diff options
author | Jan Cholasta <jcholast@redhat.com> | 2016-11-22 17:55:10 +0100 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-11-29 14:50:51 +0100 |
commit | a1f260d021bf5d018e634438fde6b7c81ebbbcef (patch) | |
tree | 29f979f42913f804514f92ada0cb953fdb6d095f | |
parent | 8e5d2c7014ff6371a3b306e666c301aea1f7a488 (diff) | |
download | freeipa-a1f260d021bf5d018e634438fde6b7c81ebbbcef.tar.gz freeipa-a1f260d021bf5d018e634438fde6b7c81ebbbcef.tar.xz freeipa-a1f260d021bf5d018e634438fde6b7c81ebbbcef.zip |
ipapython: move dnssec, p11helper and secrets to ipaserver
The dnssec and secrets subpackages and the p11helper module depend on
ipaplatform.
Move them to ipaserver as they are used only on the server.
https://fedorahosted.org/freeipa/ticket/6474
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
-rwxr-xr-x | daemons/dnssec/ipa-dnskeysync-replica | 9 | ||||
-rwxr-xr-x | daemons/dnssec/ipa-dnskeysyncd | 3 | ||||
-rwxr-xr-x | daemons/dnssec/ipa-ods-exporter | 7 | ||||
-rw-r--r-- | freeipa.spec.in | 6 | ||||
-rw-r--r-- | install/share/custodia.conf.template | 4 | ||||
-rwxr-xr-x | install/tools/ipa-pki-retrieve-key | 2 | ||||
-rwxr-xr-x | ipapython/setup.py | 10 | ||||
-rw-r--r-- | ipaserver/dnssec/__init__.py (renamed from ipapython/dnssec/__init__.py) | 0 | ||||
-rw-r--r-- | ipaserver/dnssec/abshsm.py (renamed from ipapython/dnssec/abshsm.py) | 2 | ||||
-rw-r--r-- | ipaserver/dnssec/bindmgr.py (renamed from ipapython/dnssec/bindmgr.py) | 2 | ||||
-rw-r--r-- | ipaserver/dnssec/keysyncer.py (renamed from ipapython/dnssec/keysyncer.py) | 6 | ||||
-rw-r--r-- | ipaserver/dnssec/ldapkeydb.py (renamed from ipapython/dnssec/ldapkeydb.py) | 4 | ||||
-rwxr-xr-x | ipaserver/dnssec/localhsm.py (renamed from ipapython/dnssec/localhsm.py) | 4 | ||||
-rw-r--r-- | ipaserver/dnssec/odsmgr.py (renamed from ipapython/dnssec/odsmgr.py) | 0 | ||||
-rw-r--r-- | ipaserver/dnssec/syncrepl.py (renamed from ipapython/dnssec/syncrepl.py) | 0 | ||||
-rw-r--r-- | ipaserver/dnssec/temp.py (renamed from ipapython/dnssec/temp.py) | 0 | ||||
-rw-r--r-- | ipaserver/install/cainstance.py | 2 | ||||
-rw-r--r-- | ipaserver/install/custodiainstance.py | 4 | ||||
-rw-r--r-- | ipaserver/install/dnskeysyncinstance.py | 2 | ||||
-rw-r--r-- | ipaserver/install/opendnssecinstance.py | 3 | ||||
-rw-r--r-- | ipaserver/p11helper.py (renamed from ipapython/p11helper.py) | 0 | ||||
-rw-r--r-- | ipaserver/secrets/__init__.py (renamed from ipapython/secrets/__init__.py) | 0 | ||||
-rw-r--r-- | ipaserver/secrets/client.py (renamed from ipapython/secrets/client.py) | 4 | ||||
-rw-r--r-- | ipaserver/secrets/common.py (renamed from ipapython/secrets/common.py) | 0 | ||||
-rw-r--r-- | ipaserver/secrets/kem.py (renamed from ipapython/secrets/kem.py) | 2 | ||||
-rw-r--r-- | ipaserver/secrets/store.py (renamed from ipapython/secrets/store.py) | 2 | ||||
-rwxr-xr-x | ipaserver/setup.py | 10 | ||||
-rw-r--r-- | ipatests/test_ipaserver/test_dnssec.py (renamed from ipatests/test_ipapython/test_dnssec.py) | 4 | ||||
