def execute(self, argv): try: opts, args = getopt.gnu_getopt(argv, 'i:v', [ 'tomcat=', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.print_help() sys.exit(1) tomcat_version = None for o, a in opts: if o == '--tomcat': tomcat_version = pki.util.Version(a) elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--help': self.print_help() sys.exit() else: logger.error('Unknown option: %s', o) self.print_help() sys.exit(1) if len(args) != 1: logger.error('Missing instance ID') self.print_help() sys.exit(1) instance_name = args[0] if not tomcat_version: tomcat_version = pki.server.Tomcat.get_version() logger.info('Migrating to Tomcat %s', tomcat_version) module = self.get_top_module().find_module('migrate') instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logger.error('Invalid instance %s.', instance_name) sys.exit(1) instance.load() module.migrate( # pylint: disable=no-member,maybe-no-member instance, tomcat_version) self.print_message('%s instance migrated' % instance_name)
def execute(self, argv): try: opts, args = getopt.gnu_getopt( argv, 'i:v', ['instance=', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: print('ERROR: %s' % e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o == '--help': self.print_help() sys.exit() else: print('ERROR: Unknown option: %s' % o) self.print_help() sys.exit(1) if len(args) < 1: raise Exception('Missing connector ID') connector_name = args[0] instance = pki.server.instance.PKIServerFactory.create(instance_name) if not instance.is_valid(): print('ERROR: Invalid instance: %s' % instance_name) sys.exit(1) instance.load() server_config = instance.get_server_config() connector = server_config.get_connector(connector_name) sslhosts = server_config.get_sslhosts(connector) self.print_message('%s entries matched' % len(sslhosts)) first = True for sslhost in sslhosts: if first: first = False else: print() SSLHostCLI.print_sslhost(sslhost)
def execute(self, argv): try: opts, args = getopt.gnu_getopt( argv, 'i:v', ['instance=', 'tomcat=', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.print_help() sys.exit(1) instance_name = None tomcat_version = None for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--tomcat': tomcat_version = pki.util.Version(a) elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--help': self.print_help() sys.exit() else: logger.error('Unknown option: %s', o) self.print_help() sys.exit(1) if not tomcat_version: tomcat_version = pki.server.Tomcat.get_version() if len(args) > 0: instance_name = args[0] if instance_name: instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logger.error('Invalid instance %s.', instance_name) sys.exit(1) instance.load() self.migrate(instance, tomcat_version) else: instances = pki.server.instance.PKIInstance.instances() for instance in instances: self.migrate(instance, tomcat_version)
def execute(self, argv): try: opts, _ = getopt.gnu_getopt( argv, 'i:v', ['instance=', 'as-current-user', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' as_current_user = False verbose = False debug = False for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--as-current-user': as_current_user = True elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) verbose = True elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) debug = True elif o == '--help': self.print_help() sys.exit() else: logger.error('Invalid option: %s', o) self.print_help() sys.exit(1) instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logger.error('Invalid instance: %s', instance_name) sys.exit(1) instance.load() # upgrade all subsystems for subsystem in instance.subsystems: cmd = [subsystem.name + '-db-upgrade'] if verbose: cmd.append('--verbose') elif debug: cmd.append('--debug') subsystem.run(cmd, as_current_user=as_current_user)
def execute(self, argv): try: opts, _ = getopt.gnu_getopt(argv, 'i:v', [ 'instance=', 'nickname=', 'token=', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' nickname = None token = pki.nssdb.INTERNAL_TOKEN_NAME for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--nickname': nickname = a elif o == '--token': token = a elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--help': self.print_help() sys.exit() else: logger.error('Unknown option: %s', o) self.print_help() sys.exit(1) if not nickname: logger.error('Missing nickname') self.print_help() sys.exit(1) instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logger.error('Invalid instance %s.', instance_name) sys.exit(1) instance.load() self.remove_cert(instance, nickname, token) instance.delete_external_cert(nickname, token) self.print_message('Certificate removed from instance %s.' % instance_name)
