summaryrefslogtreecommitdiffstats
path: root/base
diff options
context:
space:
mode:
Diffstat (limited to 'base')
-rw-r--r--base/ra/apache/conf/httpd.conf2
-rw-r--r--base/ra/shared/conf/CS.cfg.in4
-rw-r--r--base/server/scripts/operations22
-rwxr-xr-xbase/setup/pkicreate9
-rw-r--r--base/setup/scripts/functions22
-rwxr-xr-xbase/tps/apache/cgi-bin/demo/index.cgi4
-rwxr-xr-xbase/tps/apache/cgi-bin/home/index.cgi6
-rwxr-xr-xbase/tps/apache/cgi-bin/so/index.cgi6
-rw-r--r--base/tps/apache/conf/httpd.conf2
-rw-r--r--base/tps/shared/conf/CS.cfg.in16
10 files changed, 46 insertions, 47 deletions
diff --git a/base/ra/apache/conf/httpd.conf b/base/ra/apache/conf/httpd.conf
index 754dcebee..656134637 100644
--- a/base/ra/apache/conf/httpd.conf
+++ b/base/ra/apache/conf/httpd.conf
@@ -222,7 +222,7 @@ MaxRequestsPerChild 0
#
#Listen 12.34.56.78:80
-Listen [PORT]
+Listen [PKI_UNSECURE_PORT]
#
# Dynamic Shared Object (DSO) Support
diff --git a/base/ra/shared/conf/CS.cfg.in b/base/ra/shared/conf/CS.cfg.in
index 12c471b7d..17c339eed 100644
--- a/base/ra/shared/conf/CS.cfg.in
+++ b/base/ra/shared/conf/CS.cfg.in
@@ -7,7 +7,7 @@ pkicreate.pki_instance_name=[PKI_INSTANCE_ID]
pkicreate.subsystem_type=[PKI_SUBSYSTEM_TYPE]
pkicreate.secure_port=[PKI_SECURE_PORT]
pkicreate.non_clientauth_secure_port=[NON_CLIENTAUTH_SECURE_PORT]
-pkicreate.unsecure_port=[PORT]
+pkicreate.unsecure_port=[PKI_UNSECURE_PORT]
pkicreate.user=[PKI_USER]
pkicreate.group=[PKI_GROUP]
pkiremove.cert.subsystem.nickname=subsystemCert cert-[PKI_INSTANCE_ID]
@@ -100,7 +100,7 @@ service.machineName=[SERVER_NAME]
service.instanceDir=[SERVER_ROOT]
service.securePort=[PKI_SECURE_PORT]
service.non_clientauth_securePort=[NON_CLIENTAUTH_SECURE_PORT]
-service.unsecurePort=[PORT]
+service.unsecurePort=[PKI_UNSECURE_PORT]
service.instanceID=[PKI_INSTANCE_ID]
logging._000=#########################################
logging._001=# RA configuration File
diff --git a/base/server/scripts/operations b/base/server/scripts/operations
index 616c28dd6..c7bbc0a5f 100644
--- a/base/server/scripts/operations
+++ b/base/server/scripts/operations
@@ -432,7 +432,7 @@ get_pki_status_definitions_ra()
{
# establish well-known strings
total_ports=0
- UNSECURE_PORT=""
+ PKI_UNSECURE_PORT=""
CLIENTAUTH_PORT=""
NON_CLIENTAUTH_PORT=""
@@ -450,11 +450,11 @@ get_pki_status_definitions_ra()
# Iterate over Listen statements
for port in `sed -n 's/^[ \t]*Listen[ \t][ \t]*\([^ \t][^ \t]*\)/\1/p' ${PKI_HTTPD_CONF}`; do
- UNSECURE_PORT=$port
+ PKI_UNSECURE_PORT=$port
if [ $total_ports -eq 0 ]; then
- echo " Unsecure Port = http://${PKI_SERVER_NAME}:${UNSECURE_PORT}"
+ echo " Unsecure Port = http://${PKI_SERVER_NAME}:${PKI_UNSECURE_PORT}"
else
- echo "ERROR: extra Unsecure Port = http://${PKI_SERVER_NAME}:${UNSECURE_PORT}"
+ echo "ERROR: extra Unsecure Port = http://${PKI_SERVER_NAME}:${PKI_UNSECURE_PORT}"
fi
total_ports=`expr ${total_ports} + 1`
@@ -462,7 +462,7 @@ get_pki_status_definitions_ra()
# Iterate over Listen statements
for port in `sed -n 's/^[ \t]*Listen[ \t][ \t]*\([^ \t][^ \t]*\)/\1/p' ${PKI_NSS_CONF}`; do
