Hello community,
here is the log from the commit of package yast2-ca-management
checked in at Tue Nov 6 21:51:07 CET 2007.
--------
--- yast2-ca-management/yast2-ca-management.changes 2007-10-29 16:20:49.000000000 +0100
+++ /mounts/work_src_done/NOARCH/yast2-ca-management/yast2-ca-management.changes 2007-11-06 15:04:35.476752000 +0100
@@ -1,0 +2,13 @@
+Tue Nov 6 14:48:43 CET 2007 - mc@suse.de
+
+- version 2.16.3
+- Ask for a password during import CA [#337524]
+
+-------------------------------------------------------------------
+Mon Oct 29 18:10:12 CET 2007 - mc@suse.de
+
+- merge SP1 changes to trunk
+ * detect existing default Root CA during installation (#238754)
+- popup password dialog if root password cannot be read
+
+-------------------------------------------------------------------
Old:
----
yast2-ca-management-2.16.2.tar.bz2
New:
----
yast2-ca-management-2.16.3.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ yast2-ca-management.spec ++++++
--- /var/tmp/diff_new_pack.i32760/_old 2007-11-06 21:50:16.000000000 +0100
+++ /var/tmp/diff_new_pack.i32760/_new 2007-11-06 21:50:16.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package yast2-ca-management (Version 2.16.2)
+# spec file for package yast2-ca-management (Version 2.16.3)
#
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
@@ -11,12 +11,12 @@
# norootforbuild
Name: yast2-ca-management
-Version: 2.16.2
+Version: 2.16.3
Release: 1
License: GPL v2 or later
Group: System/YaST
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Source0: yast2-ca-management-2.16.2.tar.bz2
+Source0: yast2-ca-management-2.16.3.tar.bz2
Prefix: /usr
BuildRequires: docbook-xsl-stylesheets dosfstools doxygen libxslt limal-ca-mgm-perl limal-perl perl-Date-Calc perl-URI perl-X500-DN perl-XML-Writer pkg-config update-desktop-files yast2 yast2-core yast2-devtools
Requires: yast2 perl perl-gettext yast2-perl-bindings perl-X500-DN perl-Date-Calc limal-perl perl-Config-IniFiles perl-URI
@@ -30,7 +30,7 @@
%prep
-%setup -n yast2-ca-management-2.16.2
+%setup -n yast2-ca-management-2.16.3
%build
%{prefix}/bin/y2tool y2autoconf
@@ -76,6 +76,13 @@
/usr/bin/generateCRL.pl
%attr(600, root, root) %config(noreplace) /etc/generateCRL.conf
%changelog
+* Tue Nov 06 2007 - mc@suse.de
+- version 2.16.3
+- Ask for a password during import CA [#337524]
+* Mon Oct 29 2007 - mc@suse.de
+- merge SP1 changes to trunk
+ * detect existing default Root CA during installation (#238754)
+- popup password dialog if root password cannot be read
* Mon Oct 29 2007 - mc@suse.de
- version 2.16.2
- support cloning for autoyast
++++++ yast2-ca-management-2.16.2.tar.bz2 -> yast2-ca-management-2.16.3.tar.bz2 ++++++
++++ 3031 lines of diff (skipped)
++++ retrying with extended exclude list
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ca-management-2.16.2/configure.in new/yast2-ca-management-2.16.3/configure.in
--- old/yast2-ca-management-2.16.2/configure.in 2007-10-29 16:13:57.000000000 +0100
+++ new/yast2-ca-management-2.16.3/configure.in 2007-11-06 14:50:17.000000000 +0100
@@ -3,7 +3,7 @@
dnl -- This file is generated by y2autoconf 2.15.9 - DO NOT EDIT! --
dnl (edit configure.in.in instead)
-AC_INIT(yast2-ca-management, 2.16.2, http://bugs.opensuse.org/, yast2-ca-management)
+AC_INIT(yast2-ca-management, 2.16.3, http://bugs.opensuse.org/, yast2-ca-management)
dnl Check for presence of file 'RPMNAME'
AC_CONFIG_SRCDIR([RPMNAME])
@@ -17,7 +17,7 @@
AM_INIT_AUTOMAKE(tar-ustar) dnl searches for some needed programs
dnl Important YaST2 variables
-VERSION="2.16.2"
+VERSION="2.16.3"