def execute(self, argv): try: opts, _ = getopt.gnu_getopt(argv, 'i:v', [ 'instance=', 'force', 'as-current-user', 'verbose', 'debug', 'help' ]) except getopt.GetoptError as e: logger.error(e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' subsystem_name = self.parent.parent.name force = False as_current_user = False for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--force': force = True elif o == '--as-current-user': as_current_user = True elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o == '--help': self.print_help() sys.exit() else: logger.error('Invalid option: %s', o) self.print_help() sys.exit(1) instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logger.error('Invalid instance: %s', instance_name) sys.exit(1) instance.load() subsystem = instance.get_subsystem(subsystem_name) if not subsystem: logger.error('No %s subsystem in instance %s', subsystem_name.upper(), instance_name) sys.exit(1) subsystem.remove_database(force=force, as_current_user=as_current_user)
def execute(self, argv): try: opts, args = getopt.gnu_getopt(argv, 'i:v', ['instance=', 'verbose', 'help']) except getopt.GetoptError as e: logging.error(e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--help': self.print_help() sys.exit() else: logging.error('Unknown option: %s', o) self.print_help() sys.exit(1) if len(args) < 1: logging.error('Missing %s configuration parameter name', self.parent.parent.name.upper()) self.print_help() sys.exit(1) if len(args) < 2: logging.error('Missing %s configuration parameter value', self.parent.parent.name.upper()) self.print_help() sys.exit(1) name = args[0] value = args[1] instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logging.error('Invalid instance: %s', instance_name) sys.exit(1) instance.load() subsystem_name = self.parent.parent.name subsystem = instance.get_subsystem(subsystem_name) if not subsystem: logging.error('No such subsystem: %s', subsystem_name.upper()) sys.exit(1) subsystem.config[name] = value subsystem.save()
def execute(self, argv): try: opts, args = getopt.gnu_getopt( argv, 'i:v', ['instance=', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: print('ERROR: %s' % e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o == '--help': self.print_help() sys.exit() else: print('ERROR: Unknown option: %s' % o) self.print_help() sys.exit(1) if len(args) < 1: raise Exception('Missing connector ID') connector_name = args[0] if len(args) < 2: raise Exception('Missing hostname') hostname = args[1] instance = pki.server.instance.PKIServerFactory.create(instance_name) if not instance.is_valid(): print('ERROR: Invalid instance: %s' % instance_name) sys.exit(1) instance.load() server_config = instance.get_server_config() connector = server_config.get_connector(connector_name) server_config.remove_sslhost(connector, hostname) server_config.save()
def execute(self, argv): try: opts, _ = getopt.gnu_getopt(argv, 'i:d:v', [ 'instance=', 'password='******'password-file=', 'force', 'verbose', 'debug', 'help' ]) except getopt.GetoptError as e: print('ERROR: %s' % e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' force = False for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--force': force = True elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o == '--help': self.print_help() sys.exit() else: print('ERROR: unknown option: %s' % o) self.print_help() sys.exit(1) instance = pki.server.instance.PKIServerFactory.create(instance_name) if not instance.is_valid(): raise Exception('Invalid instance: %s' % instance_name) if not force: value = pki.util.read_text('Are you sure (Yes/No)', options=['Y', 'N'], default='N', delimiter='?', case_sensitive=False).lower() if value != 'y': return instance.remove_nssdb(force=force)
def execute(self, argv): try: opts, args = getopt.gnu_getopt( argv, 'i:v', ['instance=', 'password='******'verbose', 'debug', 'help']) except getopt.GetoptError as e: print('ERROR: %s' % e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' password = None for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--password': password = a elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o == '--help': self.print_help() sys.exit() else: print('ERROR: Unknown option: %s' % o) self.print_help() sys.exit(1) if len(args) < 1: raise Exception('Missing password ID') name = args[0] instance = pki.server.instance.PKIServerFactory.create(instance_name) if not instance.is_valid(): raise Exception('Invalid instance: %s' % instance_name) instance.load() if name in instance.passwords: raise Exception('Password already exists: %s' % name) instance.passwords[name] = password instance.store_passwords()