- UNSECURE_PORT=$port
+ PKI_UNSECURE_PORT=$port
if [ $total_ports -eq 1 ]; then
CLIENTAUTH_PORT=$port
echo " Secure Clientauth Port = https://${PKI_SERVER_NAME}:${CLIENTAUTH_PORT}"
@@ -482,7 +482,7 @@ get_pki_status_definitions_tps()
{
# establish well-known strings
total_ports=0
- UNSECURE_PORT=""
+ PKI_UNSECURE_PORT=""
CLIENTAUTH_PORT=""
NON_CLIENTAUTH_PORT=""
@@ -500,14 +500,14 @@ get_pki_status_definitions_tps()
# Iterate over Listen statements
for port in `sed -n 's/^[ \t]*Listen[ \t][ \t]*\([^ \t][^ \t]*\)/\1/p' ${PKI_HTTPD_CONF}`; do
- UNSECURE_PORT=$port
+ PKI_UNSECURE_PORT=$port
if [ $total_ports -eq 0 ]; then
- echo " Unsecure Port = http://${PKI_SERVER_NAME}:${UNSECURE_PORT}/cgi-bin/so/enroll.cgi"
+ echo " Unsecure Port = http://${PKI_SERVER_NAME}:${PKI_UNSECURE_PORT}/cgi-bin/so/enroll.cgi"
echo " (ESC Security Officer Enrollment)"
- echo " Unsecure Port = http://${PKI_SERVER_NAME}:${UNSECURE_PORT}/cgi-bin/home/index.cgi"
+ echo " Unsecure Port = http://${PKI_SERVER_NAME}:${PKI_UNSECURE_PORT}/cgi-bin/home/index.cgi"
echo " (ESC Phone Home)"
else
- echo "ERROR: extra Unsecure Port = http://${PKI_SERVER_NAME}:${UNSECURE_PORT}"
+ echo "ERROR: extra Unsecure Port = http://${PKI_SERVER_NAME}:${PKI_UNSECURE_PORT}"
fi
total_ports=`expr ${total_ports} + 1`
@@ -515,7 +515,7 @@ get_pki_status_definitions_tps()
# Iterate over Listen statements
for port in `sed -n 's/^[ \t]*Listen[ \t][ \t]*\([^ \t][^ \t]*\)/\1/p' ${PKI_NSS_CONF}`; do
- UNSECURE_PORT=$port
+ PKI_UNSECURE_PORT=$port
if [ $total_ports -eq 1 ]; then
CLIENTAUTH_PORT=$port
echo " Secure Clientauth Port = https://${PKI_SERVER_NAME}:${CLIENTAUTH_PORT}/cgi-bin/sow/welcome.cgi"
diff --git a/base/setup/pkicreate b/base/setup/pkicreate
index 590db12db..9dffb8d98 100755
--- a/base/setup/pkicreate
+++ b/base/setup/pkicreate
@@ -265,7 +265,6 @@ my $HTTPD_CONF = "HTTPD_CONF";
my $LIB_PREFIX = "LIB_PREFIX";
my $NSS_CONF = "NSS_CONF";
my $OBJ_EXT = "OBJ_EXT";
-my $PORT = "PORT";
my $PROCESS_ID = "PROCESS_ID";
my $NON_CLIENTAUTH_SECURE_PORT = "NON_CLIENTAUTH_SECURE_PORT";
my $SECURITY_LIBRARIES = "SECURITY_LIBRARIES";
@@ -289,6 +288,7 @@ my $PKI_LOCKDIR = "PKI_LOCKDIR";
my $PKI_INSTANCE_ID_SLOT = "PKI_INSTANCE_ID";
my $PKI_REGISTRY_FILE_SLOT = "PKI_REGISTRY_FILE";
my $PKI_SECURE_PORT_SLOT = "PKI_SECURE_PORT";
+my $PKI_UNSECURE_PORT_SLOT = "PKI_UNSECURE_PORT";
# Template slot constants (CA, KRA, OCSP, TKS)
my $INSTALL_TIME = "INSTALL_TIME";
@@ -308,7 +308,6 @@ my $PKI_ADMIN_SECURE_PORT_SLOT = "PKI_ADMIN_SECURE_PORT";
my $PKI_SERVER_XML_CONF = "PKI_SERVER_XML_CONF";
my $PKI_SUBSYSTEM_DIR_SLOT = "PKI_SUBSYSTEM_DIR";
my $PKI_SUBSYSTEM_TYPE_SLOT = "PKI_SUBSYSTEM_TYPE";
-my $PKI_UNSECURE_PORT_SLOT = "PKI_UNSECURE_PORT";
my $PKI_USER_SLOT = "PKI_USER";
my $TOMCAT_SERVER_PORT_SLOT = "TOMCAT_SERVER_PORT";
my $TOMCAT_PIDFILE = "TOMCAT_PIDFILE";
@@ -2152,9 +2151,9 @@ sub process_pki_directories
#
# Example, if the src template contained this line:
#
-# Open port [PORT] on your firewall.