-rw-r--r-- | ipatests/test_ipaserver/test_ipap11helper.py (renamed from ipatests/test_ipapython/test_ipap11helper.py) | 2 | ||||
-rw-r--r-- | ipatests/test_ipaserver/test_secrets.py (renamed from ipatests/test_ipapython/test_secrets.py) | 2 |
30 files changed, 47 insertions, 49 deletions
diff --git a/daemons/dnssec/ipa-dnskeysync-replica b/daemons/dnssec/ipa-dnskeysync-replica index fbfee93b8..43670d29c 100755 --- a/daemons/dnssec/ipa-dnskeysync-replica +++ b/daemons/dnssec/ipa-dnskeysync-replica @@ -20,10 +20,11 @@ from ipapython.ipa_log_manager import root_logger, standard_logging_setup from ipapython import ipaldap from ipapython import ipautil from ipaplatform.paths import paths - -from ipapython.dnssec.abshsm import sync_pkcs11_metadata, ldap2p11helper_api_params, wrappingmech_name2id -from ipapython.dnssec.ldapkeydb import LdapKeyDB -from ipapython.dnssec.localhsm import LocalHSM +from ipaserver.dnssec.abshsm import (sync_pkcs11_metadata, + ldap2p11helper_api_params, + wrappingmech_name2id) +from ipaserver.dnssec.ldapkeydb import LdapKeyDB +from ipaserver.dnssec.localhsm import LocalHSM DAEMONNAME = 'ipa-dnskeysyncd' PRINCIPAL = None # not initialized yet diff --git a/daemons/dnssec/ipa-dnskeysyncd b/daemons/dnssec/ipa-dnskeysyncd index dfe4cb4be..37c6a02fb 100755 --- a/daemons/dnssec/ipa-dnskeysyncd +++ b/daemons/dnssec/ipa-dnskeysyncd @@ -16,8 +16,7 @@ from ipapython.ipa_log_manager import root_logger, standard_logging_setup from ipapython import ipaldap from ipapython import ipautil from ipaplatform.paths import paths - -from ipapython.dnssec.keysyncer import KeySyncer +from ipaserver.dnssec.keysyncer import KeySyncer # IPA framework initialization api.bootstrap(in_server=True, log=None) # no logging to file diff --git a/daemons/dnssec/ipa-ods-exporter b/daemons/dnssec/ipa-ods-exporter index 66332490a..f2fdaa991 100755 --- a/daemons/dnssec/ipa-ods-exporter +++ b/daemons/dnssec/ipa-ods-exporter @@ -36,10 +36,9 @@ from ipapython.dn import DN from ipapython import ipaldap from ipapython import ipautil from ipaplatform.paths import paths - -from ipapython.dnssec.abshsm import sync_pkcs11_metadata, wrappingmech_name2id -from ipapython.dnssec.ldapkeydb import LdapKeyDB -from ipapython.dnssec.localhsm import LocalHSM +from ipaserver.dnssec.abshsm import sync_pkcs11_metadata, wrappingmech_name2id +from ipaserver.dnssec.ldapkeydb import LdapKeyDB +from ipaserver.dnssec.localhsm import LocalHSM DAEMONNAME = 'ipa-ods-exporter' PRINCIPAL = None # not initialized yet diff --git a/freeipa.spec.in b/freeipa.spec.in index 3865ed8c7..d76c1a314 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -1065,12 +1065,14 @@ fi %license COPYING %{python_sitelib}/ipaserver-*.egg-info %dir %{python_sitelib}/ipaserver +%dir %{python_sitelib}/ipaserver/dnssec %dir %{python_sitelib}/ipaserver/install %dir %{python_sitelib}/ipaserver/install/plugins %dir %{python_sitelib}/ipaserver/install/server %dir %{python_sitelib}/ipaserver/advise %dir %{python_sitelib}/ipaserver/advise/plugins %dir %{python_sitelib}/ipaserver/plugins +%dir %{python_sitelib}/ipaserver/secrets %files server-common @@ -1285,12 +1287,8 @@ fi %license COPYING %dir %{python_sitelib}/ipapython %{python_sitelib}/ipapython/*.py* -%dir %{python_sitelib}/ipapython/dnssec -%{python_sitelib}/ipapython/dnssec/*.py* %dir %{python_sitelib}/ipapython/install %{python_sitelib}/ipapython/install/*.py* -%dir %{python_sitelib}/ipapython/secrets -%{python_sitelib}/ipapython/secrets/*.py* %dir %{python_sitelib}/ipalib %{python_sitelib}/ipalib/*.py* %dir %{python_sitelib}/ipalib/install diff --git a/install/share/custodia.conf.template b/install/share/custodia.conf.template index 94740c00d..855a1b3ba 100644 --- a/install/share/custodia.conf.template +++ b/install/share/custodia.conf.template @@ -13,13 +13,13 @@ handler = custodia.httpd.authenticators.SimpleHeaderAuth header = GSS_NAME [authz:kemkeys] -handler = ipapython.secrets.kem.IPAKEMKeys +handler = ipaserver.secrets.kem.IPAKEMKeys paths = /keys store = ipa server_keys = $IPA_CUSTODIA_CONF_DIR/server.keys [store:ipa] -handler = ipapython.secrets.store.IPASecStore +handler = ipaserver.secrets.store.IPASecStore ldap_uri = $LDAP_URI [/keys] diff --git a/install/tools/ipa-pki-retrieve-key b/install/tools/ipa-pki-retrieve-key index 740e799d2..505ed238e 100755 --- a/install/tools/ipa-pki-retrieve-key +++ b/install/tools/ipa-pki-retrieve-key @@ -8,7 +8,7 @@ import sys from ipalib import constants from ipalib.config import Env from ipaplatform.paths import paths -from ipapython.secrets.client import CustodiaClient +from ipaserver.secrets.client import CustodiaClient env = Env() env._finalize() diff --git a/ipapython/setup.py b/ipapython/setup.py index 087086eee..1abe7b067 100755 --- a/ipapython/setup.py +++ b/ipapython/setup.py @@ -34,8 +34,6 @@ if __name__ == '__main__': package_dir={'ipapython': ''}, packages=[ "ipapython", - "ipapython.dnssec", - "ipapython.secrets", "ipapython.install" ], install_requires=[ @@ -60,12 +58,4 @@ if __name__ == '__main__': extras_require={ ":python_version<'3'": ["enum34"], }, - entry_points={ - 'custodia.authorizers': [ - 'IPAKEMKeys = ipapython.secrets.kem:IPAKEMKeys', - ], - 'custodia.stores': [ - 'IPASecStore = ipapython.secrets.store:IPASecStore', - ], - }, ) diff --git a/ipapython/dnssec/__init__.py b/ipaserver/dnssec/__init__.py index e69de29bb..e69de29bb 100644 --- a/ipapython/dnssec/__init__.py +++ b/ipaserver/dnssec/__init__.py diff --git a/ipapython/dnssec/abshsm.py b/ipaserver/dnssec/abshsm.py index 1533892f8..eb430b437 100644 --- a/ipapython/dnssec/abshsm.py +++ b/ipaserver/dnssec/abshsm.py @@ -2,7 +2,7 @@ # Copyright (C) 2014 FreeIPA Contributors see COPYING for license # -from ipapython import p11helper as _ipap11helper +from ipaserver import p11helper as _ipap11helper attrs_id2name = { #_ipap11helper.CKA_ALLOWED_MECHANISMS: 'ipk11allowedmechanisms', diff --git a/ipapython/dnssec/bindmgr.py b/ipaserver/dnssec/bindmgr.py index 33d071f45..71ad05399 100644 --- a/ipapython/dnssec/bindmgr.py +++ b/ipaserver/dnssec/bindmgr.py @@ -14,7 +14,7 @@ from ipapython.dn import DN from ipapython import ipa_log_manager, ipautil from