def store_rhnCryptoKey(description, caCert, verbosity=0): """ stores CA cert in rhnCryptoKey uses: _checkCertMatch_rhnCryptoKey _delete_rhnCryptoKey - not currently used _insertPrep_rhnCryptoKey _lobUpdate_rhnCryptoKey """ org_ids = get_all_orgs() for org_id in org_ids: org_id = org_id['id'] try: # look for a cert match in the database rhn_cryptokey_id = _checkCertMatch_rhnCryptoKey( caCert, description, org_id, deleteRowYN=1, verbosity=verbosity) if rhn_cryptokey_id is None: # nothing to do - cert matches continue # insert into the database if rhn_cryptokey_id == -1: rhn_cryptokey_id = _insertPrep_rhnCryptoKey( rhn_cryptokey_id, description, org_id) # write/update _lobUpdate_rhnCryptoKey(rhn_cryptokey_id, caCert) rhnSQL.commit() except rhnSQL.sql_base.SQLError: raise CaCertInsertionError( "...the traceback: %s" % fetchTraceback()), None, sys.exc_info()[2]
def store_rhnCryptoKey(description, cert, org_id, verbosity=0): """ stores cert in rhnCryptoKey uses: _checkCertMatch_rhnCryptoKey _delete_rhnCryptoKey - not currently used _insertPrep_rhnCryptoKey _lobUpdate_rhnCryptoKey """ try: # look for a cert match in the database rhn_cryptokey_id = _checkCertMatch_rhnCryptoKey(cert, description, org_id, deleteRowYN=1, verbosity=verbosity) if rhn_cryptokey_id is None: # nothing to do - cert matches return # insert into the database if rhn_cryptokey_id == -1: rhn_cryptokey_id = _insertPrep_rhnCryptoKey( rhn_cryptokey_id, description, org_id) # write/update _lobUpdate_rhnCryptoKey(rhn_cryptokey_id, cert) rhnSQL.commit() except rhnSQL.sql_base.SQLError: raise_with_tb( CaCertInsertionError("...the traceback: %s" % fetchTraceback()), sys.exc_info()[2])
def store_rhnCryptoKey(description, caCert, verbosity=0): """ stores CA cert in rhnCryptoKey uses: _checkCertMatch_rhnCryptoKey _delete_rhnCryptoKey - not currently used _insertPrep_rhnCryptoKey _lobUpdate_rhnCryptoKey """ org_ids = get_all_orgs() for org_id in org_ids: org_id = org_id['id'] try: ## look for a cert match in the database rhn_cryptokey_id = _checkCertMatch_rhnCryptoKey(caCert, description, org_id, deleteRowYN=1, verbosity=verbosity) if rhn_cryptokey_id is None: # nothing to do - cert matches continue ## insert into the database if rhn_cryptokey_id == -1: rhn_cryptokey_id = _insertPrep_rhnCryptoKey(rhn_cryptokey_id, description, org_id) ## write/update _lobUpdate_rhnCryptoKey(rhn_cryptokey_id, caCert) rhnSQL.commit() except rhnSQL.sql_base.SQLError: raise CaCertInsertionError( "...the traceback: %s" % fetchTraceback()), None, sys.exc_info()[2]
def processCommandline(): options = [ Option('--ca-cert', action='store', default=DEFAULT_TRUSTED_CERT, type="string", help='public CA certificate, default is %s' % DEFAULT_TRUSTED_CERT), Option('--label', action='store', default='RHN-ORG-TRUSTED-SSL-CERT', type="string", help='FOR TESTING ONLY - alternative database label for this CA certificate, default is "RHN-ORG-TRUSTED-SSL-CERT"'), Option('-v','--verbose', action='count', help='be verbose (accumulable: -vvv means "be *really* verbose").'), ] values, args = OptionParser(option_list=options).parse_args() # we take no extra commandline arguments that are not linked to an option if args: msg = ("ERROR: these arguments make no sense in this context (try " "--help): %s\n" % repr(args)) raise ValueError(msg) if not os.path.exists(values.ca_cert): sys.stderr.write("ERROR: can't find CA certificate at this location: " "%s\n" % values.ca_cert) sys.exit(10) try: rhnSQL.initDB() except: sys.stderr.write("""\ ERROR: there was a problem trying to initialize the database: %s\n""" % rhnTB.fetchTraceback()) sys.exit(11) if values.verbose: print 'Public CA SSL certificate: %s' % values.ca_cert return values
