -1849,14 +1850,14 @@ class PKIConfigParser: "ocspSigningCert" + " " + "cert-" +\ config.pki_master_dict['pki_instance_id'] + " " +\ config.pki_subsystem - if config.str2bool(config.pki_master_dict['pki_external']): + if util.str2bool(config.pki_master_dict['pki_external']): # External CA if not len(config.pki_master_dict\ ['pki_ocsp_signing_subject_dn']): config.pki_master_dict\ ['pki_ocsp_signing_subject_dn'] =\ "cn=" + "External CA OCSP Signing Certificate" - elif config.str2bool( + elif util.str2bool( config.pki_master_dict['pki_subordinate']): # Subordinate CA if not len(config.pki_master_dict\ @@ -1942,7 +1943,7 @@ class PKIConfigParser: config.pki_master_dict['pki_security_domain_name'] elif config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS: if config.pki_master_dict['pki_subsystem'] == "CA" and\ - config.str2bool(config.pki_master_dict['pki_external']): + util.str2bool(config.pki_master_dict['pki_external']): # External CA config.pki_master_dict['pki_ssl_server_subject_dn'] =\ "cn=" + config.pki_master_dict['pki_hostname'] +\ @@ -2009,7 +2010,7 @@ class PKIConfigParser: config.pki_master_dict['pki_subsystem_token'] =\ "Internal Key Storage Token" elif config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS: - if not config.str2bool(config.pki_master_dict['pki_clone']): + if not util.str2bool(config.pki_master_dict['pki_clone']): if not len(config.pki_master_dict['pki_subsystem_nickname']): config.pki_master_dict['pki_subsystem_nickname'] =\ "subsystemCert" + " " + "cert-" +\ @@ -2017,12 +2018,12 @@ class PKIConfigParser: config.pki_subsystem if not len(config.pki_master_dict['pki_subsystem_subject_dn']): if config.pki_master_dict['pki_subsystem'] == "CA": - if config.str2bool( + if util.str2bool( config.pki_master_dict['pki_external']): # External CA config.pki_master_dict['pki_subsystem_subject_dn']\ = "cn=" + "External CA Subsystem Certificate" - elif config.str2bool( + elif util.str2bool( config.pki_master_dict['pki_subordinate']): # Subordinate CA config.pki_master_dict['pki_subsystem_subject_dn']\ @@ -2110,7 +2111,7 @@ class PKIConfigParser: config.pki_master_dict['pki_audit_signing_token'] =\ "Internal Key Storage Token" elif config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS: - if not config.str2bool(config.pki_master_dict['pki_clone']): + if not util.str2bool(config.pki_master_dict['pki_clone']): if not len(config.pki_master_dict\ ['pki_audit_signing_nickname']): config.pki_master_dict['pki_audit_signing_nickname'] =\ @@ -2120,13 +2121,13 @@ class PKIConfigParser: if not len(config.pki_master_dict\ ['pki_audit_signing_subject_dn']): if config.pki_master_dict['pki_subsystem'] == "CA": - if config.str2bool( + if util.str2bool( config.pki_master_dict['pki_external']): # External CA config.pki_master_dict\ ['pki_audit_signing_subject_dn'] =\ "cn=" + "External CA Audit Signing Certificate" - elif config.str2bool( + elif util.str2bool( config.pki_master_dict['pki_subordinate']): # Subordinate CA config.pki_master_dict\ @@ -2191,7 +2192,7 @@ class PKIConfigParser: # config.pki_master_dict['pki_transport_token'] # if config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS: - if not config.str2bool(config.pki_master_dict['pki_clone']): + if not util.str2bool(config.pki_master_dict['pki_clone']): if config.pki_master_dict['pki_subsystem'] == "KRA": # PKI KRA if not len(config.pki_master_dict\ @@ -2236,7 +2237,7 @@ class PKIConfigParser: # config.pki_master_dict['pki_storage_token'] # if config.pki_subsystem in PKIConfig.PKI_TOMCAT_SUBSYSTEMS: - if not config.str2bool(config.pki_master_dict['pki_clone']): + if not util.str2bool(config.pki_master_dict['pki_clone']): if config.pki_master_dict['pki_subsystem'] == "KRA": # PKI KRA if not len(config.pki_master_dict['pki_storage_nickname']): |