def store_rhnCryptoKey(description, caCert, verbosity=0):
""" stores CA cert in rhnCryptoKey
uses:
_checkCertMatch_rhnCryptoKey
_delete_rhnCryptoKey - not currently used
_insertPrep_rhnCryptoKey
_lobUpdate_rhnCryptoKey
"""
org_ids = get_all_orgs()
for org_id in org_ids:
org_id = org_id['id']
try:
# look for a cert match in the database
rhn_cryptokey_id = _checkCertMatch_rhnCryptoKey(
caCert,
description,
org_id,
deleteRowYN=1,
verbosity=verbosity)
if rhn_cryptokey_id is None:
# nothing to do - cert matches
continue
# insert into the database
if rhn_cryptokey_id == -1:
rhn_cryptokey_id = _insertPrep_rhnCryptoKey(
rhn_cryptokey_id, description, org_id)
# write/update
_lobUpdate_rhnCryptoKey(rhn_cryptokey_id, caCert)
rhnSQL.commit()
except rhnSQL.sql_base.SQLError:
raise CaCertInsertionError(
"...the traceback: %s" %
fetchTraceback()), None, sys.exc_info()[2]
def store_rhnCryptoKey(description, cert, org_id, verbosity=0):
""" stores cert in rhnCryptoKey
uses:
_checkCertMatch_rhnCryptoKey
_delete_rhnCryptoKey - not currently used
_insertPrep_rhnCryptoKey
_lobUpdate_rhnCryptoKey
"""
try:
# look for a cert match in the database
rhn_cryptokey_id = _checkCertMatch_rhnCryptoKey(cert,
description,
org_id,
deleteRowYN=1,
verbosity=verbosity)
if rhn_cryptokey_id is None:
# nothing to do - cert matches
return
# insert into the database
if rhn_cryptokey_id == -1:
rhn_cryptokey_id = _insertPrep_rhnCryptoKey(
rhn_cryptokey_id, description, org_id)
# write/update
_lobUpdate_rhnCryptoKey(rhn_cryptokey_id, cert)
rhnSQL.commit()
except rhnSQL.sql_base.SQLError:
raise_with_tb(
CaCertInsertionError("...the traceback: %s" % fetchTraceback()),
sys.exc_info()[2])
def store_rhnCryptoKey(description, caCert, verbosity=0):
""" stores CA cert in rhnCryptoKey
uses:
_checkCertMatch_rhnCryptoKey
_delete_rhnCryptoKey - not currently used
_insertPrep_rhnCryptoKey
_lobUpdate_rhnCryptoKey
"""
org_ids = get_all_orgs()
for org_id in org_ids:
org_id = org_id['id']
try:
## look for a cert match in the database
rhn_cryptokey_id = _checkCertMatch_rhnCryptoKey(caCert, description,
org_id, deleteRowYN=1,
verbosity=verbosity)
if rhn_cryptokey_id is None:
# nothing to do - cert matches
continue
## insert into the database
if rhn_cryptokey_id == -1:
rhn_cryptokey_id = _insertPrep_rhnCryptoKey(rhn_cryptokey_id,
description, org_id)
## write/update
_lobUpdate_rhnCryptoKey(rhn_cryptokey_id, caCert)
rhnSQL.commit()
except rhnSQL.sql_base.SQLError:
raise CaCertInsertionError(
"...the traceback: %s" % fetchTraceback()), None, sys.exc_info()[2]
def processCommandline():
options = [
Option('--ca-cert', action='store', default=DEFAULT_TRUSTED_CERT, type="string", help='public CA certificate, default is %s' % DEFAULT_TRUSTED_CERT),
Option('--label', action='store', default='RHN-ORG-TRUSTED-SSL-CERT', type="string", help='FOR TESTING ONLY - alternative database label for this CA certificate, default is "RHN-ORG-TRUSTED-SSL-CERT"'),
Option('-v','--verbose', action='count', help='be verbose (accumulable: -vvv means "be *really* verbose").'),
]
values, args = OptionParser(option_list=options).parse_args()
# we take no extra commandline arguments that are not linked to an option
if args:
msg = ("ERROR: these arguments make no sense in this context (try "
"--help): %s\n" % repr(args))
raise ValueError(msg)
if not os.path.exists(values.ca_cert):
sys.stderr.write("ERROR: can't find CA certificate at this location: "
"%s\n" % values.ca_cert)
sys.exit(10)
try:
rhnSQL.initDB()
except:
sys.stderr.write("""\
ERROR: there was a problem trying to initialize the database:
