[yast-commit] r43805 - in /branches/SuSE-SLE-10-SP2-Branch/registration/src: clients/inst_suse_register.ycp modules/Makefile.am modules/Register.ycp modules/RegisterCert.pm

Author: jdsn Date: Mon Jan 21 19:19:45 2008 New Revision: 43805 URL: http://svn.opensuse.org/viewcvs/yast?rev=43805&view=rev Log: initial checkin of yep related changes Added: branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/RegisterCert.pm Modified: branches/SuSE-SLE-10-SP2-Branch/registration/src/clients/inst_suse_register.ycp branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Makefile.am branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Register.ycp Modified: branches/SuSE-SLE-10-SP2-Branch/registration/src/clients/inst_suse_register.ycp URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP2-Branch/registration/src/clients/inst_suse_register.ycp?rev=43805&r1=43804&r2=43805&view=diff ============================================================================== --- branches/SuSE-SLE-10-SP2-Branch/registration/src/clients/inst_suse_register.ycp (original) +++ branches/SuSE-SLE-10-SP2-Branch/registration/src/clients/inst_suse_register.ycp Mon Jan 21 19:19:45 2008 @@ -33,6 +33,16 @@ import "PackageSystem"; import "Package"; + + // this operation MUST be first and run in any case, even if registration should be skipped (FATE #302966) + symbol confRegSrv = Register::configureRegistrationServer(); + if (confRegSrv == `conferror || confRegSrv == `notrust) + { + y2debug("Registration can not be run due to YEP configuration error."); + } + + + // no network - no suse_register if (!Mode::normal()) { Modified: branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Makefile.am URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Makefile.am?rev=43805&r1=43804&r2=43805&view=diff ============================================================================== --- branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Makefile.am (original) +++ branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Makefile.am Mon Jan 21 19:19:45 2008 @@ -2,7 +2,7 @@ # Makefile.am for registration/modules # -module_DATA = Register.ycp +module_DATA = Register.ycp RegisterCert.pm EXTRA_DIST = $(module_DATA) Modified: branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Register.ycp URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Register.ycp?rev=43805&r1=43804&r2=43805&view=diff ============================================================================== --- branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Register.ycp (original) +++ branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Register.ycp Mon Jan 21 19:19:45 2008 @@ -18,9 +18,10 @@ import "Misc"; import "Stage"; import "Label"; +import "Popup"; import "ProductFeatures"; import "SourceManager"; - +import "RegisterCert"; // -------------------------------------------------------------- @@ -50,6 +51,8 @@ global boolean use_proxy = false; global string http_proxy = ""; global string https_proxy = ""; +global string yep_server = nil; // (FATE #302966) +global string yep_server_cert = nil; // (FATE #302966) global map registration_data = $[]; @@ -62,39 +65,549 @@ // START: Locally defined functions // ------------------------------------------------------------------ + /* - * get_home_dir() + * amIroot() * - * get the home directory of the user running this module - * because not only root is allowed to run inst_suse_register + * checks if running as root + * returns true if running as root - else returns false + * + */ +boolean amIroot() +{ + // check if we are root + map userid = (map) SCR::Execute(.target.bash_output, "id -u"); + y2milestone("running with user id %1", userid); + return