constants: remove CACERT

CACERT depends on ipaplatform. Replace all uses of CACERT with paths.IPA_CA_CRT and remove CACERT. https://fedorahosted.org/freeipa/ticket/6474 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
author: Jan Cholasta <jcholast@redhat.com> 2016-11-22 14:42:33 +0100
committer: Martin Basti <mbasti@redhat.com> 2016-11-29 14:50:51 +0100
commit: 977050c66bccd7b8cf468c115d73250505a01034 (patch)
tree: 21d42ca82e118c2a70ec15a0cd84567f914347fc /install
parent: a2c58889735c794cd1e93331c755b6f9ba273773 (diff)
download: freeipa-977050c66bccd7b8cf468c115d73250505a01034.tar.gz
freeipa-977050c66bccd7b8cf468c115d73250505a01034.tar.xz
freeipa-977050c66bccd7b8cf468c115d73250505a01034.zip
2 files changed, 11 insertions, 12 deletions
diff --git a/install/tools/ipa-csreplica-manage b/install/tools/ipa-csreplica-manage
index a4d0a88a6..6a3b8693c 100755
--- a/install/tools/ipa-csreplica-manage
+++ b/install/tools/ipa-csreplica-manage
@@ -25,11 +25,11 @@ from __future__ import print_function
 import sys
 import os
 
+from ipaplatform.paths import paths
 from ipapython.ipa_log_manager import root_logger
 from ipaserver.install import (replication, installutils, bindinstance,
     cainstance, certs)
 from ipalib import api, errors
-from ipalib.constants import CACERT
 from ipalib.util import has_managed_topology
 from ipapython import ipautil, ipaldap, version
 from ipapython.dn import DN
@@ -93,8 +93,8 @@ def list_replicas(realm, host, replica, dirman_passwd, verbose):
 
     try:
         # connect to main IPA LDAP server
-        ldap_uri = ipaldap.get_ldap_uri(host, 636, cacert=CACERT)
-        conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
+        ldap_uri = ipaldap.get_ldap_uri(host, 636, cacert=paths.IPA_CA_CRT)
+        conn = ipaldap.LDAPClient(ldap_uri, cacert=paths.IPA_CA_CRT)
         conn.simple_bind(bind_dn=ipaldap.DIRMAN_DN,
                          bind_password=dirman_passwd)
 
@@ -295,8 +295,8 @@ def add_link(realm, replica1, replica2, dirman_passwd, options):
     except Exception as e:
         sys.exit(str(e))
     try:
-        ldap_uri = ipaldap.get_ldap_uri(replica2, 636, cacert=CACERT)
-        conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
+        ldap_uri = ipaldap.get_ldap_uri(replica2, 636, cacert=paths.IPA_CA_CRT)
+        conn = ipaldap.LDAPClient(ldap_uri, cacert=paths.IPA_CA_CRT)
         conn.simple_bind(bind_dn=ipaldap.DIRMAN_DN,
                          bind_password=dirman_passwd)
 
diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage
index 68d9a92dd..83725bc8f 100755
--- a/install/tools/ipa-replica-manage
+++ b/install/tools/ipa-replica-manage
@@ -39,7 +39,6 @@ from ipaserver.install import bindinstance, cainstance, certs
 from ipaserver.install import opendnssecinstance, dnskeysyncinstance
 from ipapython import version, ipaldap
 from ipalib import api, errors
-from ipalib.constants import CACERT
 from ipalib.util import has_managed_topology, verify_host_resolvable
 from ipapython.ipa_log_manager import root_logger, standard_logging_setup
 from ipapython.dn import DN
@@ -167,8 +166,8 @@ def list_replicas(realm, host, replica, dirman_passwd, verbose, nolookup=False):
     peers = {}
 
     try:
-        ldap_uri = ipaldap.get_ldap_uri(host, 636, cacert=CACERT)
-        conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
+        ldap_uri = ipaldap.get_ldap_uri(host, 636, cacert=paths.IPA_CA_CRT)
+        conn = ipaldap.LDAPClient(ldap_uri, cacert=paths.IPA_CA_CRT)
         if dirman_passwd:
             conn.simple_bind(bind_dn=ipaldap.DIRMAN_DN,
                              bind_password=dirman_passwd)
@@ -628,8 +627,8 @@ def clean_dangling_ruvs(realm, host, options):
     Cleans all RUVs and CS-RUVs that are left in the system from
     uninstalled replicas
     """
-    ldap_uri = ipaldap.get_ldap_uri(host, 636, cacert=CACERT)
-    conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
+    ldap_uri = ipaldap.get_ldap_uri(host, 636, cacert=paths.IPA_CA_CRT)
+    conn = ipaldap.LDAPClient(ldap_uri, cacert=paths.IPA_CA_CRT)
     try:
         conn.simple_bind(bind_dn=ipaldap.DIRMAN_DN,
                          bind_password=options.dirman_passwd)
@@ -676,8 +675,8 @@ def clean_dangling_ruvs(realm, host, options):
     offlines = set()
     for master_cn, master_info in info.items():
         try:
-            ldap_uri = ipaldap.get_ldap_uri(master_cn, 636, cacert=CACERT)
-            conn = ipaldap.LDAPClient(ldap_uri, cacert=CACERT)
+            ldap_uri = ipaldap.get_ldap_uri(master_cn, 636, cacert=paths.IPA_CA_CRT)
+            conn = ipaldap.LDAPClient(ldap_uri, cacert=paths.IPA_CA_CRT)
             conn.simple_bind(bind_dn=ipaldap.DIRMAN_DN,
                              bind_password=options.dirman_passwd)
             master_info['online'] = True
author	Jan Cholasta <jcholast@redhat.com>	2016-11-22 14:42:33 +0100
committer	Martin Basti <mbasti@redhat.com>	2016-11-29 14:50:51 +0100
commit	977050c66bccd7b8cf468c115d73250505a01034 (patch)
tree	21d42ca82e118c2a70ec15a0cd84567f914347fc /install
parent	a2c58889735c794cd1e93331c755b6f9ba273773 (diff)
download	freeipa-977050c66bccd7b8cf468c115d73250505a01034.tar.gz freeipa-977050c66bccd7b8cf468c115d73250505a01034.tar.xz freeipa-977050c66bccd7b8cf468c115d73250505a01034.zip