ipapython: move dnssec, p11helper and secrets to ipaserver

The dnssec and secrets subpackages and the p11helper module depend on
ipaplatform.

Move them to ipaserver as they are used only on the server.

https://fedorahosted.org/freeipa/ticket/6474

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
This commit is contained in:
Jan Cholasta 2016-11-22 17:55:10 +01:00 committed by Martin Basti
parent 8e5d2c7014
commit a1f260d021
30 changed files with 47 additions and 49 deletions

View File

@ -20,10 +20,11 @@ from ipapython.ipa_log_manager import root_logger, standard_logging_setup
from ipapython import ipaldap
from ipapython import ipautil
from ipaplatform.paths import paths
from ipapython.dnssec.abshsm import sync_pkcs11_metadata, ldap2p11helper_api_params, wrappingmech_name2id
from ipapython.dnssec.ldapkeydb import LdapKeyDB
from ipapython.dnssec.localhsm import LocalHSM
from ipaserver.dnssec.abshsm import (sync_pkcs11_metadata,
ldap2p11helper_api_params,
wrappingmech_name2id)
from ipaserver.dnssec.ldapkeydb import LdapKeyDB
from ipaserver.dnssec.localhsm import LocalHSM
DAEMONNAME = 'ipa-dnskeysyncd'
PRINCIPAL = None # not initialized yet

View File

@ -16,8 +16,7 @@ from ipapython.ipa_log_manager import root_logger, standard_logging_setup
from ipapython import ipaldap
from ipapython import ipautil
from ipaplatform.paths import paths
from ipapython.dnssec.keysyncer import KeySyncer
from ipaserver.dnssec.keysyncer import KeySyncer
# IPA framework initialization
api.bootstrap(in_server=True, log=None) # no logging to file

View File

@ -36,10 +36,9 @@ from ipapython.dn import DN
from ipapython import ipaldap
from ipapython import ipautil
from ipaplatform.paths import paths
from ipapython.dnssec.abshsm import sync_pkcs11_metadata, wrappingmech_name2id
from ipapython.dnssec.ldapkeydb import LdapKeyDB
from ipapython.dnssec.localhsm import LocalHSM
from ipaserver.dnssec.abshsm import sync_pkcs11_metadata, wrappingmech_name2id
from ipaserver.dnssec.ldapkeydb import LdapKeyDB
from ipaserver.dnssec.localhsm import LocalHSM
DAEMONNAME = 'ipa-ods-exporter'
PRINCIPAL = None # not initialized yet

View File

@ -1065,12 +1065,14 @@ fi
%license COPYING
%{python_sitelib}/ipaserver-*.egg-info
%dir %{python_sitelib}/ipaserver
%dir %{python_sitelib}/ipaserver/dnssec
%dir %{python_sitelib}/ipaserver/install
%dir %{python_sitelib}/ipaserver/install/plugins
%dir %{python_sitelib}/ipaserver/install/server
%dir %{python_sitelib}/ipaserver/advise
%dir %{python_sitelib}/ipaserver/advise/plugins
%dir %{python_sitelib}/ipaserver/plugins
%dir %{python_sitelib}/ipaserver/secrets
%files server-common
@ -1285,12 +1287,8 @@ fi
%license COPYING
%dir %{python_sitelib}/ipapython
%{python_sitelib}/ipapython/*.py*
%dir %{python_sitelib}/ipapython/dnssec
%{python_sitelib}/ipapython/dnssec/*.py*
%dir %{python_sitelib}/ipapython/install
%{python_sitelib}/ipapython/install/*.py*
%dir %{python_sitelib}/ipapython/secrets
%{python_sitelib}/ipapython/secrets/*.py*
%dir %{python_sitelib}/ipalib
%{python_sitelib}/ipalib/*.py*
%dir %{python_sitelib}/ipalib/install

View File

@ -13,13 +13,13 @@ handler = custodia.httpd.authenticators.SimpleHeaderAuth
header = GSS_NAME
[authz:kemkeys]
handler = ipapython.secrets.kem.IPAKEMKeys
handler = ipaserver.secrets.kem.IPAKEMKeys
paths = /keys
store = ipa
server_keys = $IPA_CUSTODIA_CONF_DIR/server.keys
[store:ipa]
handler = ipapython.secrets.store.IPASecStore
handler = ipaserver.secrets.store.IPASecStore
ldap_uri = $LDAP_URI
[/keys]

