From 4f76c143d2f2036af02677469c542f563a10158d Mon Sep 17 00:00:00 2001
From: Petr Viktorin <pviktori@redhat.com>
Date: Thu, 23 Aug 2012 12:38:45 -0400
Subject: Use Dogtag 10 only when it is available

Put the changes from Ade's dogtag 10 patch into namespaced constants in
dogtag.py, which are then referenced in the code.

Make ipaserver.install.CAInstance use the service name specified in the
configuration. Uninstallation, where config is removed before CA uninstall,
also uses the (previously) configured value.

This and Ade's patch address https://fedorahosted.org/freeipa/ticket/2846
---
 install/conf/ipa-pki-proxy.conf | 14 +++++++-------
 install/conf/ipa.conf           |  6 +++---
 2 files changed, 10 insertions(+), 10 deletions(-)

(limited to 'install/conf')

diff --git a/install/conf/ipa-pki-proxy.conf b/install/conf/ipa-pki-proxy.conf
index 7a067ca9..20c09217 100644
--- a/install/conf/ipa-pki-proxy.conf
+++ b/install/conf/ipa-pki-proxy.conf
@@ -1,4 +1,4 @@
-# VERSION 1 - DO NOT REMOVE THIS LINE
+# VERSION 2 - DO NOT REMOVE THIS LINE
 
 ProxyRequests Off
 
@@ -6,22 +6,22 @@ ProxyRequests Off
 <LocationMatch "^/ca/ee/ca/checkRequest|^/ca/ee/ca/getCertChain|^/ca/ee/ca/getTokenInfo|^/ca/ee/ca/tokenAuthenticate|^/ca/ocsp|^/ca/ee/ca/updateNumberRange">
     NSSOptions +StdEnvVars +ExportCertData +StrictRequire +OptRenegotiate
     NSSVerifyClient none
-    ProxyPassMatch ajp://localhost:8009
-    ProxyPassReverse ajp://localhost:8009
+    ProxyPassMatch ajp://localhost:$DOGTAG_PORT
+    ProxyPassReverse ajp://localhost:$DOGTAG_PORT
 </LocationMatch>
 
 # matches for admin port and installer
 <LocationMatch "^/ca/admin/ca/getCertChain|^/ca/admin/ca/getConfigEntries|^/ca/admin/ca/getCookie|^/ca/admin/ca/getStatus|^/ca/admin/ca/securityDomainLogin|^/ca/admin/ca/getDomainXML|^/ca/rest/installer/installToken">
     NSSOptions +StdEnvVars +ExportCertData +StrictRequire +OptRenegotiate
     NSSVerifyClient none
-    ProxyPassMatch ajp://localhost:8009
-    ProxyPassReverse ajp://localhost:8009
+    ProxyPassMatch ajp://localhost:$DOGTAG_PORT
+    ProxyPassReverse ajp://localhost:$DOGTAG_PORT
 </LocationMatch>
 
 # matches for agent port and eeca port
 <LocationMatch "^/ca/agent/ca/displayBySerial|^/ca/agent/ca/doRevoke|^/ca/agent/ca/doUnrevoke|^/ca/agent/ca/updateDomainXML|^/ca/eeca/ca/profileSubmitSSLClient">
     NSSOptions +StdEnvVars +ExportCertData +StrictRequire +OptRenegotiate
     NSSVerifyClient require
-    ProxyPassMatch ajp://localhost:8009
-    ProxyPassReverse ajp://localhost:8009
+    ProxyPassMatch ajp://localhost:$DOGTAG_PORT
+    ProxyPassReverse ajp://localhost:$DOGTAG_PORT
 </LocationMatch>
diff --git a/install/conf/ipa.conf b/install/conf/ipa.conf
index d428460f..ed50a35b 100644
--- a/install/conf/ipa.conf
+++ b/install/conf/ipa.conf
@@ -1,5 +1,5 @@
 #
-# VERSION 7 - DO NOT REMOVE THIS LINE
+# VERSION 8 - DO NOT REMOVE THIS LINE
 #
 # This file may be overwritten on upgrades.
 #
@@ -105,8 +105,8 @@ Alias /ipa/config "/usr/share/ipa/html"
 
 
 # For CRL publishing
-Alias /ipa/crl "/var/lib/pki/tomcat-ca/ca/publish"
-<Directory "/var/lib/pki/tomcat-ca/ca/publish">
+Alias /ipa/crl "$CRL_PUBLISH_PATH"
+<Directory "$CRL_PUBLISH_PATH">
   SetHandler None
   AllowOverride None
   Options Indexes FollowSymLinks
-- 
cgit