RPMNAME="yast2-ca-management"
MAINTAINER="Michael Calmer "
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ca-management-2.16.2/src/ca_mgm_proposal.ycp new/yast2-ca-management-2.16.3/src/ca_mgm_proposal.ycp
--- old/yast2-ca-management-2.16.2/src/ca_mgm_proposal.ycp 2007-04-27 11:05:09.000000000 +0200
+++ new/yast2-ca-management-2.16.3/src/ca_mgm_proposal.ycp 2007-10-29 18:10:03.000000000 +0100
@@ -11,7 +11,7 @@
* Authors:
* Stefan Schubert
*
- * $Id: ca_mgm_proposal.ycp 36255 2007-02-19 11:38:12Z mc $
+ * $Id: ca_mgm_proposal.ycp 41626 2007-10-29 17:10:02Z mcalmer $
*
* Proposal function dispatcher for CA Management
*/
@@ -26,6 +26,7 @@
import "DNS";
import "Timezone";
import "Users";
+ import "String";
include "ca-management/new_cert_read_write.ycp";
@@ -36,203 +37,306 @@
if (func == "MakeProposal")
{
- boolean force_reset = param["force_reset"]:false;
- string proposal = "";
- string warning = nil;
- symbol warning_level = nil;
-
- map retmap = (map) SCR::Execute (.target.bash_output,
- "/bin/hostname --long",
- $[] );
- y2milestone("Hostname :%1", retmap);
- if (retmap["exit"]:0 != 0
- && CaMgm::prop_selection == `def
- && (!CaMgm::prop_server_commonNameChanged
- || !CaMgm::prop_emailChanged
- || force_reset))
- {
- ret = add( ret, "warning", _("Cannot evaluate the name of the local machine. Change the values of Server Name and E-Mail."));
- ret = add( ret, "warning_level", `blocker );
- }
-
- string longhostname = strip(retmap["stdout"]:"linux.site");
- if(size(longhostname) <= 0)
- {
- longhostname = "linux.site";
- }
- string hostname = ((list<string>) splitstring (longhostname, "."))[0]:"";
- string domain = substring (longhostname, findfirstof(longhostname,".")+1);
-
- if (size (domain) <= 0)
- {
- domain = longhostname;
- }
-
- if (!CaMgm::prop_ca_commonNameChanged)
- {
- CaMgm::prop_ca_commonName = "YaST Default CA (" + hostname + ")";
- }
- if (!CaMgm::prop_server_commonNameChanged)
- {
- CaMgm::prop_server_commonName = longhostname;
- }
- if (!CaMgm::prop_CANameChanged)
- {
- CaMgm::prop_CAName = "YaST_Default_CA";
- }
- if (!CaMgm::prop_countryChanged)
- {
- CaMgm::prop_country = Timezone::GetCountryForTimezone("");
- }
- if (!CaMgm::prop_passwordChanged)
- {
- CaMgm::prop_password = Users::GetRootPassword();
- }
- if (!CaMgm::prop_emailChanged)
- {
- CaMgm::prop_email = "postmaster@" + domain;
- }
-
- if(ret["warning"]:"" != "")
- {
- return ret;
- }
-
- if (force_reset)
- {
- y2milestone("FORCE RESET");
- if (CaMgm::prop_settingsWritten)
- {
- if( !Popup::YesNo(_("CA Management") + "\n" +
- _("Settings have already been written.") + "\n" +
- _("Delete the old settings?")))
- {
- ret = $[ "workflow_sequence" : `auto ];
- }
- else
- {
- YaPI::CaManagement::DeleteCA ($[ "caName":CaMgm::currentCA,
- "caPasswd":getPassword(CaMgm::currentCA),
- "force": true]);
- CaMgm::prop_settingsWritten = false;
- }
- }
- else
- {
- CaMgm::prop_selection = `def;
- CaMgm::prop_ca_commonName = "YaST Default CA (" + hostname + ")";
- CaMgm::prop_CAName = "YaST_Default_CA";
- CaMgm::prop_country = Timezone::GetCountryForTimezone("");
- CaMgm::prop_password = Users::GetRootPassword();
- CaMgm::prop_email = "postmaster@" + domain;
- CaMgm::prop_server_commonName = longhostname;
- }
- }
-
- if (!check_mail_address(CaMgm::prop_email))
- {
- ret = add( ret, "warning", _("Invalid e-mail format."));
- ret = add( ret, "warning_level", `blocker );
- }
-
- if (CaMgm::prop_selection == `def)
- {
- if (!CaMgm::prop_passwordChanged)
- {
- proposal = HTML::Para(_("Creating default CA and certificate.")