ipaplatform.paths import paths -from ipapython.dnssec.temp import TemporaryDirectory +from ipaserver.dnssec.temp import TemporaryDirectory time_bindfmt = '%Y%m%d%H%M%S' diff --git a/ipapython/dnssec/keysyncer.py b/ipaserver/dnssec/keysyncer.py index 20039a068..a8dc92354 100644 --- a/ipapython/dnssec/keysyncer.py +++ b/ipaserver/dnssec/keysyncer.py @@ -10,9 +10,9 @@ import dns.name from ipaplatform.paths import paths from ipapython import ipautil -from ipapython.dnssec.syncrepl import SyncReplConsumer -from ipapython.dnssec.odsmgr import ODSMgr -from ipapython.dnssec.bindmgr import BINDMgr +from ipaserver.dnssec.syncrepl import SyncReplConsumer +from ipaserver.dnssec.odsmgr import ODSMgr +from ipaserver.dnssec.bindmgr import BINDMgr SIGNING_ATTR = 'idnsSecInlineSigning' OBJCLASS_ATTR = 'objectClass' diff --git a/ipapython/dnssec/ldapkeydb.py b/ipaserver/dnssec/ldapkeydb.py index aa0413934..98e150d92 100644 --- a/ipapython/dnssec/ldapkeydb.py +++ b/ipaserver/dnssec/ldapkeydb.py @@ -13,12 +13,12 @@ from ipapython.dn import DN from ipapython import ipaldap from ipapython import ipa_log_manager -from ipapython.dnssec.abshsm import ( +from ipaserver.dnssec.abshsm import ( attrs_name2id, AbstractHSM, bool_attr_names, populate_pkcs11_metadata) -from ipapython import p11helper as _ipap11helper +from ipaserver import p11helper as _ipap11helper import uuid def uri_escape(val): diff --git a/ipapython/dnssec/localhsm.py b/ipaserver/dnssec/localhsm.py index befe08aec..c1e4887b5 100755 --- a/ipapython/dnssec/localhsm.py +++ b/ipaserver/dnssec/localhsm.py @@ -13,8 +13,8 @@ from pprint import pprint from ipaplatform.paths import paths -from ipapython import p11helper as _ipap11helper -from ipapython.dnssec.abshsm import (attrs_name2id, attrs_id2name, AbstractHSM, +from ipaserver import p11helper as _ipap11helper +from ipaserver.dnssec.abshsm import (attrs_name2id, attrs_id2name, AbstractHSM, keytype_id2name, keytype_name2id, ldap2p11helper_api_params) diff --git a/ipapython/dnssec/odsmgr.py b/ipaserver/dnssec/odsmgr.py index 0308408e0..0308408e0 100644 --- a/ipapython/dnssec/odsmgr.py +++ b/ipaserver/dnssec/odsmgr.py diff --git a/ipapython/dnssec/syncrepl.py b/ipaserver/dnssec/syncrepl.py index e197670ad..e197670ad 100644 --- a/ipapython/dnssec/syncrepl.py +++ b/ipaserver/dnssec/syncrepl.py diff --git a/ipapython/dnssec/temp.py b/ipaserver/dnssec/temp.py index e97d3a0b8..e97d3a0b8 100644 --- a/ipapython/dnssec/temp.py +++ b/ipaserver/dnssec/temp.py diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 1aa6b8d4e..20fc2b730 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -57,7 +57,7 @@ from ipapython.certdb import get_ca_nickname from ipapython.dn import DN from ipapython.ipa_log_manager import log_mgr,\ standard_logging_setup, root_logger -from ipapython.secrets.kem import IPAKEMKeys +from ipaserver.secrets.kem import IPAKEMKeys from ipaserver.install import certs from ipaserver.install import custodiainstance diff --git a/ipaserver/install/custodiainstance.py b/ipaserver/install/custodiainstance.py index