def execute(self, argv): try: opts, args = getopt.gnu_getopt( argv, 'i:v', ['instance=', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.usage() sys.exit(1) instance_name = 'pki-tomcat' for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--help': self.usage() sys.exit() else: logger.error('Unknown option: %s', o) self.usage() sys.exit(1) if len(args) != 1: logger.error('Missing subsystem ID') self.usage() sys.exit(1) subsystem_name = args[0] instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logger.error('Invalid instance %s.', instance_name) sys.exit(1) instance.load() subsystem = instance.get_subsystem(subsystem_name) if not subsystem: logger.error('ERROR: No %s subsystem in instance %s.', subsystem_name, instance_name) sys.exit(1) SubsystemCLI.print_subsystem(subsystem)
def execute(self, argv): try: opts, args = getopt.gnu_getopt(argv, 'i:v', [ 'instance=', 'descriptor=', 'doc-base=', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: print('ERROR: %s' % e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' descriptor = None doc_base = None for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--descriptor': descriptor = a elif o == '--doc-base': doc_base = a elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o == '--help': self.print_help() sys.exit() else: print('ERROR: Unknown option: %s' % o) self.print_help() sys.exit(1) if len(args) < 1: raise Exception('Missing Webapp ID') instance = pki.server.instance.PKIServerFactory.create(instance_name) webapp_id = args[0] if not instance.is_valid(): raise Exception('Invalid instance: %s' % instance_name) instance.deploy_webapp(webapp_id, descriptor, doc_base)
def execute(self, argv): try: opts, _ = getopt.gnu_getopt(argv, 'i:D:w:x:g:v', [ 'instance=', 'bind-dn=', 'bind-password='******'generate-ldif=', 'verbose', 'debug', 'help' ]) except getopt.GetoptError as e: logger.error(e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' bind_dn = None bind_password = None for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o in ('-D', '--bind-dn'): bind_dn = a elif o in ('-w', '--bind-password'): bind_password = a elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--help': self.print_help() sys.exit() else: logger.error('Unknown option: %s', o) self.print_help() sys.exit(1) instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logger.error('Invalid instance %s.', instance_name) sys.exit(1) instance.load() subsystem = instance.get_subsystem('tps') if not subsystem: logger.error('No TPS subsystem in instance %s.', instance_name) sys.exit(1) self.find_vlv(subsystem, bind_dn, bind_password)
def execute(self, argv): try: opts, _ = getopt.gnu_getopt( argv, 'i:v', ['instance=', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: print('ERROR: %s' % e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o == '--help': self.print_help() sys.exit() else: print('ERROR: unknown option: %s' % o) self.print_help() sys.exit(1) instance = pki.server.instance.PKIServerFactory.create(instance_name) if not instance.is_valid(): raise Exception('Invalid instance: %s' % instance_name) server_config = instance.get_server_config() first = True counter = 0 for listener in server_config.get_listeners(): if first: first = False else: print() counter += 1 listener_name = 'Listener%d' % counter ListenerCLI.print_listener(listener_name, listener)
def execute(self, argv): try: opts, args = getopt.gnu_getopt(argv, 'i:v', [ 'instance=', 'force', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.print_help() sys.exit(1) name = 'acme' instance_name = 'pki-tomcat' force = False for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--force': force = True elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o == '--help': self.print_help() sys.exit() else: logger.error('Unknown option: %s', o) self.print_help() sys.exit(1) if len(args) > 0: name = args[0] instance = pki.server.instance.PKIServerFactory.create(instance_name) if not instance.is_valid(): raise Exception('Invalid instance: %s' % instance_name) instance.load() acme_conf_dir = os.path.join(instance.conf_dir, name) logging.info('Removing %s', acme_conf_dir) pki.util.rmtree(acme_conf_dir, force=force)
def execute(self, argv): try: opts, args = getopt.gnu_getopt(argv, 'i:v', [ 'instance=', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.print_help() sys.exit(1) name = 'acme' instance_name = 'pki-tomcat' for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o == '--help': self.print_help() sys.exit() else: logger.error('Unknown option: %s', o) self.print_help() sys.exit(1) if len(args) > 0: name = args[0] instance = pki.server.instance.PKIServerFactory.create(instance_name) if not instance.is_valid(): raise Exception('Invalid instance: %s' % instance_name) instance.load() descriptor = os.path.join(pki.server.PKIServer.SHARE_DIR, 'acme/conf/Catalina/localhost/acme.xml') doc_base = os.path.join(pki.server.PKIServer.SHARE_DIR, 'acme/webapps/acme') logging.info('Deploying %s webapp', name) instance.deploy_webapp(name, descriptor, doc_base)