- + HTML::Newline()
- + _("With higher security requirements, you should change the password."));
- }
- else
- {
- proposal = HTML::Para(_("Creating default CA and certificate.")
- + HTML::Newline());
- }
- string passwordString = (string) (CaMgm::prop_passwordChanged ? _("[manually set]") : _("[root password]"));
- proposal = proposal+ HTML::List( [ _("CA Name: ") + CaMgm::prop_CAName,
- _("Common Name: ") + CaMgm::prop_ca_commonName,
- _("Server Name: ") + CaMgm::prop_server_commonName,
- _("Country: ") + CaMgm::prop_country,
- _("Password: ") + passwordString,
- _("E-Mail: ") + CaMgm::prop_email
- ] );
- if ( Users::GetRootPassword() == "" && size(CaMgm::prop_password) == 0)
- {
- ret = add( ret, "warning", _("Unable to retrieve the system root password. Set a CA password to continue."));
- ret = add( ret, "warning_level", `blocker );
- }
- else if ( size(CaMgm::prop_password) < 4)
- {
- ret = add( ret, "warning", _("The root password is too short for use as the password for the certificates.
+ boolean force_reset = param["force_reset"]:false;
+ string proposal = "";
+ string warning = nil;
+ symbol warning_level = nil;
+
+ map retmap = (map) SCR::Execute (.target.bash_output,
+ "/bin/hostname --long",
+ $[] );
+ y2milestone("Hostname :%1", retmap);
+ if (retmap["exit"]:0 != 0
+ && CaMgm::prop_selection == `def
+ && (!CaMgm::prop_server_commonNameChanged
+ || !CaMgm::prop_emailChanged
+ || force_reset))
+ {
+ ret = add( ret, "warning", _("Cannot evaluate the name of the local machine. Change the values of Server Name and E-Mail."));
+ ret = add( ret, "warning_level", `blocker );
+ }
+
+ string longhostname = strip(retmap["stdout"]:"linux.site");
+ if(size(longhostname) <= 0)
+ {
+ longhostname = "linux.site";
+ }
+ string hostname = ((list<string>) splitstring (longhostname, "."))[0]:"";
+ string domain = substring (longhostname, findfirstof(longhostname,".")+1);
+
+ if (size (domain) <= 0)
+ {
+ domain = longhostname;
+ }
+
+ if (!CaMgm::prop_ca_commonNameChanged)
+ {
+ CaMgm::prop_ca_commonName = "YaST Default CA (" + hostname + ")";
+ }
+ if (!CaMgm::prop_server_commonNameChanged)
+ {
+ CaMgm::prop_server_commonName = longhostname;
+ }
+ if (!CaMgm::prop_CANameChanged)
+ {
+ CaMgm::prop_CAName = "YaST_Default_CA";
+ }
+ if (!CaMgm::prop_countryChanged)
+ {
+ CaMgm::prop_country = Timezone::GetCountryForTimezone("");
+ }
+ if (!CaMgm::prop_passwordChanged)
+ {
+ CaMgm::prop_password = Users::GetRootPassword();
+ }
+ if (!CaMgm::prop_emailChanged)
+ {
+ CaMgm::prop_email = "postmaster@" + domain;
+ }
+
+ if(ret["warning"]:"" != "")
+ {
+ return ret;
+ }
+
+
+ // new handling of force reset because of (#238754)
+ if (force_reset)
+ {
+ y2milestone("FORCE RESET");
+ if (CaMgm::prop_settingsWritten)
+ {
+ if( !Popup::YesNo(_("CA Management") + "\n" +
+ _("Settings have already been written.") + "\n" +
+ _("Delete the old settings?")))