String::FirstChunk(userid["stdout"]:"1", "\n") == "0" ? true:false; +} + + + +/* + * mountFloppy() * - * @return home directory as string + * mount a floppy disk + * @return map with status information * */ -string get_home_dir() +map mountFloppy() { - map gethome = (map) SCR::Execute(.target.bash_output, " cd; pwd "); - return ((integer) gethome["exit"]:1 == 0) ? String::FirstChunk(gethome["stdout"]:"/tmp", "\n") : "/tmp"; + // floppy mount support (FATE #303335) + list drives = (list) SCR::Read(.probe.floppy); + + if ( size(drives) == 0 ) + { + return $[ "mounted" : false ]; + } + + string fddevice = drives[0, "dev_name"]:"/dev/fd0"; + string tmpdir = (string) SCR::Read(.target.tmpdir); + if (tmpdir == nil) tmpdir = "/tmp"; + string mpoint = tmpdir + "/fd"; + + // create mount point directory + SCR::Execute(.target.mkdir, mpoint); + + y2debug("Trying to mount %1 as floppy drive to load the YEP server certificate from."); + + boolean result = (boolean) SCR::Execute(.target.mount, [fddevice, mpoint], "-o ro" ); + + return $[ "mounted" : result, "mpoint" : mpoint, "device" : fddevice ]; } /* - * amIroot() + * umountFloppy() * - * checks if running as root - * returns true if running as root - else returns false + * umount a floppy disk + * @return void * */ -boolean amIroot() +void umountFloppy(string mpoint) { - // check if we are root - map userid = (map) SCR::Execute(.target.bash_output, "id -u"); - y2milestone("running with user id %1", userid); - return String::FirstChunk(userid["stdout"]:"1", "\n") == "0" ? true:false; + if (mpoint == nil || mpoint == "") return; + SCR::Execute(.target.umount, mpoint); +} + + +/* + * certificateError() + * + * report error messages if YEP server certificate is not found + * @return symbol yes, no or retry + * + */ +symbol certificateError(string heading, symbol type) +{ + if (heading == nil || heading == "") heading = _("Unknown error"); + + string errorrMessage = ""; + string question = _("Do you want to skip Registration?"); + string otherwise = sprintf( _("If you select %1 the Registration will most likely fail. +Otherwise you may copy the certificate file to the system manually +and then specify its path by choosing %2."), deletechars(Label::FileName(), "&"), deletechars(Label::ContinueButton(), "&")); + + + if (type == `floppy) + { + errorMessage = _("Could not load the YEP server certificate file from floppy disk."); + } + else if (type == `url) + { + errorMessage = _("Could not download the YEP server certificate file from specified URL."); + } + else if (type == `file) + { + errorMessage = _("Could not find the YEP server certificate file in specified path."); + } + else + { + errorMessage = _("Unknown Error occurred while retrieving YEP server certificate"); + } + + errorMessage = errorMessage + "\n\n" + question + "\n\n" + otherwise; + return Popup::AnyQuestion3(heading, errorMessage, _("Skip"), Label::ContinueButton(), Label::FileName(), `focus_yes ); +} + + + + + +/* + * suseRegisterURL() + * + * get or set the suseRegisterURL + * @return current url + */ +string suseRegisterURL(string url) +{ + // nil, empty string, unparsable urls and non-https urls as parameter means 'get url' else 'set url' + + string cururl = nil; + map urlmap = $[]; + string suseRegisterConf = "/etc/suseRegister.conf"; + + SCR::RegisterAgent (.temporary_suseregister_agent, `ag_ini( + `IniAgent( suseRegisterConf, + $[ + "options" : [ "line_can_continue", "global_values", "join_multiline", "comments_last", "flat" ], + "comments": [ "^[ \t]*#.