summaryrefslogtreecommitdiffstats
path: root/base/server/python/pki
diff options
context:
space:
mode:
Diffstat (limited to 'base/server/python/pki')
-rw-r--r--base/server/python/pki/server/__init__.py8
-rw-r--r--base/server/python/pki/server/cli/banner.py186
2 files changed, 194 insertions, 0 deletions
diff --git a/base/server/python/pki/server/__init__.py b/base/server/python/pki/server/__init__.py
index 46c6711ed..0852b121b 100644
--- a/base/server/python/pki/server/__init__.py
+++ b/base/server/python/pki/server/__init__.py
@@ -19,6 +19,7 @@
#
from __future__ import absolute_import
+import codecs
from lxml import etree
import functools
import getpass
@@ -501,6 +502,7 @@ class PKIInstance(object):
self.conf_dir = os.path.join(CONFIG_BASE_DIR, name)
self.log_dir = os.path.join(LOG_BASE_DIR, name)
+ self.banner_file = os.path.join(self.conf_dir, 'banner.txt')
self.password_conf = os.path.join(self.conf_dir, 'password.conf')
self.external_certs_conf = os.path.join(
self.conf_dir, 'external_certs.conf')
@@ -792,6 +794,12 @@ class PKIInstance(object):
self.conf_dir, 'Catalina', 'localhost', webapp_name + '.xml')
os.remove(context_xml)
+ def banner_installed(self):
+ return os.path.exists(self.banner_file)
+
+ def get_banner(self):
+ return codecs.open(self.banner_file, "UTF-8").read().strip()
+
def __repr__(self):
if self.type == 9:
return "Dogtag 9 " + self.name
diff --git a/base/server/python/pki/server/cli/banner.py b/base/server/python/pki/server/cli/banner.py
new file mode 100644
index 000000000..98f8f164c
--- /dev/null
+++ b/base/server/python/pki/server/cli/banner.py
@@ -0,0 +1,186 @@
+# Authors:
+# Endi S. Dewata <edewata@redhat.com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Copyright (C) 2017 Red Hat, Inc.
+# All rights reserved.
+#
+
+from __future__ import absolute_import
+from __future__ import print_function
+import codecs
+import getopt
+from lxml import etree
+import sys
+import traceback
+
+import pki.cli
+
+
+class BannerCLI(pki.cli.CLI):
+
+ def __init__(self):
+ super(BannerCLI, self).__init__('banner',
+ 'Banner management commands')
+
+ self.add_module(BannerShowCLI())
+ self.add_module(BannerValidateCLI())
+
+
+class BannerShowCLI(pki.cli.CLI):
+
+ def __init__(self):
+ super(BannerShowCLI, self).__init__('show', 'Show banner')
+
+ def usage(self):
+ print('Usage: pki-server banner-show [OPTIONS]')
+ print()
+ print(' -i, --instance <instance ID> Instance ID (default: pki-tomcat).')
+ print(' -v, --verbose Run in verbose mode.')
+ print(' --help Show help message.')
+ print()
+
+ def execute(self, argv):
+
+ try:
+ opts, _ = getopt.gnu_getopt(argv, 'i:v', [
+ 'instance=',
+ 'verbose', 'help'])
+
+ except getopt.GetoptError as e:
+ print('ERROR: ' + str(e))
+ self.usage()
+ sys.exit(1)
+
+ instance_name = 'pki-tomcat'
+
+ for o, a in opts:
+ if o in ('-i', '--instance'):
+ instance_name = a
+
+ elif o in ('-v', '--verbose'):
+ self.set_verbose(True)
+
+ elif o == '--help':
+ self.usage()
+ sys.exit()
+
+ else:
+ print('ERROR: unknown option ' + o)
+ self.usage()
+ sys.exit(1)
+
+ instance = pki.server.PKIInstance(instance_name)
+
+ if not instance.is_valid():
+ print('ERROR: Invalid instance %s.' % instance_name)
+ sys.exit(1)
+
+ instance.load()
+
+ if not instance.banner_installed():
+ print('ERROR: Banner is not installed')
+ sys.exit(1)
+
+ print(instance.get_banner())
+
+
+class BannerValidateCLI(pki.cli.CLI):
+
+ def __init__(self):
+ super(BannerValidateCLI, self).__init__('validate', 'Validate banner')
+
+ def usage(self):
+ print('Usage: pki-server banner-validate [OPTIONS]')
+ print()
+ print(' -i, --instance <instance ID> Instance ID (default: pki-tomcat).')
+ print(' --file <path> Validate specified banner file.')
+ print(' -v, --verbose Run in verbose mode.')
+ print(' --help Show help message.')
+ print()
+
+ def execute(self, argv):
+
+ try:
+ opts, _ = getopt.gnu_getopt(argv, 'i:v', [
+ 'instance=', 'file=',
+ 'verbose', 'help'])
+
+ except getopt.GetoptError as e:
+ print('ERROR: ' + str(e))
+ self.usage()
+ sys.exit(1)
+
+ instance_name = 'pki-tomcat'
+ banner_file = None
+
+ for o, a in opts:
+ if o in ('-i', '--instance'):
+ instance_name = a
+
+ elif o == '--file':
+ banner_file = a
+
+ elif o in ('-v', '--verbose'):
+ self.set_verbose(True)
+
+ elif o == '--help':
+ self.usage()
+ sys.exit()
+
+ else:
+ print('ERROR: unknown option ' + o)
+ self.usage()
+ sys.exit(1)
+
+ if banner_file:
+
+ # load banner from file
+ banner = codecs.open(banner_file, "UTF-8").read().strip()
+
+ else:
+
+ # load banner from instance
+ instance = pki.server.PKIInstance(instance_name)
+
+ if not instance.is_valid():
+ print('ERROR: Invalid instance %s.' % instance_name)
+ sys.exit(1)
+
+ instance.load()
+
+ if not instance.banner_installed():
+ self.print_message('Banner is not installed')
+ return
+
+ banner = instance.get_banner()
+
+ if not banner:
+ print('ERROR: Banner is empty')
+ sys.exit(1)
+
+ xml_banner = "<banner>" + banner + "</banner>"
+
+ try:
+ parser = etree.XMLParser()
+ etree.fromstring(xml_banner, parser)
+
+ self.print_message('Banner is valid')
+
+ except etree.XMLSyntaxError as e:
+ if self.verbose:
+ traceback.print_exc()
+ print('ERROR: Banner contains invalid character(s)')
+ sys.exit(1)
generated by cgit (git 2.34.1) at 2024-05-19 08:28:51 +0000