+ {
+ ret = $[ "workflow_sequence" : `auto ];
+ }
+ else
+ {
+ YaPI::CaManagement::DeleteCA ($[ "caName":CaMgm::currentCA,
+ "caPasswd":getPassword(CaMgm::currentCA),
+ "force": true]);
+ CaMgm::prop_settingsWritten = false;
+ }
+ }
+ else
+ {
+ CaMgm::prop_selection = `def;
+ CaMgm::prop_ca_commonName = "YaST Default CA (" + hostname + ")";
+ CaMgm::prop_CAName = "YaST_Default_CA";
+ CaMgm::prop_country = Timezone::GetCountryForTimezone("");
+ CaMgm::prop_password = Users::GetRootPassword();
+ CaMgm::prop_email = "postmaster@" + domain;
+ CaMgm::prop_server_commonName = longhostname;
+ }
+ }
+ else // NO FORCE RESET
+ { // Try to read default Root CA and ask if it should be reused or deleted
+ map defaultRootCA = nil;
+ defaultRootCA = (map) YaPI::CaManagement::ReadFile( $["inFile":"/var/lib/CAM/" + CaMgm::prop_CAName + "/cacert.pem",
+ "type":"parsed",
+ "datatype":"CERTIFICATE",
+ "inForm":"PEM"
+ ]);
+ CaMgm::prop_settingsWritten = defaultRootCA != nil ? true:false;
+
+
+ if (CaMgm::prop_settingsWritten)
+ {
+ if( !Popup::YesNo(_("CA Management") + "\n" +
+ _("Settings have already been written.") + "\n" +
+ _("Delete the old settings?")))
+ {
+ // read the details directly from the server certificate
+ map defaultServerCert = (map) YaPI::CaManagement::ReadFile( $[
+ "inFile":"/etc/ssl/servercerts/servercert.pem",
+ "type":"parsed",
+ "datatype":"CERTIFICATE",
+ "inForm":"PEM" ]);
+
+ map defaultServerCertIssuer = defaultServerCert["ISSUER_HASH"]:$[];
+ // CaMgm::prop_selection = `def;
+ CaMgm::prop_ca_commonName = ((list)defaultServerCertIssuer["CN"]:[])[0]:"";
+ CaMgm::prop_country = ((list)defaultServerCertIssuer["C"]:[])[0]:"";
+ CaMgm::prop_email = ((list)defaultServerCertIssuer["emailAddress"]:[])[0]:"";
+ CaMgm::prop_CAName = CaMgm::prop_CAName;
+ CaMgm::prop_password = Users::GetRootPassword();
+
+
+ map defaultSCmap = defaultServerCert["DN_HASH"]:$[];
+
+ CaMgm::prop_server_commonName = ((list)defaultSCmap["CN"]:[])[0]:"";
+
+
+ ret = $[ "workflow_sequence" : `auto ];
+ }
+ else
+ { // delete the default Root CA manually because the root PW may be different in a repeated run of second-Stage
+ SCR::Execute(.target.bash, sformat(" rm -rf /var/lib/CAM/%1 ", CaMgm::prop_CAName ));
+ CaMgm::prop_settingsWritten = false;
+ }
+ }
+ }
+
+ if (!check_mail_address(CaMgm::prop_email))
+ {
+ ret = add( ret, "warning", _("Invalid e-mail format."));
+ ret = add( ret, "warning_level", `blocker );
+ }
+
+ if (CaMgm::prop_selection == `def)
+ {
+
+ if ( Users::GetRootPassword() == "" && size(CaMgm::prop_password) == 0)
+ {
+
+ UI::OpenDialog (`opt(`decorated ),
+ `HBox(`VSpacing(10),
+ `VBox (
+ `Label("Unable to retrieve the system root password. Set a CA password to continue."),
+ `HSpacing(10),
+ `Password(`id(`pw1), _("&Password:"), ""),
+ `Password(`id(`pw2), _("Co&nfirm Password"), ""),
+ `HSpacing(10),
+ `HBox(`PushButton (`id(`cancel), `opt(`key_F9), Label::CancelButton()),
+ `HStretch(),
+ `PushButton (`id(`ok), `opt(`default, `key_F10), Label::OKButton())
+ )
+ ),
+ `VSpacing(10)
+ )
+ );
+ UI::SetFocus (`id(`ok));
+ while (true)
+ {
+ any rt = UI::UserInput();
+ if (rt == `ok)
+ {
+ string pw1 = (string) UI::QueryWidget(`id(`pw1), `Value);
+ string pw2 = (string) UI::QueryWidget(`id(`pw2), `Value);
+ if(pw1 != pw2)
+ {
+ Popup::Error( _("New passwords do not match.") );
+ continue;
+ }
+ if ( size(pw1) < 4)
+ {
+ Popup::Error(_("The password is too short for use as the password for the certificates.