*$", "^[ \t]*$" ], + "params" : [ $[ "match" : [ "([a-zA-Z0-9_-]+)[ \t]*=[ \t]*([^ \t]*)", "%s = %s" ] ] ] + ] + ))); + + // in case the yep server was already changed do not change it again (to support mobile PCs in different environments) + if ( (string)SCR::Read(.temporary_suseregister_agent.yepurlmodified) == "true" ) + { + url = nil; + y2debug("YEP server has already been modified. I will not change it again."); + } + + cururl = (string) SCR::Read(.temporary_suseregister_agent.url); + urlmap = URL::Parse(url); + + if ( url != nil && url != "" && urlmap != $[] && urlmap["schema"]:"" == "https" ) + { + SCR::Write(.temporary_suseregister_agent.url, url); + cururl = (string) SCR::Read(.temporary_suseregister_agent.url); + if (url == cururl) SCR::Write(.temporary_suseregister_agent.yepurlmodified, "true"); + } + + SCR::UnregisterAgent (.temporary_suseregister_agent); + return cururl; } + +/* + * setupRegistrationServer() + * + * write YEP server settings to (FATE #302966) + * @return symbol that says if we can perform the registration + * + */ +symbol setupRegistrationServer(symbol mode) +{ + // in case yep_server is undefined nothing needs to be done + if (yep_server == nil || yep_server == "") return `ok; + + boolean ay = false; // are we running in autoYaST mode? + boolean trust = false; + if (mode == `autoyast) + { + trust = true; + ay = true + } + + // check if yep_server is a valid url + map yep_server_parsed = URL::Parse(yep_server); + if (yep_server_parsed == $[] || yep_server_parsed["host"]:"" == "" || yep_server_parsed["scheme"]:"" != "https" ) + { + y2debug("The string '%1' could not be parsed and validated as URL to be used as YEP server.", yep_server); + if (ay) return `conferror; + + string no_yep_server = _("The YEP server URL could not be validated as URL. +Registration can not be performed. Please modify /etc/suseRegister.conf and run Registration manually. +The YEP server URL that was configured was +%1"); + Popup::Message(sformat(no_yep_server, yep_server)); + return `conferror; + } + + + // write YEP server URL to /etc/suseRegister.conf + if (yep_server == suseRegisterURL(yep_server) ) + { y2milestone("Setup custom yep server as registration server successful: %1", yep_server); } + else + { y2error("Failed to setup custom yep server as registration server: %1", yep_server); } + + + + // ----------===============================================-------------- // + + symbol certmode = nil; + + // never ever load a certificate file for a *.novell.com yep server + if ( regexpmatch(yep_server_parsed["host"], ".+\.novell\.com$") { certmode = `none } + else if (yep_server_cert == nil || yep_server_cert == "") { certmode = `url } + else if ( regexpmatch(yep_server_cert, "^(https?|ftp)://.+") ) { certmode = `url; } + else if ( regexpmatch(yep_server_cert, "^floppy/.+") ) { certmode = `floppy; } + else if ( regexpmatch(yep_server_cert, "^/.+") ) { certmode = `path; } + else if ( regexpmatch(yep_server_cert, "^ask$") ) { certmode = `ask; } + else if ( regexpmatch(yep_server_cert, "^done$") ) { certmode = `done; } + else { certmode = `none; } + + + if (! contains([`none, `done, `url, `floppy, `ask, `path], certmode) ) + { + y2error("No YEP server certificate mode found to handle current configuration. This should not happen!"); + return `conferror; + } + + string certTmpFile = sformat("%1/__tmpYEPcert.crt", SCR::Read(.target.tmpdir)); + + + if ( certmode == `url ) + { + map certParse = URL::Parse(yep_server_cert); + + // if no yep_server_cert is passed then we fall back to predefined yep_server_cert + if (yep_server_cert == nil || yep_server_cert == "" || certParse == $[]) + { + map certUrl = yep_server_parsed; + certUrl["scheme"] = "http"; + certUrl["port"] = "80"; + certUrl["path"] = "/yep.crt"; + yep_server_cert = URL::Build(certUrl); + certParse=certUrl; + + } + y2debug("Using %1 as URL to download the YEP server certificate.", yep_server_cert); + + // download cert + string curlcmd = sprintf("curl -f --connect-timeout 60 --max-time 120 '%1' -o %2", yep_server_cert, certTmpFile); + if ( SCR::Execute (.target.bash, curlcmd) != 0) + { + y2error("Could not download the YEP server certificate from specified URL %1", yep_server_cert); + if (ay) return `conferror; + + // translators: this is a heading for an error message - so no punctuation + string urlError = _("Downloading YEP server certificate failed"); + symbol errret = certificateError( urlError, `url); + + certTmpFile = nil; + } + } + + if (certmode == `floppy) + { + // mount and copy + map mf = mountFloppy(); + if (!mf["mounted"]:false) + { + umountFloppy(mf["mpoint"]); + y2error("Could not mount floppy disk to copy the YEP server certificte from. The device that was used was %1", mf["device"]); + if (ay) + { + y2error("No YEP server certificate available. As we are in autoYaST mode Registration will be skipped. Please run it manually."); + return `silentskip; + } + else + { + // translators: this is a heading for an error message - so no punctuation + fdMountError = _("Could not mount floppy disk"); + symbol errret = certificateError( fdMountError, `floppy); + + if ( errret == `yes ) + { + y2warning("No YEP certificate could be retrieved (floppy mount error). User selected to skip Registration."); + return `silentskip; + } + else ( errret = `no ) + { + y2warning("No YEP certificate could be retrieved (floppy mount error). User selected to NOT skip Registration. Most likely Registration will fail now."); + return `ok; + } + else { certmode = `ask; } + } + } + else + { + string fdpath = regexpsub( yep_server_cert , "^floppy/(.+)$","\\1"); + string cp2tmp = sformat("/bin/cp -a %1 %2 ", mf["mpoint"]:"/media/floppy" + "/" + fdpath, certTmpFile ); + if ( SCR::Execute (.target.bash, cp2tmp) != 0) + { + y2error("Could not copy the specified YEP certificate file from floppy disk."); + if (ay) return `silentskip; + + // translators: this is a heading for an error message - so no punctuation + string fdCopyError = _("Could not read file floppy disk"); + symbol errret = certificateError( fdCopyError, `floppy); + + if ( errret == `yes ) + { + y2warning("No YEP certificate could be retrieved (could not copy from floppy). User selected to skip Registration."); + return `silentskip; + } + else ( errret = `no ) + { + y2warning("No YEP certificate could be retrieved (could not copy from floppy). User selected to NOT skip Registration. Most likely Registration will fail now."); + return `ok; + } + else { certmode = `ask; } + + } + + umountFloppy(mf["mpoint"]); + } + + } + + if (certmode == `path) + { + // try to copy cert if valid path, else ask // copy + + string cp2tmp = sformat("/bin/cp -a %1 %2 ", yep_server_cert:"/thisfiledoesnotexist/noitdoesnot" , certTmpFile ); + if ( SCR::Execute(.target.bash, cp2tmp ) != 0 ) + { + y2error("Could not copy local YEP server certificate file"); + if (ay) return `silentskip; + + // translators: this is a heading for an error message - so no punctuation + string fileCopyError = _("Could find file in local path"); + symbol errret = certificateError( fileCopyError, `file); + if ( errret == `yes ) + { + y2warning("No YEP certificate could be retrieved (could not copy local file). User selected to skip Registration."); + return `silentskip; + } + else ( errret = `no ) + { + y2warning("No YEP certificate could be retrieved (could not copy local file). User selected to NOT skip Registration. Most likely Registration will fail now."); + return `ok; + } + else { certmode = `ask; } + } + } + + if (certmode == `ask) + { + if (ay) + { + y2error("YEP server certificate was configured to be asked for. AutoYaST does not support interactive dialogs. Registration will be skipped."); + return `silentskip; + } + + string basepath = "/tmp"; + string certFile = ""; + string selectCertLabel = _("Select YEP server certificate file"); + boolean exitloop = false; + + do + { + do + { + certFile = UI::AskForExistingFile(basepath, "*.crt", selectCertLabel); + } while (certFile == "") + + if (certFile == nil) + { + string skipReg = _("Do you really want to cancel and thereby skip the Registration?"); + if (Popup::YesNo(skipReg)) + { + y2debug("User selected to cancel manual certificate dialog and thereby skip registration"); + return `conferror; + } + } + + string cp2tmp = sformat("/bin/cp -a %1 %2 ", certFile , certTmpFile ); + if (SCR::Execute(cp2tmp) == 0) + { + y2debug("Found user specified YEP server certificate file"); + exitloop = true; + } + else + { + string fileErrorHeader = _("Could not copy local file"); + string fileErrorMsg = _("Do you want to retry?"); + if (!Popup::YesNoHeadline(fileErrorHeader, fileErrorMsg)) + { + y2debug("Could not copy local file as YEP server certificate"); + exitloop = true; + } + } + + } while ( !exitloop ); + + + } + + if (certmode == `done) + { + y2debug("User configured to do nothing to retrieve a YEP server certificate."); + y2debug("I hope you know what you do. Registration will be run but may fail due to missing certificate."); + return `ok; + } + + if (certmode == `none) + { + y2warning("The string that was passed to get the YEP server certificate does not match any handler."); + y2warning("The string was: %1", yep_server_cert); + y2warning("No certificate could be retrieved. Registration process will not be run!"); + return `conferror; + } + + + + // in autoYaST mode we automatically trust - we are done here + if (trust || ay) { retrun `ok; } + + // ask user if he trusts the certificate + map certParsed = RegisterCert::parseCertificate(certTmpFile); + y2milestone("YEP server certificate file information: %1", certParsed); + + string trustQuestion = _("Do you want to trust this certificate?"); + string trustMessage = _("This certificate will be used to connect to the YEP server.\nYou have to trust this certificate in order to continue with the Registration.") + + string certInfo = ""; + list issueList = (list) cP["ISSUER"]:[]; + //translators: this is certificate context + certInfo = certInfo + _("<p><b>Issued For:</b></p>"); + if (size (issueList) > 0) + { + certInfo = certInfo + "<pre>"; + foreach (map keyval, (list >) issueList, { + foreach (string key, string val, (map) keyval, { + certInfo = certInfo + sformat("\n%1: %2", key, val); + }); + }); + certInfo = certInfo + "</pre>"; + } + + //translators: this is certificate context + certInfo = certInfo + _("<p><b>Subject:</b></p>"); + list subjectList=(list) cP["SUBJECT"]:[]; + if (size (subjectList) > 0) + { + certInfo = certInfo + "<pre>"; + foreach (map keyval, (list >) subjectList, { + foreach (string key, string val, (map)keyval, { + certInfo = certInfo + sformat("\n%1: %2", key, val); + }); + }); + certInfo = certInfo + "</pre>"; + } + //translators: this is certificate context + certInfo = certInfo + _("<p><b>Validity:</b></p>"); + certInfo = certInfo + "<pre>"; + //translators: this is certificate context + certInfo = certInfo + "\n" + _("Valid from: ") + " " + cP["STARTDATE"]:""; + //translators: this is certificate context + certInfo = certInfo + "\n" + _("Valid to: ") + " " + cP["ENDDATE"]:""; + //translators: this is certificate context + certInfo = certInfo + "\n" + _("Fingerprint: ") + " " + cP["FINGERPRINT"]:""; + certInfo = certInfo + "</pre>"; + + UI::OpenDialog( `MinSize(70, 20, `VBox( + `Left( `Label(`opt(`boldFont), trustQuestion)), + `Left( `Label(trustMessage)), + `RichText(sformat("%1",certInfo)), + `HBox(`PushButton(`id(`trust), _("Trust")), `HSpacing(1.5), `PushButton(`id(`notrust), _("Reject")) ) + ))); + symbol