View File

@ -8,7 +8,7 @@ import sys
from ipalib import constants
from ipalib.config import Env
from ipaplatform.paths import paths
from ipapython.secrets.client import CustodiaClient
from ipaserver.secrets.client import CustodiaClient
env = Env()
env._finalize()

View File

@ -34,8 +34,6 @@ if __name__ == '__main__':
package_dir={'ipapython': ''},
packages=[
"ipapython",
"ipapython.dnssec",
"ipapython.secrets",
"ipapython.install"
],
install_requires=[
@ -60,12 +58,4 @@ if __name__ == '__main__':
extras_require={
":python_version<'3'": ["enum34"],
},
entry_points={
'custodia.authorizers': [
'IPAKEMKeys = ipapython.secrets.kem:IPAKEMKeys',
],
'custodia.stores': [
'IPASecStore = ipapython.secrets.store:IPASecStore',
],
},
)

View File

@ -2,7 +2,7 @@
# Copyright (C) 2014 FreeIPA Contributors see COPYING for license
#
from ipapython import p11helper as _ipap11helper
from ipaserver import p11helper as _ipap11helper
attrs_id2name = {
#_ipap11helper.CKA_ALLOWED_MECHANISMS: 'ipk11allowedmechanisms',

View File

@ -14,7 +14,7 @@ from ipapython.dn import DN
from ipapython import ipa_log_manager, ipautil
from ipaplatform.paths import paths
from ipapython.dnssec.temp import TemporaryDirectory
from ipaserver.dnssec.temp import TemporaryDirectory
time_bindfmt = '%Y%m%d%H%M%S'

View File

@ -10,9 +10,9 @@ import dns.name
from ipaplatform.paths import paths
from ipapython import ipautil
from ipapython.dnssec.syncrepl import SyncReplConsumer
from ipapython.dnssec.odsmgr import ODSMgr
from ipapython.dnssec.bindmgr import BINDMgr
from ipaserver.dnssec.syncrepl import SyncReplConsumer
from ipaserver.dnssec.odsmgr import ODSMgr
from ipaserver.dnssec.bindmgr import BINDMgr
SIGNING_ATTR = 'idnsSecInlineSigning'
OBJCLASS_ATTR = 'objectClass'

View File

@ -13,12 +13,12 @@ from ipapython.dn import DN
from ipapython import ipaldap
from ipapython import ipa_log_manager
from ipapython.dnssec.abshsm import (
from ipaserver.dnssec.abshsm import (
attrs_name2id,
AbstractHSM,
bool_attr_names,
populate_pkcs11_metadata)
from ipapython import p11helper as _ipap11helper
from ipaserver import p11helper as _ipap11helper
import uuid
def uri_escape(val):

View File

@ -13,8 +13,8 @@ from pprint import pprint
from ipaplatform.paths import paths
from ipapython import p11helper as _ipap11helper
from ipapython.dnssec.abshsm import (attrs_name2id, attrs_id2name, AbstractHSM,
from ipaserver import p11helper as _ipap11helper
from ipaserver.dnssec.abshsm import (attrs_name2id, attrs_id2name, AbstractHSM,
keytype_id2name, keytype_name2id,
ldap2p11helper_api_params)

View File

@ -57,7 +57,7 @@ from ipapython.certdb import get_ca_nickname
from ipapython.dn import DN
from ipapython.ipa_log_manager import log_mgr,\
standard_logging_setup, root_logger
from ipapython.secrets.kem import IPAKEMKeys
from ipaserver.secrets.kem import IPAKEMKeys
from ipaserver.install import certs
from ipaserver.install import custodiainstance

View File

@ -1,7 +1,7 @@
# Copyright (C) 2015 FreeIPa Project Contributors, see 'COPYING' for license.
from ipapython.secrets.kem import IPAKEMKeys
from ipapython.secrets.client import CustodiaClient
from ipaserver.secrets.kem import IPAKEMKeys
from ipaserver.secrets.client import CustodiaClient
from ipaserver.install.certs import CertDB
from ipaplatform.paths import paths
from ipaplatform.constants import constants

