Author: jdsn Date: Thu Feb 7 23:23:48 2008 New Revision: 44264 URL: http://svn.opensuse.org/viewcvs/yast?rev=44264&view=rev Log: fixes to CRL export script, export to file as well, new config file support Modified: branches/SuSE-SLE-10-SP2-Branch/ca-management/scripts/exportCRL.pl Modified: branches/SuSE-SLE-10-SP2-Branch/ca-management/scripts/exportCRL.pl URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP2-Branch/ca-management/scripts/exportCRL.pl?rev=44264&r1=44263&r2=44264&view=diff ============================================================================== --- branches/SuSE-SLE-10-SP2-Branch/ca-management/scripts/exportCRL.pl (original) +++ branches/SuSE-SLE-10-SP2-Branch/ca-management/scripts/exportCRL.pl Thu Feb 7 23:23:48 2008 @@ -5,101 +5,147 @@ } use strict; -use Config::IniFiles; use Getopt::Long; use YaPI::CaManagement; +use Data::Dumper; -# adapt to export to local files as well -# improve to use new exportcrl.conf files - - -my $config = '/etc/generateCRL.conf'; +my $err; +my $msg; +my $res; +my $config = undef; my $help = undef; +my %conf = (); -my @toDo = (); Getopt::Long::Configure("no_ignore_case", "no_auto_abbrev"); my $result = GetOptions ("config|c=s" => \$config, "help|?|h" => \$help); if($help || !$result) { - print "usage: generateCRL.pl [-c path] \n"; + print "usage: $0 -c <config-file> \n"; print "\n"; - print "-c, --config Path to configfile (default: /etc/generateCRL.conf)\n"; + print "-c, --config Path to configfile\n"; print "-?, --help, -h This help\n"; exit; } -my $cfg = new Config::IniFiles( -file => $config ); -if(!defined $cfg) { - die "Can not read the configfile:\n @Config::IniFiles::errors\n"; +if (!$config) { + print "Can not operate without a configfile. See '$0 -h' for help\n"; + exit 1; } -@toDo = $cfg->Sections(); - -foreach my $gencrl (@toDo) { - - print "Process '$gencrl' ... "; - my $ret = doit($gencrl); - if($ret eq "") { - print "done\n"; - } else { - print "failed\n$ret\n"; - } +if (! -e $config) { + print "Configuration file $config does not exist."; + exit 1; } -sub doit { - my $caName = shift; - - my $caPasswd = $cfg->val($caName, "caPasswd"); - my $host = $cfg->val($caName, "ldapHostname"); - my $port = $cfg->val($caName, "ldapPort", 389); - my $destDN = $cfg->val($caName, "destinationDN"); - my $bindDN = $cfg->val($caName, "bindDN"); - my $ldapPasswd = $cfg->val($caName, "ldapPasswd"); - my $err; - my $msg; +# +# read config file +# +if (! open(CONF,"< $config")) +{ + print "Can not open configuration file $config ."; + exit 1; +} - my $res = YaPI::CaManagement->ReadCRLDefaults({caName => $caName}); - if( not defined $res ) { - $err = YaPI::CaManagement->Error(); - $msg = $err->{summary}; - $msg .= "[".$err->{description}."]" if(defined $err->{description}); - return $msg; +while (<CONF>) +{ + if ($_ =~ /^\s*([a-zA-Z0-9_-]+)\s*=\s*(\S*)\s*$/) + { + if (defined $1 && $1 ne '') + { + if (not defined $2) {$2 = "";} + $conf{"$1"}="$2"; + } } +} +close CONF; + +if ( not exists $conf{"caname"} || + not exists $conf{"capassword"} + ) +{ + print "CA information (name or password) is missing in config file $config ."; + exit 1; +} - my $data = { - 'caName' => $caName, - 'caPasswd' => $caPasswd, - 'days' => $res->{days} - }; - - $res = YaPI::CaManagement->AddCRL($data); +if ($conf{"ldap_port"} eq "") { $conf{"ldap_port"} = 389; } + + + +# +# reading default values for specified CRL +# +$res = YaPI::CaManagement->ReadCRLDefaults({caName => $conf{"caname"}, caPasswd => $conf{"capassword"} }); +if( not defined $res ) { + $err = YaPI::CaManagement->Error(); + $msg = $err->{summary}; + $msg .= "[".$err->{description}."]" if(defined $err->{description}); + print $msg; +} + + +# +# generating new CRL +# +my $data = { + 'caName' => $conf{"caname"}, + 'caPasswd' => $conf{"capassword"}, + 'days' => $res->{days} + }; +if (! defined ${$data}{days} || ${$data}{days} eq '') { ${$data}{days} = 30; } + +$res = YaPI::CaManagement->AddCRL($data); +if( not defined $res ) { + $err = YaPI::CaManagement->Error(); + $msg = $err->{summary}; + $msg .= "[".$err->{description}."]" if(defined $err->{description}); + print $msg; +} + +# +# export new CRL to LDAP if configured +# +if ($conf{"export_ldap"} eq "true") +{ + $data = { + 'caName' => $conf{"caname"}, + 'ldapHostname' => $conf{"ldap_hostname"}, + 'ldapPort' => $conf{"ldap_port"}, + 'destinationDN' => $conf{"ldap_dn"}, + 'BindDN' => $conf{"ldap_binddn"}, + 'ldapPasswd' => $conf{"ldap_password"} + }; + + $res = YaPI::CaManagement->ExportCRLToLDAP($data); if( not defined $res ) { $err = YaPI::CaManagement->Error(); $msg = $err->{summary}; $msg .= "[".$err->{description}."]" if(defined $err->{description}); - return $msg; + print $msg; } +} + +# +# export new CRL to file if configured +# +if ($conf{"export_file"} eq "true") +{ $data = { - caName => $caName, - ldapHostname => $host, - ldapPort => $port, - destinationDN => $destDN, - BindDN => $bindDN, - ldapPasswd => $ldapPasswd + 'caName' => $conf{"caname"}, + 'caPasswd' => $conf{"capassword"}, + 'exportFormat' => uc($conf{"crlfileformat"}), + 'destinationFile' => $conf{"crlfilename"} }; - $res = YaPI::CaManagement->ExportCRLToLDAP($data); + $res = YaPI::CaManagement->ExportCRL($data); if( not defined $res ) { $err = YaPI::CaManagement->Error(); $msg = $err->{summary}; $msg .= "[".$err->{description}."]" if(defined $err->{description}); return $msg; } - - return ""; } -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org