From 55a12b03a24f584649be425554a3df4e00731b9b Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Wed, 28 Nov 2012 04:09:56 -0500 Subject: Reorganized configuration parameters. --- base/deploy/src/scriptlets/pkiparser.py | 41 ++++++++++++++++++--------------- 1 file changed, 22 insertions(+), 19 deletions(-) (limited to 'base/deploy/src/scriptlets/pkiparser.py') diff --git a/base/deploy/src/scriptlets/pkiparser.py b/base/deploy/src/scriptlets/pkiparser.py index e9d348840..e9c999bbf 100644 --- a/base/deploy/src/scriptlets/pkiparser.py +++ b/base/deploy/src/scriptlets/pkiparser.py @@ -215,7 +215,7 @@ class PKIConfigParser: # Make keys case-sensitive! self.pki_config.optionxform = str self.pki_config.read(config.pkideployment_cfg) - config.pki_sensitive_dict = dict(self.pki_config._sections['Sensitive']) + config.pki_default_dict = self.pki_config.defaults() config.pki_common_dict = dict(self.pki_config._sections['Common']) if config.pki_subsystem == "CA": config.pki_web_server_dict = dict(self.pki_config._sections['Tomcat']) @@ -237,10 +237,12 @@ class PKIConfigParser: config.pki_subsystem_dict = dict(self.pki_config._sections['TPS']) # Insert empty record into dictionaries for "pretty print" statements # NEVER print "sensitive" key value pairs!!! + config.pki_default_dict[0] = None config.pki_common_dict[0] = None config.pki_web_server_dict[0] = None config.pki_subsystem_dict[0] = None except ConfigParser.ParsingError, err: + print err rv = err return rv @@ -270,18 +272,19 @@ class PKIConfigParser: # the configuration file pin_low = 100000000000 pin_high = 999999999999 - config.pki_sensitive_dict['pki_pin'] =\ + config.pki_master_dict['pki_pin'] =\ random.randint(pin_low, pin_high) - config.pki_sensitive_dict['pki_client_pin'] =\ + config.pki_master_dict['pki_client_pin'] =\ random.randint(pin_low, pin_high) # Generate a one-time pin to be used prior to configuration # and add this to the "sensitive" key value pairs read in from # the configuration file - config.pki_sensitive_dict['pki_one_time_pin'] =\ + config.pki_master_dict['pki_one_time_pin'] =\ ''.join(random.choice(string.ascii_letters + string.digits)\ for x in range(20)) # Configuration file name/value pairs # NEVER add "sensitive" key value pairs to the master dictionary!!! + config.pki_master_dict.update(config.pki_default_dict) config.pki_master_dict.update(config.pki_common_dict) config.pki_master_dict.update(config.pki_web_server_dict) config.pki_master_dict.update(config.pki_subsystem_dict) @@ -1134,7 +1137,7 @@ class PKIConfigParser: config.pki_master_dict['PKI_AJP_REDIRECT_PORT_SLOT'] =\ config.pki_master_dict['pki_https_port'] config.pki_master_dict['PKI_CERT_DB_PASSWORD_SLOT'] =\ - config.pki_sensitive_dict['pki_pin'] + config.pki_master_dict['pki_pin'] config.pki_master_dict['PKI_CFG_PATH_NAME_SLOT'] =\ config.pki_master_dict['pki_target_cs_cfg'] config.pki_master_dict\ @@ -1206,7 +1209,7 @@ class PKIConfigParser: config.pki_master_dict['PKI_TMPDIR_SLOT'] =\ config.pki_master_dict['pki_tomcat_tmpdir_path'] config.pki_master_dict['PKI_RANDOM_NUMBER_SLOT'] =\ - config.pki_sensitive_dict['pki_one_time_pin'] + config.pki_master_dict['pki_one_time_pin'] config.pki_master_dict['PKI_SECURE_PORT_SLOT'] =\ config.pki_master_dict['pki_https_port'] config.pki_master_dict['PKI_SECURE_PORT_CONNECTOR_NAME_SLOT'] =\ @@ -1344,19 +1347,19 @@ class PKIConfigParser: # The following variables are established via the specified PKI # deployment configuration file and is NOT redefined below: # - # config.pki_sensitive_dict['pki_client_pkcs12_password'] + # config.pki_master_dict['pki_client_pkcs12_password'] # config.pki_master_dict['pki_client_database_purge'] # # The following variables are established via the specified PKI # deployment configuration file and potentially overridden below: # - # config.pki_sensitive_dict['pki_client_database_password'] + # config.pki_master_dict['pki_client_database_password'] # config.pki_master_dict['pki_client_dir'] # - if not len(config.pki_sensitive_dict['pki_client_database_password']): + if not len(config.pki_master_dict['pki_client_database_password']): # use randomly generated client 'pin' - config.pki_sensitive_dict['pki_client_database_password'] =\ - str(config.pki_sensitive_dict['pki_client_pin']) + config.pki_master_dict['pki_client_database_password'] =\ + str(config.pki_master_dict['pki_client_pin']) if not len(config.pki_master_dict['pki_client_dir']): config.pki_master_dict['pki_client_dir'] =\ os.path.join( @@ -1427,9 +1430,9 @@ class PKIConfigParser: # The following variables are established via the specified PKI # deployment configuration file and are NOT redefined below: # - # config.pki_sensitive_dict['pki_clone_pkcs12_password'] - # config.pki_sensitive_dict['pki_security_domain_password'] - # config.pki_sensitive_dict['pki_token_password'] + # config.pki_master_dict['pki_clone_pkcs12_password'] + # config.pki_master_dict['pki_security_domain_password'] + # config.pki_master_dict['pki_token_password'] # config.pki_master_dict['pki_clone_pkcs12_path'] # config.pki_master_dict['pki_clone_uri'] # config.pki_master_dict['pki_security_domain_https_port'] @@ -1545,7 +1548,7 @@ class PKIConfigParser: # The following variables are established via the specified PKI # deployment configuration file and are NOT redefined below: # - # config.pki_sensitive_dict['pki_ds_password'] + # config.pki_master_dict['pki_ds_password'] # config.pki_master_dict['pki_clone_replication_security'] # config.pki_master_dict['pki_ds_bind_dn'] # config.pki_master_dict['pki_ds_ldap_port'] @@ -1605,7 +1608,7 @@ class PKIConfigParser: # The following variables are established via the specified PKI # deployment configuration file and are NOT redefined below: # - # config.pki_sensitive_dict['pki_backup_password'] + # config.pki_master_dict['pki_backup_password'] # config.pki_master_dict['pki_backup_keys'] # if config.str2bool(config.pki_master_dict['pki_backup_keys']): @@ -1626,7 +1629,7 @@ class PKIConfigParser: # The following variables are established via the specified PKI # deployment configuration file and are NOT redefined below: # - # config.pki_sensitive_dict['pki_admin_password'] + # config.pki_master_dict['pki_admin_password'] # config.pki_master_dict['pki_admin_cert_request_type'] # config.pki_master_dict['pki_admin_dualkey'] # config.pki_master_dict['pki_admin_keysize'] @@ -2318,13 +2321,13 @@ class PKIConfigParser: # parameter that may be stored in a log file and displayed # to the screen. # - config.pki_sensitive_dict['pki_configuration_url'] =\ + config.pki_master_dict['pki_configuration_url'] =\ "https://{}:{}/{}/{}?pin={}".format( config.pki_master_dict['pki_hostname'], config.pki_master_dict['pki_https_port'], config.pki_master_dict['pki_subsystem'].lower(), "admin/console/config/login", - config.pki_sensitive_dict['pki_one_time_pin']) + config.pki_master_dict['pki_one_time_pin']) # Compose this "systemd" execution management command if config.pki_master_dict['pki_subsystem'] in\ config.PKI_APACHE_SUBSYSTEMS: -- cgit