View File

@ -13,7 +13,7 @@ import stat
import ldap
from ipapython import p11helper as _ipap11helper
from ipaserver import p11helper as _ipap11helper
from ipapython.dnsutil import DNSName
from ipaserver.install import service
from ipaserver.install import installutils

View File

@ -13,11 +13,12 @@ from ipaserver.install import service
from ipaserver.install import installutils
from ipapython.ipa_log_manager import root_logger
from ipapython.dn import DN
from ipapython import sysrestore, ipautil, p11helper
from ipapython import sysrestore, ipautil
from ipaplatform import services
from ipaplatform.constants import constants
from ipaplatform.paths import paths
from ipalib import errors, api
from ipaserver import p11helper
from ipaserver.install import dnskeysyncinstance
KEYMASTER = u'dnssecKeyMaster'

View File

@ -4,8 +4,8 @@ from __future__ import print_function
from custodia.message.kem import KEMClient, KEY_USAGE_SIG, KEY_USAGE_ENC
from jwcrypto.common import json_decode
from jwcrypto.jwk import JWK
from ipapython.secrets.kem import IPAKEMKeys
from ipapython.secrets.store import iSecStore
from ipaserver.secrets.kem import IPAKEMKeys
from ipaserver.secrets.store import iSecStore
from ipaplatform.paths import paths
from base64 import b64encode
import ldapurl

View File

@ -17,7 +17,7 @@ from custodia.message.kem import KEY_USAGE_SIG, KEY_USAGE_ENC, KEY_USAGE_MAP
from jwcrypto.common import json_decode, json_encode
from jwcrypto.common import base64url_encode
from jwcrypto.jwk import JWK
from ipapython.secrets.common import iSecLdap
from ipaserver.secrets.common import iSecLdap
from binascii import unhexlify
import ldap

View File

@ -6,7 +6,7 @@ from custodia.store.interface import CSStore
from jwcrypto.common import json_decode, json_encode
from ipaplatform.paths import paths
from ipapython import ipautil
from ipapython.secrets.common import iSecLdap
from ipaserver.secrets.common import iSecLdap
import ldap
import os
import shutil

View File

@ -38,7 +38,9 @@ if __name__ == '__main__':
'ipaserver',
'ipaserver.advise',
'ipaserver.advise.plugins',
'ipaserver.dnssec',
'ipaserver.plugins',
'ipaserver.secrets',
'ipaserver.install',
'ipaserver.install.plugins',
'ipaserver.install.server',
@ -69,4 +71,12 @@ if __name__ == '__main__':
setup_requires=[
"wheel",
],
entry_points={
'custodia.authorizers': [
'IPAKEMKeys = ipaserver.secrets.kem:IPAKEMKeys',
],
'custodia.stores': [
'IPASecStore = ipaserver.secrets.store:IPASecStore',
],
},
)

View File

@ -2,11 +2,11 @@
# Copyright (C) 2016 FreeIPA Contributors see COPYING for license
#
"""
Test the `ipapython/dnssec` package.
Test the `ipaserver/dnssec` package.
"""
import dns.name
from ipapython.dnssec.odsmgr import ODSZoneListReader
from ipaserver.dnssec.odsmgr import ODSZoneListReader
ZONELIST_XML = """<?xml version="1.0" encoding="UTF-8"?>

View File

@ -17,7 +17,7 @@ import tempfile
import pytest
from ipaplatform.paths import paths
from ipapython import p11helper as _ipap11helper
from ipaserver import p11helper as _ipap11helper
pytestmark = pytest.mark.tier0

View File

@ -1,7 +1,7 @@
# Copyright (C) 2015 FreeIPA Project Contributors - see LICENSE file
from __future__ import print_function
from ipapython.secrets.store import iSecStore, NAME_DB_MAP, NSSCertDB
from ipaserver.secrets.store import iSecStore, NAME_DB_MAP, NSSCertDB
import os
import shutil
import subprocess