+# Open port [PKI_UNSECURE_PORT] on your firewall.
#
-# And the substitutions hash was this {'PORT' => '1234'}
+# And the substitutions hash was this {'PKI_UNSECURE_PORT' => '1234'}
#
# Then the dst file contents will look like this:
#
@@ -2271,7 +2270,7 @@ sub process_pki_templates
$slot_hash{$LIB_PREFIX} = $lib_prefix;
$slot_hash{$NSS_CONF} = $nss_conf_instance_file_path;
$slot_hash{$OBJ_EXT} = $obj_ext;
- $slot_hash{$PORT} = $unsecure_port;
+ $slot_hash{$PKI_UNSECURE_PORT_SLOT} = $unsecure_port;
$slot_hash{$PROCESS_ID} = $$;
$slot_hash{$PKI_SECURE_PORT_SLOT} = $secure_port;
$slot_hash{$NON_CLIENTAUTH_SECURE_PORT} = $non_clientauth_secure_port;
diff --git a/base/setup/scripts/functions b/base/setup/scripts/functions
index 3f7f9553d..82988fc10 100644
--- a/base/setup/scripts/functions
+++ b/base/setup/scripts/functions
@@ -329,7 +329,7 @@ get_pki_status_definitions_ra()
{
# establish well-known strings
total_ports=0
- UNSECURE_PORT=""
+ PKI_UNSECURE_PORT=""
CLIENTAUTH_PORT=""
NON_CLIENTAUTH_PORT=""
@@ -347,11 +347,11 @@ get_pki_status_definitions_ra()
# Iterate over Listen statements
for port in `sed -n 's/^[ \t]*Listen[ \t][ \t]*\([^ \t][^ \t]*\)/\1/p' ${PKI_HTTPD_CONF}`; do
- UNSECURE_PORT=$port
+ PKI_UNSECURE_PORT=$port
if [ $total_ports -eq 0 ]; then
- echo " Unsecure Port = http://${PKI_SERVER_NAME}:${UNSECURE_PORT}"
+ echo " Unsecure Port = http://${PKI_SERVER_NAME}:${PKI_UNSECURE_PORT}"
else
- echo "ERROR: extra Unsecure Port = http://${PKI_SERVER_NAME}:${UNSECURE_PORT}"
+ echo "ERROR: extra Unsecure Port = http://${PKI_SERVER_NAME}:${PKI_UNSECURE_PORT}"
fi
total_ports=`expr ${total_ports} + 1`
@@ -359,7 +359,7 @@ get_pki_status_definitions_ra()
# Iterate over Listen statements
for port in `sed -n 's/^[ \t]*Listen[ \t][ \t]*\([^ \t][^ \t]*\)/\1/p' ${PKI_NSS_CONF}`; do
- UNSECURE_PORT=$port
+ PKI_UNSECURE_PORT=$port
if [ $total_ports -eq 1 ]; then
CLIENTAUTH_PORT=$port
echo " Secure Clientauth Port = https://${PKI_SERVER_NAME}:${CLIENTAUTH_PORT}"
@@ -379,7 +379,7 @@ get_pki_status_definitions_tps()
{
# establish well-known strings
total_ports=0
- UNSECURE_PORT=""
+ PKI_UNSECURE_PORT=""
CLIENTAUTH_PORT=""
NON_CLIENTAUTH_PORT=""
@@ -397,14 +397,14 @@ get_pki_status_definitions_tps()
# Iterate over Listen statements
for port in `sed -n 's/^[ \t]*Listen[ \t][ \t]*\([^ \t][^ \t]*\)/\1/p' ${PKI_HTTPD_CONF}`; do
- UNSECURE_PORT=$port
+ PKI_UNSECURE_PORT=$port
if [ $total_ports -eq 0 ]; then
- echo " Unsecure Port = http://${PKI_SERVER_NAME}:${UNSECURE_PORT}/cgi-bin/so/enroll.cgi"
+ echo " Unsecure Port = http://${PKI_SERVER_NAME}:${PKI_UNSECURE_PORT}/cgi-bin/so/enroll.cgi"
echo " (ESC Security Officer Enrollment)"
