Create: * kerberosauth.xpi * krb.js even when --http_pkcs12 option is used.
https://fedorahosted.org/freeipa/ticket/3747 -- Petr Vobornik
From 8a0f26fd473c39be255592ddc8f42100ea466d2b Mon Sep 17 00:00:00 2001 From: Petr Vobornik <[email protected]> Date: Tue, 25 Jun 2013 16:53:24 +0200 Subject: [PATCH] Create Firefox configuration extension on CA-less install Create: * kerberosauth.xpi * krb.js even when --http_pkcs12 option is used. https://fedorahosted.org/freeipa/ticket/3747 --- install/tools/ipa-replica-install | 28 +++++++++++++++------------- install/tools/ipa-server-install | 4 ++-- ipaserver/install/httpinstance.py | 22 +++++++++++++--------- ipaserver/install/ipa_replica_prepare.py | 5 +++-- 4 files changed, 33 insertions(+), 26 deletions(-) diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index 5b3a88f6a1b4d34aeb6d1a4acf07aa0b653b49ea..14b625a77e800cf1f9ef21050fae1a923036b2be 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -216,19 +216,21 @@ def install_http(config, auto_redirect): auto_redirect=auto_redirect, ca_file = config.dir + "/ca.crt") # Now copy the autoconfiguration files - if ipautil.file_exists(config.dir + "/preferences.html"): - try: - shutil.copy(config.dir + "/preferences.html", "/usr/share/ipa/html/preferences.html") - shutil.copy(config.dir + "/configure.jar", "/usr/share/ipa/html/configure.jar") - if ipautil.file_exists(config.dir + "/krb.js"): - shutil.copy( - config.dir + "/krb.js", "/usr/share/ipa/html/krb.js") - shutil.copy( - config.dir + "/kerberosauth.xpi", - "/usr/share/ipa/html/kerberosauth.xpi") - except Exception, e: - print "error copying files: " + str(e) - sys.exit(1) + try: + if ipautil.file_exists(config.dir + "/preferences.html"): + shutil.copy(config.dir + "/preferences.html", + "/usr/share/ipa/html/preferences.html") + if ipautil.file_exists(config.dir + "/configure.jar"): + shutil.copy(config.dir + "/configure.jar", + "/usr/share/ipa/html/configure.jar") + if ipautil.file_exists(config.dir + "/krb.js"): + shutil.copy(config.dir + "/krb.js", + "/usr/share/ipa/html/krb.js") + shutil.copy(config.dir + "/kerberosauth.xpi", + "/usr/share/ipa/html/kerberosauth.xpi") + except Exception, e: + print "error copying files: " + str(e) + sys.exit(1) http.setup_firefox_extension(config.realm_name, config.domain_name) diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index 9ddde5d7b7cc148477f20eb311b47b242506b653..cc88a0b1991bd467076038772dcac232a2d0b64b 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -1103,12 +1103,12 @@ def main(): http = httpinstance.HTTPInstance(fstore) if options.http_pkcs12: http.create_instance( - realm_name, host_name, domain_name, dm_password, autoconfig=False, + realm_name, host_name, domain_name, dm_password, pkcs12_info=http_pkcs12_info, subject_base=options.subject, auto_redirect=options.ui_redirect, ca_file=ca_file) else: http.create_instance( - realm_name, host_name, domain_name, dm_password, autoconfig=True, + realm_name, host_name, domain_name, dm_password, subject_base=options.subject, auto_redirect=options.ui_redirect) ipaservices.restore_context("/var/cache/ipa/sessions") diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py index 375016262a5bdfb6e7f823a4640c4c1fd8f7a9b8..9353304d58f009de02f14b4201b92edae11ce5e9 100644 --- a/ipaserver/install/httpinstance.py +++ b/ipaserver/install/httpinstance.py @@ -313,15 +313,19 @@ class HTTPInstance(service.Service): pwd = pwdfile.read() # Setup configure.jar - tmpdir = tempfile.mkdtemp(prefix="tmp-") - target_fname = '/usr/share/ipa/html/configure.jar' - shutil.copy("/usr/share/ipa/html/preferences.html", tmpdir) - db.run_signtool(["-k", "Signing-Cert", - "-Z", target_fname, - "-e", ".html", "-p", pwd, - tmpdir]) - shutil.rmtree(tmpdir) - os.chmod(target_fname, 0644) + if db.has_nickname('Signing-Cert'): + tmpdir = tempfile.mkdtemp(prefix="tmp-") + target_fname = '/usr/share/ipa/html/configure.jar' + shutil.copy("/usr/share/ipa/html/preferences.html", tmpdir) + db.run_signtool(["-k", "Signing-Cert", + "-Z", target_fname, + "-e", ".html", "-p", pwd, + tmpdir]) + shutil.rmtree(tmpdir) + os.chmod(target_fname, 0644) + else: + root_logger.warning('Object-signing certificate was not found. ' + 'Configure.jar was not created.') self.setup_firefox_extension(self.realm, self.domain, force=True) diff --git a/ipaserver/install/ipa_replica_prepare.py b/ipaserver/install/ipa_replica_prepare.py index b6b063332a4ea6b87cddd20a0d53de22d4a0a639..f6af28e3a550387050ead412b61c8fb58a8b7fe5 100644 --- a/ipaserver/install/ipa_replica_prepare.py +++ b/ipaserver/install/ipa_replica_prepare.py @@ -338,8 +338,9 @@ class ReplicaPrepare(admintool.AdminTool): self.copy_info_file("/usr/share/ipa/html/krb.js", "krb.js") self.copy_info_file( "/usr/share/ipa/html/kerberosauth.xpi", "kerberosauth.xpi") - self.copy_info_file( - "/usr/share/ipa/html/configure.jar", "configure.jar") + jar_filename = "/usr/share/ipa/html/configure.jar" + if ipautil.file_exists(jar_filename): + self.copy_info_file(jar_filename, "configure.jar") cacert_filename = "/var/kerberos/krb5kdc/cacert.pem" if ipautil.file_exists(cacert_filename): self.copy_info_file(cacert_filename, "cacert.pem") -- 1.8.1.4
_______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