b0c952d68..604a6da3e 100644 --- a/ipaserver/install/custodiainstance.py +++ b/ipaserver/install/custodiainstance.py @@ -1,7 +1,7 @@ # Copyright (C) 2015 FreeIPa Project Contributors, see 'COPYING' for license. -from ipapython.secrets.kem import IPAKEMKeys -from ipapython.secrets.client import CustodiaClient +from ipaserver.secrets.kem import IPAKEMKeys +from ipaserver.secrets.client import CustodiaClient from ipaserver.install.certs import CertDB from ipaplatform.paths import paths from ipaplatform.constants import constants diff --git a/ipaserver/install/dnskeysyncinstance.py b/ipaserver/install/dnskeysyncinstance.py index 28eb3f9d6..76a14f9d9 100644 --- a/ipaserver/install/dnskeysyncinstance.py +++ b/ipaserver/install/dnskeysyncinstance.py @@ -13,7 +13,7 @@ import stat import ldap -from ipapython import p11helper as _ipap11helper +from ipaserver import p11helper as _ipap11helper from ipapython.dnsutil import DNSName from ipaserver.install import service from ipaserver.install import installutils diff --git a/ipaserver/install/opendnssecinstance.py b/ipaserver/install/opendnssecinstance.py index 39b81b6b4..9d0664d99 100644 --- a/ipaserver/install/opendnssecinstance.py +++ b/ipaserver/install/opendnssecinstance.py @@ -13,11 +13,12 @@ from ipaserver.install import service from ipaserver.install import installutils from ipapython.ipa_log_manager import root_logger from ipapython.dn import DN -from ipapython import sysrestore, ipautil, p11helper +from ipapython import sysrestore, ipautil from ipaplatform import services from ipaplatform.constants import constants from ipaplatform.paths import paths from ipalib import errors, api +from ipaserver import p11helper from ipaserver.install import dnskeysyncinstance KEYMASTER = u'dnssecKeyMaster' diff --git a/ipapython/p11helper.py b/ipaserver/p11helper.py index 5963c6d71..5963c6d71 100644 --- a/ipapython/p11helper.py +++ b/ipaserver/p11helper.py diff --git a/ipapython/secrets/__init__.py b/ipaserver/secrets/__init__.py index e69de29bb..e69de29bb 100644 --- a/ipapython/secrets/__init__.py +++ b/ipaserver/secrets/__init__.py diff --git a/ipapython/secrets/client.py b/ipaserver/secrets/client.py index d9cc7d0f5..a04b9a643 100644 --- a/ipapython/secrets/client.py +++ b/ipaserver/secrets/client.py @@ -4,8 +4,8 @@ from __future__ import print_function from custodia.message.kem import KEMClient, KEY_USAGE_SIG, KEY_USAGE_ENC from jwcrypto.common import json_decode from jwcrypto.jwk import JWK -from ipapython.secrets.kem import IPAKEMKeys -from ipapython.secrets.store import iSecStore +from ipaserver.secrets.kem import IPAKEMKeys +from ipaserver.secrets.store import iSecStore from ipaplatform.paths import paths from base64 import b64encode import ldapurl diff --git a/ipapython/secrets/common.py b/ipaserver/secrets/common.py index 2b906b649..2b906b649 100644 --- a/ipapython/secrets/common.py +++ b/ipaserver/secrets/common.py diff --git a/ipapython/secrets/kem.py b/ipaserver/secrets/kem.py index 7f92c9f89..143caaf6c 100644 --- a/ipapython/secrets/kem.py +++ b/ipaserver/secrets/kem.py @@ -17,7 +17,7 @@ from custodia.message.kem import KEY_USAGE_SIG, KEY_USAGE_ENC, KEY_USAGE_MAP from jwcrypto.common import json_decode, json_encode from jwcrypto.common import base64url_encode from jwcrypto.jwk import JWK -from ipapython.secrets.common import iSecLdap +from ipaserver.secrets.common import iSecLdap from binascii import unhexlify import ldap diff --git a/ipapython/secrets/store.py b/ipaserver/secrets/store.py index 30a87d4a5..1df7191f9 100644 --- a/ipapython/secrets/store.py +++ b/ipaserver/secrets/store.py @@ -6,7 +6,7 @@ from custodia.store.interface import CSStore from jwcrypto.common import json_decode, json_encode from ipaplatform.paths import paths from ipapython import ipautil -from ipapython.secrets.common import iSecLdap +from ipaserver.secrets.common import iSecLdap import ldap import os import shutil diff --git a/ipaserver/setup.py b/ipaserver/setup.py index 5c38843b4..3635832d4 100755 --- a/ipaserver/setup.py +++ b/ipaserver/setup.py @@ -38,7 +38,9 @@ if __name__ == '__main__': 'ipaserver', 'ipaserver.advise', 'ipaserver.advise.plugins', + 'ipaserver.dnssec', 'ipaserver.plugins', + 'ipaserver.secrets', 'ipaserver.install', 'ipaserver.install.plugins', 'ipaserver.install.server', @@ -69,4 +71,12 @@ if __name__ == '__main__': setup_requires=[ "wheel", ], + entry_points={ + 'custodia.authorizers': [ + 'IPAKEMKeys = ipaserver.secrets.kem:IPAKEMKeys', + ], + 'custodia.stores': [ + 'IPASecStore = ipaserver.secrets.store:IPASecStore', + ], + }, ) diff --git a/ipatests/test_ipapython/test_dnssec.py b/ipatests/test_ipaserver/test_dnssec.py index c4b830e72..b90f69e13 100644 --- a/ipatests/test_ipapython/test_dnssec.py +++ b/ipatests/test_ipaserver/test_dnssec.py @@ -2,11 +2,11 @@ # Copyright (C) 2016 FreeIPA Contributors see COPYING for license # """ -Test the `ipapython/dnssec` package. +Test the `ipaserver/dnssec` package. """ import dns.name -from ipapython.dnssec.odsmgr import ODSZoneListReader +from ipaserver.dnssec.odsmgr import ODSZoneListReader ZONELIST_XML = """<?xml version="1.0" encoding="UTF-8"?> diff --git a/ipatests/test_ipapython/test_ipap11helper.py b/ipatests/test_ipaserver/test_ipap11helper.py index 2c8fd2892..c0c8b24bb 100644 --- a/ipatests/test_ipapython/test_ipap11helper.py +++ b/ipatests/test_ipaserver/test_ipap11helper.py @@ -17,7 +17,7 @@ import tempfile import pytest from ipaplatform.paths import paths -from ipapython import p11helper as _ipap11helper +from ipaserver import p11helper as _ipap11helper pytestmark = pytest.mark.tier0 diff --git a/ipatests/test_ipapython/test_secrets.py b/ipatests/test_ipaserver/test_secrets.py index 9fbf825d2..40daed67f 100644 --- a/ipatests/test_ipapython/test_secrets.py +++ b/ipatests/test_ipaserver/test_secrets.py @@ -1,7 +1,7 @@ # Copyright (C) 2015 FreeIPA Project Contributors - see LICENSE file from __future__ import print_function -from ipapython.secrets.store import iSecStore, NAME_DB_MAP, NSSCertDB +from ipaserver.secrets.store import iSecStore, NAME_DB_MAP, NSSCertDB import os import shutil import subprocess |