I completed the first prototype of a more advanced configuration system of OpenCA. First I describe what you have to do to get the CVS head working on your computer and then I describe what I did.
Get CVS head working --------------------
1. checkout the cvs head of openca-0.9
2. install it like before
3. go to etc/ area
4. configure the file config.xml
5. adapt the bash script configure_etc.sh to your shell
6. run configure_etc.sh in etc/ area
7. edit the access control configurations in etc/access_control/
(Brian, if I interpret the debian guidelines in the correct way then this should be /etc/openca/access_control.)
access_control/login/type --> none (deactivates the identification)
access_control/acl_config/acl --> no (deactivates ACL)
Now you should be able to test the code. Until now there is no default configuration for the ACL which allow all for root. The default passphrase of root is root.
What did I do? -------------- 1. I added some lines to OpenCA::Tools.
setXMLConfig - sets the name of the file config.xml
- also possible with new
loadXMLConfig - intializes XML::Twig
getConfiguredData - processes the data and returns the result
setError - default OpenCA error handling
debug - general debugging functionI think the intersting part is getConfiguredData and the code is readable but this think every programmer.
2. I removed several options from configure.in and configure.
3. The removed configure options are now in config.xml.
4. Many files will only be installed as *.template in the etc area.
5. I write a script configure_etc.sh to update the configuration files.
6. The real function to process the templates is openca-configure but this file uses only OpenCA::Tools. If you load a file with OpenCA::Tools and you call new OpenCA::Tools with config.xml then you get a completely processed file (see openca-configure) for an example.
7. I know that etc is the wrong place for configure_etc.sh but if we place it in another directory then we will get dozens of mails with questions like "where is the script" and "why doesn't OpenCA work after make install".
The next step is to test the performance of this solution. The access control is not optimized too so it is a good idea to deactivate the access control if you test the performance of the configuration.
What do you think about this solution? I hope the cvs version works.
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
-------------------------------------------------------
This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en
_______________________________________________
OpenCA-Devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-devel