Enter a valid password for the certificates or disable certificate creation.
"));
- ret = add( ret, "warning_level", `blocker );
- }
- }
- else if (CaMgm::prop_selection == `none)
- {
- proposal = HTML::Para(_("Not creating a CA and certificate."));
- }
- else if (CaMgm::prop_selection == `disk)
- {
- proposal = HTML::Para(_("Importing a CA and certificate from file"));
- }
-
- ret = add (ret, "preformatted_proposal", proposal);
- if ( ((list<string>) splitstring (CaMgm::prop_server_commonName, "."))[0]:"" == "linux")
- {
- ret = add (ret, "warning" ,
- _("<p>Is the default hostname <b>linux</b> really unique? The certificate is only valid if the hostname is correct.</p>"));
- }
+ continue;
+ }
+ CaMgm::prop_password = pw1;
+ CaMgm::prop_passwordChanged = true;
+ break;
+ }
+ else if (rt == `cancel)
+ {
+ ret = add( ret, "warning", _("Unable to retrieve the system root password. Set a CA password to continue."));
+ ret = add( ret, "warning_level", `blocker );
+ break;
+ }
+ }
+
+ UI::CloseDialog ();
+ }
+
+ if (!CaMgm::prop_passwordChanged)
+ {
+ proposal = HTML::Para(_("Creating default CA and certificate.")
+ + HTML::Newline()
+ + _("With higher security requirements, you should change the password."));
+ }
+ else
+ {
+ proposal = HTML::Para(_("Creating default CA and certificate.")
+ + HTML::Newline());
+ }
+
+ string passwordString = (string) (CaMgm::prop_passwordChanged ? _("[manually set]") : _("[root password]"));
+ proposal = proposal+ HTML::List( [ _("CA Name: ") + CaMgm::prop_CAName,
+ _("Common Name: ") + CaMgm::prop_ca_commonName,
+ _("Server Name: ") + CaMgm::prop_server_commonName,
+ _("Country: ") + CaMgm::prop_country,
+ _("Password: ") + passwordString,
+ _("E-Mail: ") + CaMgm::prop_email
+ ] );
+
+
+ if ( size(CaMgm::prop_password) < 4)
+ {
+ ret = add( ret, "warning", _("The root password is too short for use as the password for the certificates.
+ Enter a valid password for the certificates or disable certificate creation.
+"));
+ ret = add( ret, "warning_level", `blocker );
+ }
+ }
+ else if (CaMgm::prop_selection == `none)
+ {
+ proposal = HTML::Para(_("Not creating a CA and certificate."));
+ }
+ else if (CaMgm::prop_selection == `disk)
+ {
+ proposal = HTML::Para(_("Importing a CA and certificate from file"));
+ }
+
+ ret = add (ret, "preformatted_proposal", proposal);
+ if ( ((list<string>) splitstring (CaMgm::prop_server_commonName, "."))[0]:"" == "linux")
+ {
+ ret = add (ret, "warning" ,
+ _("<p>Is the default hostname <b>linux</b> really unique? The certificate is only valid if the hostname is correct.</p>"));
+ }
}
else if (func == "AskUser")
{
- any sequence = WFM::CallFunction ( "ca_select_proposal", [] );
- if (CaMgm::prop_settingsWritten)
- {
- if( !Popup::YesNo(_("CA Management") + "\n" +
- _("Settings have already been written.") + "\n" +
- _("Delete the old settings?")))
- {
- ret = $[ "workflow_sequence" : `auto ];
- }
- else
- {
- YaPI::CaManagement::DeleteCA ($[ "caName":CaMgm::currentCA,
- "caPasswd":getPassword(CaMgm::currentCA),
- "force": true]);
- CaMgm::prop_settingsWritten = false;
- }
- }
+ any sequence = WFM::CallFunction ( "ca_select_proposal", [] );
+ if (CaMgm::prop_settingsWritten)
+ {
+ if( !Popup::YesNo(_("CA Management") + "\n" +
+ _("Settings have already been written.") + "\n" +
+ _("Delete the old settings?")))