def execute(self, argv): try: opts, args = getopt.gnu_getopt(argv, 'i:v', [ 'instance=', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: print('ERROR: %s' % e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o == '--help': self.print_help() sys.exit() else: print('ERROR: Unknown option: %s' % o) self.print_help() sys.exit(1) if len(args) > 0: instance_name = args[0] instance = pki.server.instance.PKIServerFactory.create(instance_name) if not instance.is_valid(): raise Exception('Invalid instance: %s' % instance_name) webapps = instance.get_webapps() first = True for webapp in webapps: if first: first = False else: print() WebappCLI.print_webapp(webapp)
def execute(self, argv): try: opts, _ = getopt.gnu_getopt( argv, 'i:v', ['instance=', 'force', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: print('ERROR: %s' % e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o == '--help': self.print_help() sys.exit() else: print('ERROR: unknown option: %s' % o) self.print_help() sys.exit(1) instance = pki.server.instance.PKIServerFactory.create(instance_name) if not instance.is_valid(): raise Exception('Invalid instance: %s' % instance_name) instance.load() first = True for name in instance.passwords: if first: first = False else: print() PasswordCLI.print_password(name)
def execute(self, argv): try: opts, _ = getopt.gnu_getopt( argv, 'i:v', ['instance=', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.usage() sys.exit(1) instance_name = 'pki-tomcat' for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--help': self.usage() sys.exit() else: logger.error('Unknown option: %s', o) self.usage() sys.exit(1) instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logger.error('Invalid instance %s.', instance_name) sys.exit(1) instance.load() self.print_message('%s entries matched' % len(instance.subsystems)) first = True for subsystem in instance.subsystems: if first: first = False else: print() SubsystemCLI.print_subsystem(subsystem)
def execute(self, argv): try: opts, args = getopt.gnu_getopt(argv, 'i:v', [ 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.print_help() sys.exit(1) for o, _ in opts: if o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--help': self.print_help() sys.exit() else: logger.error('Unknown option: %s', o) self.print_help() sys.exit(1) if len(args) != 1: logger.error('Missing instance ID') self.print_help() sys.exit(1) instance_name = args[0] instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logger.error('Invalid instance %s.', instance_name) sys.exit(1) if not instance.is_active(): self.print_message('%s instance already stopped' % instance_name) return instance.load() instance.stop() self.print_message('%s instance stopped' % instance_name)
def execute(self, argv): try: opts, _ = getopt.gnu_getopt( argv, 'i:v', ['instance=', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: print('ERROR: %s' % e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o == '--help': self.print_help() sys.exit() else: print('ERROR: unknown option: %s' % o) self.print_help() sys.exit(1) instance = pki.server.instance.PKIServerFactory.create(instance_name) if not instance.is_valid(): print("ERROR: Invalid instance: %s" % instance_name) sys.exit(1) jss_config = instance.load_jss_config() jss_config['certdbDir'] = instance.nssdb_dir jss_config['passwordFile'] = instance.password_conf instance.store_jss_config(jss_config) server_config = instance.get_server_config() server_config.create_listener('org.dogtagpki.tomcat.JSSListener') server_config.save()
def execute(self, argv): try: opts, args = getopt.gnu_getopt(argv, 'i:v', [ 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.print_help() sys.exit(1) for o, _ in opts: if o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--help': self.print_help() sys.exit() else: logger.error('Unknown option: %s', o) self.print_help() sys.exit(1) if len(args) != 1: logger.error('Missing instance ID') self.print_help() sys.exit(1) instance_name = args[0] module = self.get_top_module().find_module('nuxwdog-disable') instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logger.error('Invalid instance %s.', instance_name) sys.exit(1) instance.load() module.disable_nuxwdog( instance) # pylint: disable=no-member,maybe-no-member self.print_message('Nuxwdog disabled for instance %s.' % instance_name)
def execute(self, argv): try: opts, _ = getopt.gnu_getopt( argv, 'i:v', ['instance=', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o == '--help': self.print_help() sys.exit() else: logger.error('Invalid option: %s', o) self.print_help() sys.exit(1) instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logger.error('Invalid instance: %s', instance_name) sys.exit(1) instance.load() subsystem_name = self.parent.parent.parent.name subsystem = instance.get_subsystem(subsystem_name) if not subsystem: logger.error('No %s subsystem in instance %s.', subsystem_name.upper(), instance_name) sys.exit(1) SubsystemDBCLI.print_config(subsystem)
