def install_http_cert(self):
dirname = paths.HTTPD_ALIAS_DIR
old_cert = installutils.get_directive(paths.HTTPD_NSS_CONF,
'NSSNickname')
unquoted_cert = installutils.unquote_directive_value(old_cert,
quote_char="'")
server_cert = self.import_cert(dirname, self.options.pin,
unquoted_cert, 'HTTP/%s' % api.env.host,
'restart_httpd')
quoted_server_cert = installutils.quote_directive_value(server_cert,
quote_char="'")
installutils.set_directive(paths.HTTPD_NSS_CONF,
'NSSNickname',
quoted_server_cert,
quotes=False)
# Fix the database permissions
os.chmod(os.path.join(dirname, 'cert8.db'), 0o640)
os.chmod(os.path.join(dirname, 'key3.db'), 0o640)
os.chmod(os.path.join(dirname, 'secmod.db'), 0o640)
pent = pwd.getpwnam(constants.HTTPD_USER)
os.chown(os.path.join(dirname, 'cert8.db'), 0, pent.pw_gid)
os.chown(os.path.join(dirname, 'key3.db'), 0, pent.pw_gid)
os.chown(os.path.join(dirname, 'secmod.db'), 0, pent.pw_gid)
def install_http_cert(self):
dirname = paths.HTTPD_ALIAS_DIR
old_cert = installutils.get_directive(paths.HTTPD_NSS_CONF,
'NSSNickname')
unquoted_cert = installutils.unquote_directive_value(
old_cert, quote_char="'")
server_cert = self.import_cert(dirname, self.options.pin,
unquoted_cert, 'HTTP/%s' % api.env.host,
'restart_httpd')
quoted_server_cert = installutils.quote_directive_value(
server_cert, quote_char="'")
installutils.set_directive(
paths.HTTPD_NSS_CONF,
'NSSNickname',
quoted_server_cert,
quotes=False)
# Fix the database permissions
os.chmod(os.path.join(dirname, 'cert8.db'), 0o640)
os.chmod(os.path.join(dirname, 'key3.db'), 0o640)
os.chmod(os.path.join(dirname, 'secmod.db'), 0o640)
pent = pwd.getpwnam(constants.HTTPD_USER)
os.chown(os.path.join(dirname, 'cert8.db'), 0, pent.pw_gid)
os.chown(os.path.join(dirname, 'key3.db'), 0, pent.pw_gid)
os.chown(os.path.join(dirname, 'secmod.db'), 0, pent.pw_gid)
def install_http_cert(self):
dirname = paths.HTTPD_ALIAS_DIR
old_cert = installutils.get_directive(paths.HTTPD_NSS_CONF,
'NSSNickname')
unquoted_cert = installutils.unquote_directive_value(old_cert,
quote_char="'")
server_cert = self.import_cert(dirname, self.options.pin,
unquoted_cert, 'HTTP/%s' % api.env.host,
'restart_httpd')
quoted_server_cert = installutils.quote_directive_value(server_cert,
quote_char="'")
installutils.set_directive(paths.HTTPD_NSS_CONF,
'NSSNickname',
quoted_server_cert,
quotes=False)
# Fix the database permissions
pent = pwd.getpwnam(constants.HTTPD_USER)
for filename in (NSS_DBM_FILES + NSS_SQL_FILES):
absname = os.path.join(dirname, filename)
if os.path.isfile(absname):
os.chmod(absname, 0o640)
os.chown(absname, 0, pent.pw_gid)
def get_mod_nss_nickname(self):
cert = installutils.get_directive(paths.HTTPD_NSS_CONF, 'NSSNickname')
nickname = installutils.unquote_directive_value(cert, quote_char="'")
return nickname