summaryrefslogtreecommitdiffstats
path: root/base/deploy/src/scriptlets/configuration.jy
blob: 0f5968bce41ed8246c78c76cb15bc55d303e05b4 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
#!/usr/bin/jython

# System Python Imports
import os
import pickle
import sys


# PKI Python Imports
import pkijython as jyutil
import pkiconfig as config
import pkimessages as log


# System Java Imports
from java.lang import System as javasystem


# PKI Java Imports
from com.netscape.certsrv.client import ClientConfig


def main(argv):
    rv = 0

    # Establish 'master' and 'sensitive' as two separate PKI jython dictionaries
    master = dict()
    sensitive = dict()

    # Import the master dictionary from 'pkispawn'
    master = pickle.loads(argv[1])

    # Import the sensitive data dictionary from 'pkispawn'
    sensitive = pickle.loads(argv[2])

    # Optionally enable a java debugger (e. g. - 'eclipse'):
    if config.str2bool(master['pki_enable_java_debugger']):
        config.wait_to_attach_an_external_java_debugger()


    # IMPORTANT:  Unfortunately, 'jython 2.2' does NOT support logging!
    #
    #             Until, and unless, 'jython 2.5' or later is used,
    #             debugging will basically be limited to using 'print'
    #             since creating a logging mechanism for 'jython 2.2'
    #             would not make sense at this point in time, although
    #             a 'customized' manual log process could be created.
    #
    #             Regardless of 'jython' version, the log file generated
    #             by this standalone 'jython' process would be unique and
    #             separate to the log file generated for the PKI
    #             deployment scriptlets 'python' process, as they exist
    #             as two separate processes (until and unless 'jython 2.7'
    #             could be used to completely replace 'python 2.7',
    #             in which case a single process could be executed
    #             end-to-end from installation through configuration).
    #
    if master['pki_jython_log_level'] >= config.PKI_JYTHON_DEBUG_LOG_LEVEL:
        # javasystem.out.println("Hello")
        print "%s %s" %\
              (log.PKI_JYTHON_INDENTATION_2, sys.path)
        print "%s %s" %\
              (log.PKI_JYTHON_INDENTATION_2,
               javasystem.getProperties()['java.class.path'])
        for key in master:
            print "%s '%s' = '%s'" %\
                  (log.PKI_JYTHON_INDENTATION_2, key, master[key])

    # Initialize token
    jyutil.security_databases.initialize_token(
        master['pki_client_database_dir'],
        master['pki_dry_run_flag'],
        master['pki_jython_log_level'])

    # Log into token
    token = jyutil.security_databases.log_into_token(
                master['pki_client_database_dir'],
                master['pki_client_password_conf'],
                master['pki_dry_run_flag'],
                master['pki_jython_log_level'])

    # Setup connection parameters
    client_config = ClientConfig()
    client_config.setServerURI(master['pki_jython_base_uri'])

    # Establish REST Client
    client = jyutil.rest_client.initialize(
                 client_config,
                 master,
                 sensitive)

    # Construct PKI Subsystem Configuration Data
    data = None
    if master['pki_instance_type'] == "Apache":
        if master['pki_subsystem'] == "RA":
            print "%s '%s' %s" %\
                  (log.PKI_JYTHON_INDENTATION_2,
                   master['pki_subsystem'],
                   log.PKI_JYTHON_NOT_YET_IMPLEMENTED)
            return rv
        elif master['pki_subsystem'] == "TPS":
            print "%s '%s' %s" %\
                  (log.PKI_JYTHON_INDENTATION_2,
                   master['pki_subsystem'],
                   log.PKI_JYTHON_NOT_YET_IMPLEMENTED)
            return rv
    elif master['pki_instance_type'] == "Tomcat":
        if master['pki_subsystem'] == "CA":
            if config.str2bool(master['pki_external']):
                print "%s '%s %s' %s" %\
                      (log.PKI_JYTHON_INDENTATION_2,
                       log.PKI_JYTHON_EXTERNAL_CA,
                       master['pki_subsystem'],
                       log.PKI_JYTHON_NOT_YET_IMPLEMENTED)
                return rv
            elif config.str2bool(master['pki_subordinate']):
                print "%s '%s %s' %s" %\
                      (log.PKI_JYTHON_INDENTATION_2,
                       log.PKI_JYTHON_SUBORDINATE_CA,
                       master['pki_subsystem'],
                       log.PKI_JYTHON_NOT_YET_IMPLEMENTED)
                return rv
            else:
                # PKI or Cloned CA
                data = jyutil.rest_client.construct_pki_configuration_data(
                           token)
        else:
            # PKI or Cloned KRA, OCSP, or TKS
            data = jyutil.rest_client.construct_pki_configuration_data(token)

    # Formulate PKI Subsystem Configuration Data Response
    jyutil.rest_client.configure_pki_data(data)

if __name__ == "__main__":
    main(sys.argv)