def execute(self, argv): try: opts, _ = getopt.gnu_getopt( argv, 'i:v', ['instance=', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.usage() sys.exit(1) instance_name = 'pki-tomcat' for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--help': self.usage() sys.exit() else: logger.error('Unknown option: %s', o) self.usage() sys.exit(1) instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logger.error('Invalid instance %s.', instance_name) sys.exit(1) instance.load() if not instance.banner_installed(): logger.error('Banner is not installed') sys.exit(1) print(instance.get_banner())
def execute(self, argv): try: opts, _ = getopt.gnu_getopt(argv, 'i:v', ['instance=', 'verbose', 'help']) except getopt.GetoptError as e: logging.error(e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--help': self.print_help() sys.exit() else: logging.error('Unknown option: %s', o) self.print_help() sys.exit(1) instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logging.error('Invalid instance: %s', instance_name) sys.exit(1) instance.load() subsystem_name = self.parent.parent.name subsystem = instance.get_subsystem(subsystem_name) if not subsystem: logging.error('No such subsystem: %s', subsystem_name.upper()) sys.exit(1) for name, value in subsystem.config.items(): print('%s=%s' % (name, value))
def execute(self, argv): try: opts, _ = getopt.gnu_getopt(argv, 'i:v', [ 'instance=', 'cert-file=', 'trust-args=', 'nickname=', 'token=', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' cert_file = None trust_args = '\",,\"' nickname = None token = pki.nssdb.INTERNAL_TOKEN_NAME for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--cert-file': cert_file = a elif o == '--trust-args': trust_args = a elif o == '--nickname': nickname = a elif o == '--token': token = a elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--help': self.print_help() sys.exit() else: logger.error('Unknown option: %s', o) self.print_help() sys.exit(1) if not cert_file: logger.error('Missing input file containing certificate') self.print_help() sys.exit(1) if not nickname: logger.error('Missing nickname') self.print_help() sys.exit(1) instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logger.error('Invalid instance %s.', instance_name) sys.exit(1) instance.load() if instance.external_cert_exists(nickname, token): logger.error('Certificate already imported for instance %s.', instance_name) sys.exit(1) nicks = self.import_certs( instance, cert_file, nickname, token, trust_args) self.update_instance_config(instance, nicks, token) self.print_message('Certificate imported for instance %s.' % instance_name)
def execute(self, argv): try: opts, _ = getopt.gnu_getopt(argv, 'i:v', [ 'instance=', 'pkcs12-file=', 'pkcs12-password='******'pkcs12-password-file=', 'no-key', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.print_help() sys.exit(1) instance_name = 'pki-tomcat' pkcs12_file = None pkcs12_password = None no_key = False for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--pkcs12-file': pkcs12_file = a elif o == '--pkcs12-password': pkcs12_password = a.encode() elif o == '--pkcs12-password-file': with io.open(a, 'rb') as f: pkcs12_password = f.read() elif o == '--no-key': no_key = True elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--help': self.print_help() sys.exit() else: logger.error('Unknown option: %s', o) self.print_help() sys.exit(1) if not pkcs12_file: logger.error('Missing PKCS #12 file') self.print_help() sys.exit(1) if not pkcs12_password: logger.error('Missing PKCS #12 password') self.print_help() sys.exit(1) instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logger.error('Invalid instance %s.', instance_name) sys.exit(1) instance.load() subsystem = instance.get_subsystem('ocsp') if not subsystem: logger.error('No OCSP subsystem in instance %s.', instance_name) sys.exit(1) tmpdir = tempfile.mkdtemp() try: pkcs12_password_file = os.path.join(tmpdir, 'pkcs12_password.txt') with open(pkcs12_password_file, 'wb') as f: f.write(pkcs12_password) subsystem.export_system_cert( 'subsystem', pkcs12_file, pkcs12_password_file, no_key=no_key) subsystem.export_system_cert( 'signing', pkcs12_file, pkcs12_password_file, no_key=no_key, append=True) subsystem.export_system_cert( 'audit_signing', pkcs12_file, pkcs12_password_file, no_key=no_key, append=True) instance.export_external_certs( pkcs12_file, pkcs12_password_file, append=True) finally: shutil.rmtree(tmpdir)