%s\n""" % rhnTB.fetchTraceback())
sys.exit(11)
if values.verbose:
print 'Public CA SSL certificate: %s' % values.ca_cert
return values
def store_rhnCryptoKey(description, cert, org_id, verbosity=0):
""" stores cert in rhnCryptoKey
uses:
_checkCertMatch_rhnCryptoKey
_delete_rhnCryptoKey - not currently used
_insertPrep_rhnCryptoKey
_lobUpdate_rhnCryptoKey
"""
try:
# look for a cert match in the database
rhn_cryptokey_id = _checkCertMatch_rhnCryptoKey(cert, description,
org_id, deleteRowYN=1,
verbosity=verbosity)
if rhn_cryptokey_id is None:
# nothing to do - cert matches
return
# insert into the database
if rhn_cryptokey_id == -1:
rhn_cryptokey_id = _insertPrep_rhnCryptoKey(rhn_cryptokey_id,
description, org_id)
# write/update
_lobUpdate_rhnCryptoKey(rhn_cryptokey_id, cert)
rhnSQL.commit()
except rhnSQL.sql_base.SQLError:
raise_with_tb(CaCertInsertionError(
"...the traceback: %s" % fetchTraceback()), sys.exc_info()[2])
def processCommandline():
options = [
Option('--ca-cert',
action='store',
default=DEFAULT_TRUSTED_CERT,
type="string",
help='public CA certificate, default is %s' %
DEFAULT_TRUSTED_CERT),
Option(
'--label',
action='store',
default='RHN-ORG-TRUSTED-SSL-CERT',
type="string",
help=
'FOR TESTING ONLY - alternative database label for this CA certificate, '
+ 'default is "RHN-ORG-TRUSTED-SSL-CERT"'),
Option(
'-v',
'--verbose',
action='count',
help='be verbose (accumulable: -vvv means "be *really* verbose").'
),
]
values, args = OptionParser(option_list=options).parse_args()
# we take no extra commandline arguments that are not linked to an option
if args:
msg = ("ERROR: these arguments make no sense in this context (try "
"--help): %s\n" % repr(args))
raise ValueError(msg)
if not os.path.exists(values.ca_cert):
sys.stderr.write("ERROR: can't find CA certificate at this location: "
"%s\n" % values.ca_cert)
sys.exit(10)
# pylint: disable=W0703
try:
rhnSQL.initDB()
except Exception:
sys.stderr.write("""\
ERROR: there was a problem trying to initialize the database:
%s\n""" % rhnTB.fetchTraceback())
sys.exit(11)
if values.verbose:
print(('Public CA SSL certificate: %s' % values.ca_cert))
return values
def main():
""" main routine
10 CA certificate not found
11 DB initialization failure
12 no Organization ID. Something very bad is going on.
13 Couldn't insert the certificate for whatever reason.
"""
values = processCommandline()
def writeError(e):
sys.stderr.write('\nERROR: %s\n' % e)
try:
satCerts.store_rhnCryptoKey(values.label, values.ca_cert, verbosity=values.verbose)
except satCerts.NoOrgIdError:
writeError("no organization ID!?!\n\n%s\n" % rhnTB.fetchTraceback())
sys.exit(12)
except satCerts.CaCertInsertionError:
writeError("no organization ID!?!\n\n%s\n" % rhnTB.fetchTraceback())
sys.exit(13)
return 0
def main():
""" main routine
10 CA certificate not found
11 DB initialization failure
13 Couldn't insert the certificate for whatever reason.
"""
values = processCommandline()
def writeError(e):
sys.stderr.write('\nERROR: %s\n' % e)
try:
satCerts.store_CaCert(values.label, values.ca_cert, verbosity=values.verbose)
except satCerts.CaCertInsertionError:
writeError("Cannot insert certificate into DB!\n\n%s\n" % rhnTB.fetchTraceback())
sys.exit(13)
return 0
+
'located here /etc/sysconfig/rhn/satellite-upgrade/README (as part of the rhn-upgrade package). '
+
'WARNING: If you want to skip this check, please use --ignore-version-mismatch, '
+
'but doing so may cause issues (including malfunction of the Satellite software). '
+
'Only skip the test if instructed to do so by a support technician.'
