An upgrade script has been added to replace IPv4- and IPv6-specific AJP loopback address with a more generic "localhost" in existing instances.
https://fedorahosted.org/pki/ticket/2570 -- Endi S. Dewata
>From 2d819f22234dc5b6e8fffea7d64b67e11fd88c40 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" <[email protected]> Date: Thu, 19 Jan 2017 21:43:24 +0100 Subject: [PATCH] Added upgrade script to update AJP loopback address. An upgrade script has been added to replace IPv4- and IPv6-specific AJP loopback address with a more generic "localhost" in existing instances. https://fedorahosted.org/pki/ticket/2570 --- base/common/upgrade/10.4.0/.gitignore | 4 ++ .../upgrade/10.4.0/01-UpdateAJPLoopbackAddress | 62 ++++++++++++++++++++++ 2 files changed, 66 insertions(+) create mode 100644 base/common/upgrade/10.4.0/.gitignore create mode 100755 base/server/upgrade/10.4.0/01-UpdateAJPLoopbackAddress diff --git a/base/common/upgrade/10.4.0/.gitignore b/base/common/upgrade/10.4.0/.gitignore new file mode 100644 index 0000000000000000000000000000000000000000..5e7d2734cfc60289debf74293817c0a8f572ff32 --- /dev/null +++ b/base/common/upgrade/10.4.0/.gitignore @@ -0,0 +1,4 @@ +# Ignore everything in this directory +* +# Except this file +!.gitignore diff --git a/base/server/upgrade/10.4.0/01-UpdateAJPLoopbackAddress b/base/server/upgrade/10.4.0/01-UpdateAJPLoopbackAddress new file mode 100755 index 0000000000000000000000000000000000000000..b7d5c0e44fb8e6644abfc93e9de13fc0455f5c49 --- /dev/null +++ b/base/server/upgrade/10.4.0/01-UpdateAJPLoopbackAddress @@ -0,0 +1,62 @@ +#!/usr/bin/python +# Authors: +# Endi S. Dewata <[email protected]> +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2017 Red Hat, Inc. +# All rights reserved. +# + +from __future__ import absolute_import +import os +from lxml import etree + +import pki + + +class UpdateAJPLoopbackAddress( + pki.server.upgrade.PKIServerUpgradeScriptlet): + + def __init__(self): + super(UpdateAJPLoopbackAddress, self).__init__() + self.message = 'Update AJP loopback address' + + self.parser = etree.XMLParser(remove_blank_text=True) + + def upgrade_instance(self, instance): + + server_xml = os.path.join(instance.conf_dir, 'server.xml') + self.backup(server_xml) + + document = etree.parse(server_xml, self.parser) + + server = document.getroot() + connectors = server.findall('.//Connector') + + # replace IPv4- or IPv6-specific AJP loopback address with localhost + for connector in connectors: + + protocol = connector.get('protocol') + if protocol != 'AJP/1.3': + continue + + address = connector.get('address') + if address != '127.0.0.1' and address != '::1': + continue + + connector.set('address', 'localhost') + + with open(server_xml, 'wb') as f: + document.write(f, pretty_print=True, encoding='utf-8') -- 2.5.5
_______________________________________________ Pki-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/pki-devel