def execute(self, argv): try: opts, args = getopt.gnu_getopt( argv, 'i:v', ['instance=', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.usage() sys.exit(1) instance_name = 'pki-tomcat' for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--help': self.usage() sys.exit() else: logger.error('Unknown option: %s', o) self.usage() sys.exit(1) if len(args) < 1: logger.error('Missing subsystem ID') self.usage() sys.exit(1) subsystem_name = args[0] if len(args) >= 2: cert_id = args[1] else: cert_id = None instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logger.error('Invalid instance %s.', instance_name) sys.exit(1) instance.load() subsystem = instance.get_subsystem(subsystem_name) if not subsystem: logger.error('No %s subsystem in instance %s.', subsystem_name, instance_name) sys.exit(1) if cert_id is not None: certs = [subsystem.get_subsystem_cert(cert_id)] else: certs = subsystem.find_system_certs() first = True certs_valid = True for cert in certs: if first: first = False else: print() certs_valid &= self.validate_certificate(instance, cert) if certs_valid: self.print_message("Validation succeeded") sys.exit(0) else: self.print_message("Validation failed") sys.exit(1)
def execute(self, argv): try: opts, args = getopt.gnu_getopt(argv, 'i:v', [ 'instance=', 'pkcs12-file=', 'pkcs12-password='******'pkcs12-password-file=', 'append', 'no-trust-flags', 'no-key', 'no-chain', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.print_help() sys.exit(1) nicknames = args instance_name = 'pki-tomcat' pkcs12_file = None pkcs12_password = None pkcs12_password_file = None append = False include_trust_flags = True include_key = True include_chain = True for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--pkcs12-file': pkcs12_file = a elif o == '--pkcs12-password': pkcs12_password = a elif o == '--pkcs12-password-file': pkcs12_password_file = a elif o == '--append': append = True elif o == '--no-trust-flags': include_trust_flags = False elif o == '--no-key': include_key = False elif o == '--no-chain': include_chain = False elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--help': self.print_help() sys.exit() else: logger.error('Unknown option: %s', o) self.print_help() sys.exit(1) if not pkcs12_file: logger.error('missing output file') self.print_help() sys.exit(1) instance = pki.server.instance.PKIInstance(instance_name) if not instance.is_valid(): logger.error('Invalid instance %s.', instance_name) sys.exit(1) instance.load() if not pkcs12_password and not pkcs12_password_file: pkcs12_password = getpass.getpass(prompt='Enter password for PKCS #12 file: ') nssdb = instance.open_nssdb() try: nssdb.export_pkcs12( pkcs12_file=pkcs12_file, pkcs12_password=pkcs12_password, pkcs12_password_file=pkcs12_password_file, nicknames=nicknames, append=append, include_trust_flags=include_trust_flags, include_key=include_key, include_chain=include_chain) finally: nssdb.close()
def execute(self, argv): try: opts, args = getopt.gnu_getopt(argv, 'i:v', [ 'instance=', 'database=', 'backend=', 'force', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: logger.error(e) self.print_help() sys.exit(1) name = 'acme' instance_name = 'pki-tomcat' force = False for o, a in opts: if o in ('-i', '--instance'): instance_name = a elif o == '--force': force = True elif o in ('-v', '--verbose'): logging.getLogger().setLevel(logging.INFO) elif o == '--debug': logging.getLogger().setLevel(logging.DEBUG) elif o == '--help': self.print_help() sys.exit() else: logger.error('Unknown option: %s', o) self.print_help() sys.exit(1) if len(args) > 0: name = args[0] instance = pki.server.instance.PKIServerFactory.create(instance_name) if not instance.is_valid(): raise Exception('Invalid instance: %s' % instance_name) instance.load() acme_conf_dir = os.path.join(instance.conf_dir, name) logging.info('Creating %s', acme_conf_dir) instance.makedirs(acme_conf_dir, force=force) acme_share_dir = os.path.join(pki.server.PKIServer.SHARE_DIR, 'acme') metadata_template = os.path.join(acme_share_dir, 'conf', 'metadata.json') metadata_conf = os.path.join(acme_conf_dir, 'metadata.json') logging.info('Creating %s', metadata_conf) instance.copy(metadata_template, metadata_conf, force=force) database_template = os.path.join(acme_share_dir, 'conf', 'database.json') database_conf = os.path.join(acme_conf_dir, 'database.json') logging.info('Creating %s', database_conf) instance.copy(database_template, database_conf, force=force) validators_template = os.path.join(acme_share_dir, 'conf', 'validators.json') validators_conf = os.path.join(acme_conf_dir, 'validators.json') logging.info('Creating %s', validators_conf) instance.copy(validators_template, validators_conf, force=force) backend_template = os.path.join(acme_share_dir, 'conf', 'backend.json') backend_conf = os.path.join(acme_conf_dir, 'backend.json') logging.info('Creating %s', backend_conf) instance.copy(backend_template, backend_conf, force=force)