), None, sys.exc_info()[2]
except satCerts.NoFreeEntitlementsError, e:
sys.stderr.write(e.message + '\n')
sys.exit(1)
except Exception:
raise RHNCertLocalActivationException(
'RHN Entitlement Certificate failed to validate: \n'
'%s' % rhnTB.fetchTraceback()), None, sys.exc_info()[2]
return 0
def localUpdateChannels():
cert = open(DEFAULT_RHN_CERT_LOCATION).read()
sat_cert = satellite_cert.SatelliteCert()
sat_cert.load(cert)
sync_handlers.populate_channel_family_permissions(sat_cert)
sync_handlers.purge_extra_channel_families()
sync_handlers.update_channel_family_counts()
'mismatching generation.'), None, sys.exc_info()[2]
except satCerts.CertVersionMismatchError, e:
raise RHNCertLocalActivationException(
'RHN Entitlement Certificate cannot be imported - ' + str(e)
+ '\nIf you are trying to upgrade the Satellite server, please see the upgrade documentation '
+ 'located here /etc/sysconfig/rhn/satellite-upgrade/README (as part of the rhn-upgrade package). '
+ 'WARNING: If you want to skip this check, please use --ignore-version-mismatch, '
+ 'but doing so may cause issues (including malfunction of the Satellite software). '
+ 'Only skip the test if instructed to do so by a support technician.'), None, sys.exc_info()[2]
except satCerts.NoFreeEntitlementsError, e:
sys.stderr.write(e.message + '\n')
sys.exit(1)
except Exception:
raise RHNCertLocalActivationException(
'RHN Entitlement Certificate failed to validate: \n'
'%s' % rhnTB.fetchTraceback()), None, sys.exc_info()[2]
return 0
def localUpdateChannels():
cert = open(DEFAULT_RHN_CERT_LOCATION).read()
sat_cert = satellite_cert.SatelliteCert()
sat_cert.load(cert)
sync_handlers.populate_channel_family_permissions(sat_cert)
sync_handlers.purge_extra_channel_families()
sync_handlers.update_channel_family_counts()
""" main routine
10 CA certificate not found
11 DB initialization failure
12 no Organization ID. Something very bad is going on.
13 Couldn't insert the certificate for whatever reason.
"""
values = processCommandline()
def writeError(e):
sys.stderr.write('\nERROR: %s\n' % e)
try:
satCerts.store_rhnCryptoKey(values.label, values.ca_cert, verbosity=values.verbose)
except satCerts.NoOrgIdError, e:
writeError("no organization ID!?!\n\n%s\n" % rhnTB.fetchTraceback())
sys.exit(12)
except satCerts.CaCertInsertionError, e:
writeError("no organization ID!?!\n\n%s\n" % rhnTB.fetchTraceback())
sys.exit(13)
return 0
#-------------------------------------------------------------------------------
if __name__ == "__main__":
sys.stderr.write('\nWARNING: intended to be wrapped by another executable\n'
' calling program.\n')
sys.exit(main() or 0)
#===============================================================================
11 DB initialization failure
12 no Organization ID. Something very bad is going on.
13 Couldn't insert the certificate for whatever reason.
"""
values = processCommandline()
def writeError(e):
sys.stderr.write('\nERROR: %s\n' % e)
try:
satCerts.store_rhnCryptoKey(values.label,
values.ca_cert,
verbosity=values.verbose)
except satCerts.NoOrgIdError, e:
writeError("no organization ID!?!\n\n%s\n" % rhnTB.fetchTraceback())
sys.exit(12)
except satCerts.CaCertInsertionError, e:
writeError("no organization ID!?!\n\n%s\n" % rhnTB.fetchTraceback())
sys.exit(13)
return 0
#-------------------------------------------------------------------------------
if __name__ == "__main__":
sys.stderr.write(
'\nWARNING: intended to be wrapped by another executable\n'
' calling program.\n')
sys.exit(main() or 0)
#===============================================================================
)
except satCerts.CertVersionMismatchError, e:
raise RHNCertLocalActivationException(
"RHN Entitlement Certificate cannot be imported - "
+ str(e)
+ "\nIf you are trying to upgrade the Satellite server, please see the upgrade documentation "
+ "located here /etc/sysconfig/rhn/satellite-upgrade/README (as part of the rhn-upgrade package). "
+ "WARNING: If you want to skip this check, please use --ignore-version-mismatch, but doing so may cause issues "
+ "(including malfunction of the Satellite software). Only skip the test if instructed to do so by a support technician."
)
except satCerts.NoFreeEntitlementsError, e:
sys.stderr.write(e.message + "\n")
sys.exit(1)
except Exception:
raise RHNCertLocalActivationException(
"RHN Entitlement Certificate failed to validate: \n" "%s" % rhnTB.fetchTraceback()
)
return 0
def localUpdateChannels():
cert = open(DEFAULT_RHN_CERT_LOCATION).read()
sat_cert = satellite_cert.SatelliteCert()
sat_cert.load(cert)
sync_handlers.populate_channel_family_permissions(sat_cert)
sync_handlers.purge_extra_channel_families()
sync_handlers.update_channel_family_counts()
