Home | Content | Search | Navigation | Indexes
 

Mailinglist Archive: yast-commit (711 mails)

< Previous Next >
[yast-commit] r48681 - in /trunk/ca-management/src: CaMgm.ycp ca_mgm_proposal.ycp new_cert_read_write.ycp util.ycp
  • From: mcalmer@xxxxxxxxxxxxxxxx
  • Date: Mon, 30 Jun 2008 15:45:21 -0000
  • Message-id: <20080630154521.A1B263B74F@xxxxxxxxxxxxxxxx>
Author: mcalmer
Date: Mon Jun 30 17:45:21 2008
New Revision: 48681

URL: http://svn.opensuse.org/viewcvs/yast?rev=48681&view=rev
Log:
proposal: get all ip addresses of the system and try to resolve the
hostname of them. Write IPs and Hostnames into
SubjectAlternativeName. This hopefully make the created
Certificate usable even if hostname --long returns the
wrong hostname.

Modified:
trunk/ca-management/src/CaMgm.ycp
trunk/ca-management/src/ca_mgm_proposal.ycp
trunk/ca-management/src/new_cert_read_write.ycp
trunk/ca-management/src/util.ycp

Modified: trunk/ca-management/src/CaMgm.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/ca-management/src/CaMgm.ycp?rev=48681&r1=48680&r2=48681&view=diff
==============================================================================
--- trunk/ca-management/src/CaMgm.ycp (original)
+++ trunk/ca-management/src/CaMgm.ycp Mon Jun 30 17:45:21 2008
@@ -135,6 +135,7 @@
global string prop_state = "";
global symbol prop_selection = `def; // `none, `disk

+global list<map> prop_subject_alt_name_list = [];

global boolean adv_subject_alt_name_show_email = false;


Modified: trunk/ca-management/src/ca_mgm_proposal.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/ca-management/src/ca_mgm_proposal.ycp?rev=48681&r1=48680&r2=48681&view=diff
==============================================================================
--- trunk/ca-management/src/ca_mgm_proposal.ycp (original)
+++ trunk/ca-management/src/ca_mgm_proposal.ycp Mon Jun 30 17:45:21 2008
@@ -29,6 +29,7 @@
import "String";

include "ca-management/new_cert_read_write.ycp";
+ include "ca-management/util.ycp";

string func = (string)WFM::Args(0);
map param = (map)WFM::Args(1);
@@ -41,7 +42,18 @@
string proposal = "";
string warning = nil;
symbol warning_level = nil;
-
+
+ list<map> host_ips = getHostIPs ();
+ string hostname_bak = "";
+
+ foreach(map elem, host_ips, {
+
if(elem["kind"]:"" == "DNS")
+
{
+
hostname_bak = elem["name"]:"";
+
}
+
CaMgm::prop_subject_alt_name_list = add (CaMgm::prop_subject_alt_name_list,
elem);
+ });
+
map retmap = (map) SCR::Execute (.target.bash_output,

"/bin/hostname --long",

$[] );
@@ -52,8 +64,15 @@
|| !CaMgm::prop_emailChanged
|| force_reset))
{
- ret = add( ret, "warning", _("Cannot evaluate the name
of the local machine. Change the values of Server Name and E-Mail."));
- ret = add( ret, "warning_level", `blocker );
+ if(hostname_bak == "")
+ {
+ ret = add( ret, "warning", _("Cannot evaluate
the name of the local machine. Change the values of Server Name and E-Mail."));
+ ret = add( ret, "warning_level", `blocker );
+ }
+ else
+ {
+ retmap["stdout"] = hostname_bak;
+ }
}

string longhostname = strip(retmap["stdout"]:"linux.site");

Modified: trunk/ca-management/src/new_cert_read_write.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/ca-management/src/new_cert_read_write.ycp?rev=48681&r1=48680&r2=48681&view=diff
==============================================================================
--- trunk/ca-management/src/new_cert_read_write.ycp (original)
+++ trunk/ca-management/src/new_cert_read_write.ycp Mon Jun 30 17:45:21 2008
@@ -757,6 +757,9 @@
param["certType"] = "server";
param["caPasswd"] = getPassword(CaMgm::currentCA);
//param["notext"] = "1";
+ foreach(map elem, CaMgm::prop_subject_alt_name_list, {
+

CaMgm::adv_subject_alt_name_list = add (CaMgm::adv_subject_alt_name_list,
elem);
+
});
}
if (kind == "Client Certificate")
{

Modified: trunk/ca-management/src/util.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/ca-management/src/util.ycp?rev=48681&r1=48680&r2=48681&view=diff
==============================================================================
--- trunk/ca-management/src/util.ycp (original)
+++ trunk/ca-management/src/util.ycp Mon Jun 30 17:45:21 2008
@@ -1425,7 +1425,65 @@
return success;
}

-
+
+ define list<map> getHostIPs () ``{
+ list<map> ret = [];
+
+ list <string> ip_addresses = splitstring(
+ ((map<string, any>)SCR::Execute(.target.bash_output,
"ip -f inet -o addr | awk '{print $4}' | awk -F \/ '{print $1}' | tr '\n'
','"))["stdout"]:"", ",") ;
+
+
+ foreach(string ip, ip_addresses, {
+ // skip localhost addresses
+ if(ip != "127.0.0.1" && ip != "127.0.0.2" && ip != "")
+ {
+ // add the IP address
+ map new_entry = $[];
+ new_entry["kind"] = "IP";
+ new_entry["name"] = ip;
+
+ ret = add (ret, new_entry);
+
+ // first ask the DNS server about the name
for this IP address
+ list<string> hostnames = splitstring(
+
((map<string,any>)SCR::Execute(.target.bash_output,
sformat("dig +noall +answer -x %1 | awk '{print $5}' | sed 's/\.$//'| tr '\n'
'|'", ip)))["stdout"]:"", "|");
+
+ boolean found = false;
+ foreach(string hname, hostnames, {
+
if(hname != "")
+
{
+
// add the names
+
found = true;
+
map new_entry = $[];
+
new_entry["kind"] = "DNS";
+
new_entry["name"] = hname;
+

+
ret = add (ret, new_entry);
+
}
+
});
+ // If not found, ask the hosts file about the
IP address
+ if(!found)
+ {
+ list<string> hostnames = splitstring(
+

((map<string,any>)SCR::Execute(.target.bash_output, sformat("getent hosts %1 |
awk '{print $2}' | sed 's/\.$//'| tr '\n' '|'", ip)))["stdout"]:"", "|");
+
+ foreach(string hname, hostnames, {
+
if(hname != "")
+
{
+
// add the names
+
map new_entry = $[];
+
new_entry["kind"] = "DNS";
+
new_entry["name"] = hname;
+

+
ret = add (ret, new_entry);
+
}
+
});
+ }
+ }
+ });
+ y2milestone("getHostIPs return: %1", ret);
+ return ret;
+ }

// EOF
}

--
To unsubscribe, e-mail: yast-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: yast-commit+help@xxxxxxxxxxxx

< Previous Next >
List Navigation
This Thread
  • No further messages