def store_rhnCryptoKey(description, cert, org_id, verbosity=0): """ stores cert in rhnCryptoKey uses: _checkCertMatch_rhnCryptoKey _delete_rhnCryptoKey - not currently used _insertPrep_rhnCryptoKey _lobUpdate_rhnCryptoKey """ try: # look for a cert match in the database rhn_cryptokey_id = _checkCertMatch_rhnCryptoKey(cert, description, org_id, deleteRowYN=1, verbosity=verbosity) if rhn_cryptokey_id is None: # nothing to do - cert matches return # insert into the database if rhn_cryptokey_id == -1: rhn_cryptokey_id = _insertPrep_rhnCryptoKey(rhn_cryptokey_id, description, org_id) # write/update _lobUpdate_rhnCryptoKey(rhn_cryptokey_id, cert) rhnSQL.commit() except rhnSQL.sql_base.SQLError: raise_with_tb(CaCertInsertionError( "...the traceback: %s" % fetchTraceback()), sys.exc_info()[2])
def processCommandline(): options = [ Option('--ca-cert', action='store', default=DEFAULT_TRUSTED_CERT, type="string", help='public CA certificate, default is %s' % DEFAULT_TRUSTED_CERT), Option( '--label', action='store', default='RHN-ORG-TRUSTED-SSL-CERT', type="string", help= 'FOR TESTING ONLY - alternative database label for this CA certificate, ' + 'default is "RHN-ORG-TRUSTED-SSL-CERT"'), Option( '-v', '--verbose', action='count', help='be verbose (accumulable: -vvv means "be *really* verbose").' ), ] values, args = OptionParser(option_list=options).parse_args() # we take no extra commandline arguments that are not linked to an option if args: msg = ("ERROR: these arguments make no sense in this context (try " "--help): %s\n" % repr(args)) raise ValueError(msg) if not os.path.exists(values.ca_cert): sys.stderr.write("ERROR: can't find CA certificate at this location: " "%s\n" % values.ca_cert) sys.exit(10) # pylint: disable=W0703 try: rhnSQL.initDB() except Exception: sys.stderr.write("""\ ERROR: there was a problem trying to initialize the database: %s\n""" % rhnTB.fetchTraceback()) sys.exit(11) if values.verbose: print(('Public CA SSL certificate: %s' % values.ca_cert)) return values
def main(): """ main routine 10 CA certificate not found 11 DB initialization failure 12 no Organization ID. Something very bad is going on. 13 Couldn't insert the certificate for whatever reason. """ values = processCommandline() def writeError(e): sys.stderr.write('\nERROR: %s\n' % e) try: satCerts.store_rhnCryptoKey(values.label, values.ca_cert, verbosity=values.verbose) except satCerts.NoOrgIdError: writeError("no organization ID!?!\n\n%s\n" % rhnTB.fetchTraceback()) sys.exit(12) except satCerts.CaCertInsertionError: writeError("no organization ID!?!\n\n%s\n" % rhnTB.fetchTraceback()) sys.exit(13) return 0
def main(): """ main routine 10 CA certificate not found 11 DB initialization failure 13 Couldn't insert the certificate for whatever reason. """ values = processCommandline() def writeError(e): sys.stderr.write('\nERROR: %s\n' % e) try: satCerts.store_CaCert(values.label, values.ca_cert, verbosity=values.verbose) except satCerts.CaCertInsertionError: writeError("Cannot insert certificate into DB!\n\n%s\n" % rhnTB.fetchTraceback()) sys.exit(13) return 0
+ 'located here /etc/sysconfig/rhn/satellite-upgrade/README (as part of the rhn-upgrade package). ' + 'WARNING: If you want to skip this check, please use --ignore-version-mismatch, ' + 'but doing so may cause issues (including malfunction of the Satellite software). ' + 'Only skip the test if instructed to do so by a support technician.' ), None, sys.exc_info()[2] except satCerts.NoFreeEntitlementsError, e: sys.stderr.write(e.message + '\n') sys.exit(1) except Exception: raise RHNCertLocalActivationException( 'RHN Entitlement Certificate failed to validate: \n' '%s' % rhnTB.fetchTraceback()), None, sys.exc_info()[2] return 0 def localUpdateChannels(): cert = open(DEFAULT_RHN_CERT_LOCATION).read() sat_cert = satellite_cert.SatelliteCert() sat_cert.load(cert) sync_handlers.populate_channel_family_permissions(sat_cert) sync_handlers.purge_extra_channel_families() sync_handlers.update_channel_family_counts()
