summaryrefslogtreecommitdiffstats
path: root/base/deploy/src/scriptlets/configuration.jy
blob: 7180c45461c6c33057fb0f5fa7fa7e48f4a5badd (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
#!/usr/bin/jython

# System Python Imports
import os
import pickle
import sys


# PKI Python Imports
import pkijython as jyutil
import pkiconfig as config
import pkimessages as log


# System Java Imports
from java.lang import System as javasystem


# PKI Java Imports
from com.netscape.certsrv.client import ClientConfig


def main(argv):
    rv = 0

    # Establish 'master' and 'sensitive' as two separate PKI jython dictionaries
    master = dict()
    sensitive = dict()

    # Import the master dictionary from 'pkispawn'
    master = pickle.loads(argv[1])

    # Import the sensitive data dictionary from 'pkispawn'
    sensitive = pickle.loads(argv[2])

    # Optionally enable a java debugger (e. g. - 'eclipse'):
    if config.str2bool(master['pki_enable_java_debugger']):
        config.wait_to_attach_an_external_java_debugger()


    # IMPORTANT:  Unfortunately, 'jython 2.2' does NOT support logging!
    #
    #             Until, and unless, 'jython 2.5' or later is used,
    #             debugging will basically be limited to using 'print'
    #             since creating a logging mechanism for 'jython 2.2'
    #             would not make sense at this point in time, although
    #             a 'customized' manual log process could be created.
    #
    #             Regardless of 'jython' version, the log file generated
    #             by this standalone 'jython' process would be unique and
    #             separate to the log file generated for the PKI
    #             deployment scriptlets 'python' process, as they exist
    #             as two separate processes (until and unless 'jython 2.7'
    #             could be used to completely replace 'python 2.7',
    #             in which case a single process could be executed
    #             end-to-end from installation through configuration).
    #
    if master['pki_jython_log_level'] >= config.PKI_JYTHON_DEBUG_LOG_LEVEL:
        # javasystem.out.println("Hello")
        print "%s %s" %\
              (log.PKI_JYTHON_INDENTATION_2, sys.path)
        print "%s %s" %\
              (log.PKI_JYTHON_INDENTATION_2,
               javasystem.getProperties()['java.class.path'])
        for key in master:
            print "%s '%s' = '%s'" %\
                  (log.PKI_JYTHON_INDENTATION_2, key, master[key])

    # Initialize token
    jyutil.security_databases.initialize_token(
        master['pki_client_database_dir'],
        master['pki_dry_run_flag'],
        master['pki_jython_log_level'])

    # Log into token
    token = jyutil.security_databases.log_into_token(
                master['pki_client_database_dir'],
                master['pki_client_password_conf'],
                master['pki_dry_run_flag'],
                master['pki_jython_log_level'])

    # Setup connection parameters
    client_config = ClientConfig()
    client_config.setServerURI(master['pki_jython_base_uri'])

    # Establish REST Client
    client = jyutil.rest_client.initialize(
                 client_config,
                 master,
                 sensitive)

    # Construct PKI Subsystem Configuration Data
    data = None
    if master['pki_instance_type'] == "Apache":
        if master['pki_subsystem'] == "RA":
            print "%s '%s' %s" %\
                  (log.PKI_JYTHON_INDENTATION_2,
                   master['pki_subsystem'],
                   log.PKI_JYTHON_NOT_YET_IMPLEMENTED)
            return rv
        elif master['pki_subsystem'] == "TPS":
            print "%s '%s' %s" %\
                  (log.PKI_JYTHON_INDENTATION_2,
                   master['pki_subsystem'],
                   log.PKI_JYTHON_NOT_YET_IMPLEMENTED)
            return rv
    elif master['pki_instance_type'] == "Tomcat":
        if master['pki_subsystem'] == "CA":
            if config.str2bool(master['pki_external']):
                print "%s '%s %s' %s" %\
                      (log.PKI_JYTHON_INDENTATION_2,
                       config.PKI_DEPLOYMENT_EXTERNAL_CA,
                       master['pki_subsystem'],
                       log.PKI_JYTHON_NOT_YET_IMPLEMENTED)
                return rv
            else:
                # PKI, Subordinate, or Cloned CA
                data = jyutil.rest_client.construct_pki_configuration_data(
                           token)
        else:
            # PKI or Cloned KRA, OCSP, or TKS
            data = jyutil.rest_client.construct_pki_configuration_data(token)

    # Formulate PKI Subsystem Configuration Data Response
    jyutil.rest_client.configure_pki_data(data)

if __name__ == "__main__":
    main(sys.argv)