- echo " Unsecure Port = http://${PKI_SERVER_NAME}:${UNSECURE_PORT}/cgi-bin/home/index.cgi"
+ echo " Unsecure Port = http://${PKI_SERVER_NAME}:${PKI_UNSECURE_PORT}/cgi-bin/home/index.cgi"
echo " (ESC Phone Home)"
else
- echo "ERROR: extra Unsecure Port = http://${PKI_SERVER_NAME}:${UNSECURE_PORT}"
+ echo "ERROR: extra Unsecure Port = http://${PKI_SERVER_NAME}:${PKI_UNSECURE_PORT}"
fi
total_ports=`expr ${total_ports} + 1`
@@ -412,7 +412,7 @@ get_pki_status_definitions_tps()
# Iterate over Listen statements
for port in `sed -n 's/^[ \t]*Listen[ \t][ \t]*\([^ \t][^ \t]*\)/\1/p' ${PKI_NSS_CONF}`; do
- UNSECURE_PORT=$port
+ PKI_UNSECURE_PORT=$port
if [ $total_ports -eq 1 ]; then
CLIENTAUTH_PORT=$port
echo " Secure Clientauth Port = https://${PKI_SERVER_NAME}:${CLIENTAUTH_PORT}/cgi-bin/sow/welcome.cgi"
diff --git a/base/tps/apache/cgi-bin/demo/index.cgi b/base/tps/apache/cgi-bin/demo/index.cgi
index c9a1d21dd..17a0c24d6 100755
--- a/base/tps/apache/cgi-bin/demo/index.cgi
+++ b/base/tps/apache/cgi-bin/demo/index.cgi
@@ -31,10 +31,10 @@ print "Fedora Project"; # Vendor
print "</IssuerName>\n";
print "<Services>";
print "<Operation>";
-print "http://[SERVER_NAME]:[PORT]/nk_service";
+print "http://[SERVER_NAME]:[PKI_UNSECURE_PORT]/nk_service";
print "</Operation>";
print "<UI>";
-print "http://[SERVER_NAME]:[PORT]/cgi-bin/demo/enroll.cgi";
+print "http://[SERVER_NAME]:[PKI_UNSECURE_PORT]/cgi-bin/demo/enroll.cgi";
print "</UI>";
print "<EnrolledTokenBrowserURL>";
print "</EnrolledTokenBrowserURL>";
diff --git a/base/tps/apache/cgi-bin/home/index.cgi b/base/tps/apache/cgi-bin/home/index.cgi
index 1e54a8354..983a34095 100755
--- a/base/tps/apache/cgi-bin/home/index.cgi
+++ b/base/tps/apache/cgi-bin/home/index.cgi
@@ -31,10 +31,10 @@ print "Fedora Project"; # Vendor
print "</IssuerName>\n";
print "<Services>";
print "<Operation>";
-print "http://[SERVER_NAME]:[PORT]/nk_service";
+print "http://[SERVER_NAME]:[PKI_UNSECURE_PORT]/nk_service";
print "</Operation>";
print "<UI>";
-print "http://[SERVER_NAME]:[PORT]/cgi-bin/home/enroll.cgi";
+print "http://[SERVER_NAME]:[PKI_UNSECURE_PORT]/cgi-bin/home/enroll.cgi";
print "</UI>";
print "<EnrolledTokenBrowserURL>";
print "http://www.fedora.redhat.com"; # Company URL
@@ -45,7 +45,7 @@ print "<TokenType>";
print "userKey";
print "</TokenType>";
#print "<CAChainUI>";
-#print "http://[SERVER_NAME]:[PORT]/cgi-bin/home/cachain.cgi";
+#print "http://[SERVER_NAME]:[PKI_UNSECURE_PORT]/cgi-bin/home/cachain.cgi";
#print "</CAChainUI>";
print "</Services>";
print "</ServiceInfo>";
diff --git a/base/tps/apache/cgi-bin/so/index.cgi b/base/tps/apache/cgi-bin/so/index.cgi