'mismatching generation.'), None, sys.exc_info()[2] except satCerts.CertVersionMismatchError, e: raise RHNCertLocalActivationException( 'RHN Entitlement Certificate cannot be imported - ' + str(e) + '\nIf you are trying to upgrade the Satellite server, please see the upgrade documentation ' + 'located here /etc/sysconfig/rhn/satellite-upgrade/README (as part of the rhn-upgrade package). ' + 'WARNING: If you want to skip this check, please use --ignore-version-mismatch, ' + 'but doing so may cause issues (including malfunction of the Satellite software). ' + 'Only skip the test if instructed to do so by a support technician.'), None, sys.exc_info()[2] except satCerts.NoFreeEntitlementsError, e: sys.stderr.write(e.message + '\n') sys.exit(1) except Exception: raise RHNCertLocalActivationException( 'RHN Entitlement Certificate failed to validate: \n' '%s' % rhnTB.fetchTraceback()), None, sys.exc_info()[2] return 0 def localUpdateChannels(): cert = open(DEFAULT_RHN_CERT_LOCATION).read() sat_cert = satellite_cert.SatelliteCert() sat_cert.load(cert) sync_handlers.populate_channel_family_permissions(sat_cert) sync_handlers.purge_extra_channel_families() sync_handlers.update_channel_family_counts()
""" main routine 10 CA certificate not found 11 DB initialization failure 12 no Organization ID. Something very bad is going on. 13 Couldn't insert the certificate for whatever reason. """ values = processCommandline() def writeError(e): sys.stderr.write('\nERROR: %s\n' % e) try: satCerts.store_rhnCryptoKey(values.label, values.ca_cert, verbosity=values.verbose) except satCerts.NoOrgIdError, e: writeError("no organization ID!?!\n\n%s\n" % rhnTB.fetchTraceback()) sys.exit(12) except satCerts.CaCertInsertionError, e: writeError("no organization ID!?!\n\n%s\n" % rhnTB.fetchTraceback()) sys.exit(13) return 0 #------------------------------------------------------------------------------- if __name__ == "__main__": sys.stderr.write('\nWARNING: intended to be wrapped by another executable\n' ' calling program.\n') sys.exit(main() or 0) #===============================================================================
11 DB initialization failure 12 no Organization ID. Something very bad is going on. 13 Couldn't insert the certificate for whatever reason. """ values = processCommandline() def writeError(e): sys.stderr.write('\nERROR: %s\n' % e) try: satCerts.store_rhnCryptoKey(values.label, values.ca_cert, verbosity=values.verbose) except satCerts.NoOrgIdError, e: writeError("no organization ID!?!\n\n%s\n" % rhnTB.fetchTraceback()) sys.exit(12) except satCerts.CaCertInsertionError, e: writeError("no organization ID!?!\n\n%s\n" % rhnTB.fetchTraceback()) sys.exit(13) return 0 #------------------------------------------------------------------------------- if __name__ == "__main__": sys.stderr.write( '\nWARNING: intended to be wrapped by another executable\n' ' calling program.\n') sys.exit(main() or 0) #===============================================================================
) except satCerts.CertVersionMismatchError, e: raise RHNCertLocalActivationException( "RHN Entitlement Certificate cannot be imported - " + str(e) + "\nIf you are trying to upgrade the Satellite server, please see the upgrade documentation " + "located here /etc/sysconfig/rhn/satellite-upgrade/README (as part of the rhn-upgrade package). " + "WARNING: If you want to skip this check, please use --ignore-version-mismatch, but doing so may cause issues " + "(including malfunction of the Satellite software). Only skip the test if instructed to do so by a support technician." ) except satCerts.NoFreeEntitlementsError, e: sys.stderr.write(e.message + "\n") sys.exit(1) except Exception: raise RHNCertLocalActivationException( "RHN Entitlement Certificate failed to validate: \n" "%s" % rhnTB.fetchTraceback() ) return 0 def localUpdateChannels(): cert = open(DEFAULT_RHN_CERT_LOCATION).read() sat_cert = satellite_cert.SatelliteCert() sat_cert.load(cert) sync_handlers.populate_channel_family_permissions(sat_cert) sync_handlers.purge_extra_channel_families() sync_handlers.update_channel_family_counts()