uret = UI::UserInput(); + UI::CloseDialog(); + + if (uret == `trust) + { + string installCert = ""; + installCert = sformat(" +[ -f /etc/ssl/certs/yep-5.crt ] && YEPDST=/etc/ssl/certs/yep-5.crt +[ -f /etc/ssl/certs/yep-4.crt ] && YEPDST=/etc/ssl/certs/yep-4.crt +[ -f /etc/ssl/certs/yep-3.crt ] && YEPDST=/etc/ssl/certs/yep-3.crt +[ -f /etc/ssl/certs/yep-2.crt ] && YEPDST=/etc/ssl/certs/yep-2.crt +[ -f /etc/ssl/certs/yep-1.crt ] && YEPDST=/etc/ssl/certs/yep-1.crt +[ -f /etc/ssl/certs/yep.crt ] && YEPDST=/etc/ssl/certs/yep.crt +cp -a %1 $YEPDST && c_rehash +", certTmpFile); + + integer instret = SCR::Execute(.target.bash, installCert); + + if (instret == 0) + { + y2debug("Successfully installed YEP server certificate. Registration will now proceed."); + return `ok; + } + else + { + y2error("Failed to install YEP server certificate. Registration would fail and thus will be skipped."); + return `silentskip; + } + } + else + { + return `notrust; + } + + + // a return to be safe :) + return `conferror; + + // return value `ok we can perform the registration + // `conferror configuration error - we have to skip registration + // `notrust user does not trust certificate - we have to skip registration + // `silentskip autoyast mode skip registration on error + // `nil unkown error - report generic error message +} + + + +/* + * configureRegistrationServer() + * + * read YEP server settings from install.inf and set them up (FATE #302966) + * + */ +symbol configureRegistrationServer() +{ + yep_server = Linuxrc::InstallInf("yepurl"); + yep_server_cert = Linuxrc::InstallInf("yepcert"); + + +/* yepurl=https:/yep.mybigcompany.com/yep/regsvc + yepcert=ask open FileDialog + yepcert=done Cert already insalled - do nothing + yepcert=http:/certpool.mybigcompany.com/yep/yep-ca.crt download from there + yepcert=floppy/path/to/file.crt + yepcert=/path/to/local/file.crt copy from there +*/ + + // setup the yep_server settings + return setupRegistrationServer(); +} + + + /* * read_config() * @@ -128,22 +641,6 @@ submit_optional = (string) SCR::Read( .sysconfig.suse_register.SUBMIT_OPTIONAL ) == "true" ? true:false; submit_hwdata = (string) SCR::Read( .sysconfig.suse_register.SUBMIT_HWDATA ) == "true" ? true:false; } - - // and in case of nonroot read from user's home - if (!iamroot) - { - string home_config = sformat("%1/.suse_register", get_home_dir() ); - if (FileUtils::Exists(home_config)) - { - foreach (string line, - splitstring ((string)SCR::Read(.target.string, home_config ),"\n"), { - if ( regexpmatch(line, "^SUBMIT_OPTIONAL=\"[^\"]*\".*$") ) - submit_optional = regexpsub(line, "^SUBMIT_OPTIONAL=\"([^\"]*)\".*$", "\\1") == "true" ? true:false; - else if ( regexpmatch(line, "^SUBMIT_HWDATA=\"[^\"]*\".*$") ) - submit_hwdata = regexpsub(line, "^SUBMIT_HWDATA=\"([^\"]*)\".*$", "\\1") == "true" ? true:false; - }); - } - } } @@ -157,22 +654,12 @@ */ void write_config() { - if (iamroot) - { - // avoid missing file error message in log (#211899) - SCR::Execute(.target.bash, "touch /etc/sysconfig/suse_register"); - SCR::Write(.sysconfig.suse_register.SUBMIT_OPTIONAL, sformat("%1", submit_optional ? true:false )); - SCR::Write(.sysconfig.suse_register.SUBMIT_HWDATA, sformat("%1", submit_hwdata ? true:false )); - - SCR::Execute(.target.bash, sformat("%1 /var/lib/suseRegister/neverRegisterOnBoot", register_regularly ? "rm -f ":"touch " )); - } - else - { - string home_config = sformat("%1/.suse_register", get_home_dir() ); - string confdata = sformat("#\n# .suse_register is created and read by YaST\n# it stores the configuration status of the registration module\n#\n\nSUBMIT_OPTIONAL=\"%1\"\nSUBMIT_HWDATA=\"%2\"", submit_optional ? true:false, submit_hwdata ? true:false ); - SCR::Write(.target.string, home_config, confdata); - } + // avoid missing file error message in log (#211899) + SCR::Execute(.target.bash, "touch /etc/sysconfig/suse_register"); + SCR::Write(.sysconfig.suse_register.SUBMIT_OPTIONAL, sformat("%1", submit_optional ? true:false )); + SCR::Write(.sysconfig.suse_register.SUBMIT_HWDATA, sformat("%1", submit_hwdata ? true:false )); + SCR::Execute(.target.bash, sformat("%1 /var/lib/suseRegister/neverRegisterOnBoot", register_regularly ? "rm -f ":"touch " )); } // ------------------------------------------------------------------ @@ -382,6 +869,8 @@ do_registration = (boolean) settings["do_registration"]:do_registration; register_regularly = (boolean) settings["register_regularly"]:register_regularly; registration_data = (map) settings["registration_data"]:$[]; + yep_server = (string) settings["yep_server"]:yep_server; + yep_server_cert = (string) settings["yep_server_cert"]:yep_server_cert; return true; } @@ -394,6 +883,7 @@ global boolean Write() { iamroot = amIroot(); + setupRegistrationServer(`autoyast); if (do_registration) suseRegister(`autoyast); finish(); return true; @@ -412,6 +902,8 @@ "submit_hwdata":submit_hwdata, "do_registration":do_registration, "register_regularly":register_regularly, + "yep_server":yep_server, + "yep_server_cert":yep_server_cert, "registration_data":registration_data ]; } Added: branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/RegisterCert.pm URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/RegisterCert.pm?rev=43805&view=auto ============================================================================== --- branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/RegisterCert.pm (added) +++ branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/RegisterCert.pm Mon Jan 21 19:19:45 2008 @@ -0,0 +1,84 @@ +#!/usr/bin/perl -w + +package RegisterCert; + +use strict; +use LIMAL; +use LIMAL::CaMgm; +use Date::Format; +use YaST::YCP qw(:LOGGING); +use Data::Dumper; + +our %TYPEINFO; + +BEGIN { $TYPEINFO{parseCertificate} = ["function", ["map", "string", "any"], "string"]; } +sub parseCertificate +{ + my $self = shift; + my $file = shift; + + #my $file = "/etc/ssl/certs/YaST-CA.pem"; + my $result = { + SUBJECT => [], + ISSUER => [], + STARTDATE => "", + ENDDATE => "", + FINGERPRINT => "" + }; + + if(!-e $file) + { + y2error("File not found ($file)"); + return undef; + } + + my $certData = LIMAL::CaMgm::LocalManagement::getCertificate($file, $LIMAL::CaMgm::E_PEM); + + my $rdnlist = $certData->getSubjectDN()->getDN(); + + my @SUBJECT = (); + + for(my $it = $rdnlist->begin(); + !$rdnlist->iterator_equal($it, $rdnlist->end()); + $rdnlist->iterator_incr($it)) + { + my $hash = {}; + $hash->{$rdnlist->iterator_value($it)->getType()} = $rdnlist->iterator_value($it)->getValue(); + + push @SUBJECT, $hash; + } + + $result->{SUBJECT} = \@SUBJECT; + + $rdnlist = $certData->getIssuerDN()->getDN(); + + my @ISSUER = (); + + for(my $it = $rdnlist->begin(); + !$rdnlist->iterator_equal($it, $rdnlist->end()); + $rdnlist->iterator_incr($it)) + { + my $hash = {}; + $hash->{$rdnlist->iterator_value($it)->getType()} = $rdnlist->iterator_value($it)->getValue(); + + push @ISSUER, $hash; + } + + $result->{ISSUER} = \@ISSUER; + + my $datestr = time2str('%Y-%m-%d %X GMT', $certData->getStartDate()); + + $result->{STARTDATE} = $datestr; + + $datestr = time2str('%Y-%m-%d %X GMT', $certData->getEndDate()); + + $result->{ENDDATE} = $datestr; + $result->{FINGERPRINT} = $certData->getFingerprint(); + + y2milestone("Return certificate data: ".Data::Dumper->Dump([$result])); + return $result; +} + + + + -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org