index 7b3f2c68d..5b8d8cb6c 100755
--- a/base/tps/apache/cgi-bin/so/index.cgi
+++ b/base/tps/apache/cgi-bin/so/index.cgi
@@ -31,15 +31,15 @@ print "Fedora Project"; # Vendor
print "</IssuerName>\n";
print "<Services>";
print "<Operation>";
-print "http://[SERVER_NAME]:[PORT]/nk_service";
+print "http://[SERVER_NAME]:[PKI_UNSECURE_PORT]/nk_service";
print "</Operation>";
print "<UI>";
-print "http://[SERVER_NAME]:[PORT]/cgi-bin/so/enroll.cgi";
+print "http://[SERVER_NAME]:[PKI_UNSECURE_PORT]/cgi-bin/so/enroll.cgi";
print "</UI>";
print "<EnrolledTokenBrowserURL>";
print "</EnrolledTokenBrowserURL>";
print "<EnrolledTokenURL>";
-print "http://[SERVER_NAME]:[PORT]/cgi-bin/sow/welcome.cgi";
+print "http://[SERVER_NAME]:[PKI_UNSECURE_PORT]/cgi-bin/sow/welcome.cgi";
print "</EnrolledTokenURL>";
print "<TokenType>";
print "soKey";
diff --git a/base/tps/apache/conf/httpd.conf b/base/tps/apache/conf/httpd.conf
index bf5864174..22778b0e1 100644
--- a/base/tps/apache/conf/httpd.conf
+++ b/base/tps/apache/conf/httpd.conf
@@ -222,7 +222,7 @@ MaxRequestsPerChild 0
#
#Listen 12.34.56.78:80
-Listen [PORT]
+Listen [PKI_UNSECURE_PORT]
#
# Dynamic Shared Object (DSO) Support
diff --git a/base/tps/shared/conf/CS.cfg.in b/base/tps/shared/conf/CS.cfg.in
index 3ed389138..40e4eb8cf 100644
--- a/base/tps/shared/conf/CS.cfg.in
+++ b/base/tps/shared/conf/CS.cfg.in
@@ -7,7 +7,7 @@ pkicreate.pki_instance_name=[PKI_INSTANCE_ID]
pkicreate.subsystem_type=[PKI_SUBSYSTEM_TYPE]
pkicreate.secure_port=[PKI_SECURE_PORT]
pkicreate.non_clientauth_secure_port=[NON_CLIENTAUTH_SECURE_PORT]
-pkicreate.unsecure_port=[PORT]
+pkicreate.unsecure_port=[PKI_UNSECURE_PORT]
pkicreate.user=[PKI_USER]
pkicreate.group=[PKI_GROUP]
pkiremove.cert.subsystem.nickname=subsystemCert cert-[PKI_INSTANCE_ID]
@@ -36,7 +36,7 @@ service.machineName=[SERVER_NAME]
service.instanceDir=[SERVER_ROOT]
service.securePort=[PKI_SECURE_PORT]
service.non_clientauth_securePort=[NON_CLIENTAUTH_SECURE_PORT]
-service.unsecurePort=[PORT]
+service.unsecurePort=[PKI_UNSECURE_PORT]
service.instanceID=[PKI_INSTANCE_ID]
logging._000=#########################################
logging._001=# RA configuration File
@@ -792,7 +792,7 @@ op.enroll.userKey.tks.conn=tks1
op.enroll.userKey.auth.id=ldap1
op.enroll.userKey.auth.enable=true
op.enroll.userKey.issuerinfo.enable=true
-op.enroll.userKey.issuerinfo.value=http://[SERVER_NAME]:[PORT]/cgi-bin/home/index.cgi
+op.enroll.userKey.issuerinfo.value=http://[SERVER_NAME]:[PKI_UNSECURE_PORT]/cgi-bin/home/index.cgi
op.enroll.userKeyTemporary.keyGen.recovery.onHold.keyType.num=2
op.enroll.userKeyTemporary.keyGen.recovery.onHold.keyType.value.0=signing
