IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Use RENEWAL_CA_NAME and RA_AGENT_PROFILE constants

Browse Source 
Replace renewal CA and profile name literals with corresponding
symbols from ipalib.constants.

Part of: https://pagure.io/freeipa/issue/7991

Reviewed-By: Rob Crittenden <rcritten@redhat.com>
This commit is contained in:
Fraser Tweedale
2019-06-27 11:48:53 +10:00
parent 1bf008a64f
commit bb779baadf
3 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ipaserver/install/cainstance.py
View File

@@ -864,7 +864,7 @@ class CAInstance(DogtagInstance):
principal='host/%s' % self.fqdn,
subject=str(DN(('CN', 'IPA RA'), self.subject_base)),
ca=ipalib.constants.RENEWAL_CA_NAME,
profile='caServerCert',
profile=ipalib.constants.RA_AGENT_PROFILE,
pre_command='renew_ra_cert_pre',
post_command='renew_ra_cert',
storage="FILE",
@@ -991,7 +991,7 @@ class CAInstance(DogtagInstance):
'/org/fedorahosted/certmonger')
iface = dbus.Interface(obj, 'org.fedorahosted.certmonger')
for suffix in ['', '-reuse']:
name = 'dogtag-ipa-ca-renew-agent' + suffix
name = ipalib.constants.RENEWAL_CA_NAME + suffix
path = iface.find_ca_by_nickname(name)
if path:
iface.remove_known_ca(path)
@@ -1046,7 +1046,7 @@ class CAInstance(DogtagInstance):
try:
certmonger.start_tracking(
certpath=(paths.RA_AGENT_PEM, paths.RA_AGENT_KEY),
ca='dogtag-ipa-ca-renew-agent',
ca=ipalib.constants.RENEWAL_CA_NAME,
profile=ipalib.constants.RA_AGENT_PROFILE,
pre_command='renew_ra_cert_pre',
post_command='renew_ra_cert',

6
ipaserver/install/dogtaginstance.py
View File

@@ -38,7 +38,7 @@ import pki.system
from ipalib import api, errors, x509
from ipalib.install import certmonger
from ipalib.constants import CA_DBUS_TIMEOUT, IPA_CA_RECORD
from ipalib.constants import CA_DBUS_TIMEOUT, IPA_CA_RECORD, RENEWAL_CA_NAME
from ipaplatform import services
from ipaplatform.constants import constants
from ipaplatform.paths import paths
@@ -306,7 +306,7 @@ class DogtagInstance(service.Service):
'/org/fedorahosted/certmonger')
iface = dbus.Interface(obj, 'org.fedorahosted.certmonger')
for suffix, args in [('', ''), ('-reuse', ' --reuse-existing')]:
name = 'dogtag-ipa-ca-renew-agent' + suffix
name = RENEWAL_CA_NAME + suffix
path = iface.find_ca_by_nickname(name)
if not path:
command = paths.DOGTAG_IPA_CA_RENEW_AGENT_SUBMIT + args
@@ -334,7 +334,7 @@ class DogtagInstance(service.Service):
try:
certmonger.start_tracking(
certpath=self.nss_db,
ca='dogtag-ipa-ca-renew-agent',
ca=RENEWAL_CA_NAME,
nickname=nickname,
token_name=token_name,
pin=pin,

8
ipaserver/install/server/upgrade.py
View File

@@ -21,7 +21,7 @@ from augeas import Augeas
import dns.exception
from ipalib import api, x509
from ipalib.constants import RA_AGENT_PROFILE
from ipalib.constants import RENEWAL_CA_NAME, RA_AGENT_PROFILE
from ipalib.install import certmonger, sysrestore
import SSSDConfig
import ipalib.util
@@ -984,7 +984,7 @@ def certificate_renewal_update(ca, kra, ds, http):
req = {
'cert-database': paths.PKI_TOMCAT_ALIAS_DIR,
'cert-nickname': nick,
'ca-name': 'dogtag-ipa-ca-renew-agent',
'ca-name': RENEWAL_CA_NAME,
'cert-presave-command': template % 'stop_pkicad',
'cert-postsave-command':
(template % 'renew_ca_cert "{}"'.format(nick)),
@@ -996,7 +996,7 @@ def certificate_renewal_update(ca, kra, ds, http):
{
'cert-file': paths.RA_AGENT_PEM,
'key-file': paths.RA_AGENT_KEY,
'ca-name': 'dogtag-ipa-ca-renew-agent',
'ca-name': RENEWAL_CA_NAME,
'template-profile': RA_AGENT_PROFILE,
'cert-presave-command': template % 'renew_ra_cert_pre',
'cert-postsave-command': template % 'renew_ra_cert',
@@ -1042,7 +1042,7 @@ def certificate_renewal_update(ca, kra, ds, http):
{
'cert-database': paths.PKI_TOMCAT_ALIAS_DIR,
'cert-nickname': nickname,
'ca-name': 'dogtag-ipa-ca-renew-agent',
'ca-name': RENEWAL_CA_NAME,
'cert-presave-command': template % 'stop_pkicad',
'cert-postsave-command':
(template % ('renew_ca_cert "%s"' % nickname)),