op.enroll.userKeyTemporary.keyGen.recovery.onHold.keyType.value.1=encryption
@@ -1111,7 +1111,7 @@ op.enroll.soKey.tks.conn=tks1
op.enroll.soKey.auth.id=ldap2
op.enroll.soKey.auth.enable=true
op.enroll.soKey.issuerinfo.enable=true
-op.enroll.soKey.issuerinfo.value=http://[SERVER_NAME]:[PORT]/cgi-bin/so/index.cgi
+op.enroll.soKey.issuerinfo.value=http://[SERVER_NAME]:[PKI_UNSECURE_PORT]/cgi-bin/so/index.cgi
op.enroll.soKeyTemporary.keyGen.recovery.onHold.keyType.num=2
op.enroll.soKeyTemporary.keyGen.recovery.onHold.keyType.value.0=signing
op.enroll.soKeyTemporary.keyGen.recovery.onHold.keyType.value.1=encryption
@@ -1368,7 +1368,7 @@ op.format.soUserKey.tks.conn=tks1
op.format.soUserKey.auth.id=ldap1
op.format.soUserKey.auth.enable=false
op.format.soUserKey.issuerinfo.enable=true
-op.format.soUserKey.issuerinfo.value=http://[SERVER_NAME]:[PORT]/cgi-bin/home/index.cgi
+op.format.soUserKey.issuerinfo.value=http://[SERVER_NAME]:[PKI_UNSECURE_PORT]/cgi-bin/home/index.cgi
op.format.soKey.update.applet.emptyToken.enable=true
op.format.soKey.update.applet.requiredVersion=1.4.4d40a449
op.format.soKey.update.applet.directory=[TPS_DIR]/applets
@@ -1383,7 +1383,7 @@ op.format.soKey.tks.conn=tks1
op.format.soKey.auth.id=ldap2
op.format.soKey.auth.enable=true
op.format.soKey.issuerinfo.enable=true
-op.format.soKey.issuerinfo.value=http://[SERVER_NAME]:[PORT]/cgi-bin/so/index.cgi
+op.format.soKey.issuerinfo.value=http://[SERVER_NAME]:[PKI_UNSECURE_PORT]/cgi-bin/so/index.cgi
op.format.userKey.update.applet.emptyToken.enable=true
op.format.userKey.update.applet.requiredVersion=1.4.4d40a449
op.format.userKey.update.applet.directory=[TPS_DIR]/applets
@@ -1398,7 +1398,7 @@ op.format.userKey.tks.conn=tks1
op.format.userKey.auth.id=ldap1
op.format.userKey.auth.enable=true
op.format.userKey.issuerinfo.enable=true
-op.format.userKey.issuerinfo.value=http://[SERVER_NAME]:[PORT]/cgi-bin/home/index.cgi
+op.format.userKey.issuerinfo.value=http://[SERVER_NAME]:[PKI_UNSECURE_PORT]/cgi-bin/home/index.cgi
op.format.tokenKey.update.applet.emptyToken.enable=true
op.format.tokenKey.update.applet.requiredVersion=1.4.4d40a449
op.format.tokenKey.update.applet.directory=[TPS_DIR]/applets
@@ -1413,7 +1413,7 @@ op.format.tokenKey.tks.conn=tks1
op.format.tokenKey.auth.id=ldap1
op.format.tokenKey.auth.enable=true
op.format.tokenKey.issuerinfo.enable=true
-op.format.tokenKey.issuerinfo.value=http://[SERVER_NAME]:[PORT]/cgi-bin/home/index.cgi
+op.format.tokenKey.issuerinfo.value=http://[SERVER_NAME]:[PKI_UNSECURE_PORT]/cgi-bin/home/index.cgi
tokendb._000=#########################################
tokendb._001=# tokendb.auditLog:
tokendb._002=# - audit log path