+ {
+ ret = $[ "workflow_sequence" : `auto ];
+ }
+ else
+ {
+ YaPI::CaManagement::DeleteCA ($["caName":CaMgm::currentCA,
+ "caPasswd":getPassword(CaMgm::currentCA),
+ "force": true]);
+ CaMgm::prop_settingsWritten = false;
+ }
+ }
}
else if (func == "Description")
{
- // richtext label
- ret = $[ "rich_text_title" : _("CA Management"),
- // menu title
- "menu_title" : _("&CA Management"),
- "id" : "ca_mgm",
- ];
+ // richtext label
+ ret = $[ "rich_text_title" : _("CA Management"),
+ // menu title
+ "menu_title" : _("&CA Management"),
+ "id" : "ca_mgm",
+ ];
}
else if (func == "Write")
{
- boolean success = true;
-
- if (!CaMgm::prop_settingsWritten)
- {
- if (CaMgm::prop_selection == `def)
- {
- success = create_default_CA_certificate();
- }
- else if (CaMgm::prop_selection == `disk)
- {
- success = importCertificateFromDisk ();
- }
- if( success ) {
- CaMgm::prop_settingsWritten = true;
- }
- }
-
+ boolean success = true;
+
+ if (!CaMgm::prop_settingsWritten)
+ {
+ if (CaMgm::prop_selection == `def)
+ {
+ success = create_default_CA_certificate();
+ }
+ else if (CaMgm::prop_selection == `disk)
+ {
+ success = importCertificateFromDisk ();
+ }
+ if( success )
+ {
+ CaMgm::prop_settingsWritten = true;
+ }
+ }
+
ret = $[ "success" : success ];
}
return ret;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ca-management-2.16.2/src/util.ycp new/yast2-ca-management-2.16.3/src/util.ycp
--- old/yast2-ca-management-2.16.2/src/util.ycp 2007-10-12 17:57:49.000000000 +0200
+++ new/yast2-ca-management-2.16.3/src/util.ycp 2007-11-06 15:03:21.000000000 +0100
@@ -4,7 +4,7 @@
* Summary: Util definitions
* Authors: Stefan Schubert (schubi@suse.de)
*
- * $Id: util.ycp 41414 2007-10-12 15:57:49Z mcalmer $
+ * $Id: util.ycp 41818 2007-11-06 14:03:20Z mcalmer $
*/
{
@@ -1318,6 +1318,7 @@
)
)
),
+ `Password( `id (`passKey), _("&Key Password")),
`VSpacing (1),
`HBox ( // push button label
`PushButton (`id(`ok), `opt(`default, `key_F10), Label::OKButton()),
@@ -1364,17 +1365,28 @@
string caCertificate = (string) UI::QueryWidget(`id(`pathCert), `Value);
string caKey = (string) UI::QueryWidget(`id(`pathKey), `Value);
+ string caPasswd = (string) UI::QueryWidget(`id(`passKey), `Value);
string caName = (string) UI::QueryWidget(`id(`caName), `Value);
if (size (caCertificate) == 0)
{
+ // Error popup
Popup::Error(_("Path to certificate file required."));
ret = `again;
} else if (size (caKey) == 0)
{
+ // Error popup
Popup::Error(_("Path of the private key required."));
ret = `again;
- } else if (size (caName) == 0)
+ }
+ else if (size (caPasswd) == 0)
+ {
+ // Error popup
+ Popup::Error(_("Key Password is required. \nIt must be the password for the encrypted key or a new one in case of a not encrypted key."));
+ ret = `again;
+ }
+ else if (size (caName) == 0)
{
+ // Error popup
Popup::Error(_("CA name required."));
ret = `again;
}
@@ -1385,37 +1397,26 @@
UI::OpenDialog(`VBox(`Label(_("Importing request..."))));
boolean yapiret = (boolean) YaPI::CaManagement::ImportCA ($["caName" : caName,
- "caCertificate" : caCertificate,
- "caKey" : caKey]);
- y2milestone ("ImportRequest(%1,%2,%3) return %4",
+ "caCertificate" : caCertificate,
+ "caKey" : caKey,
+ "caPasswd" : caPasswd
+ ]);
+ y2milestone ("ImportRequest(%1,%2,%3, <passwd>) return %4",
caName,
caCertificate,
caKey,
yapiret);
- if (!yapiret)
- {
- // Checking if password required only
- map messageMap = YaPI::Error();
- if (messageMap["code"]:"" == "PASSWD_REQUIRED")
- {
- yapiret = (boolean) YaPI::CaManagement::ImportCA ($["caName" : caName,
- "caCertificate" : caCertificate,
- "caKey" : caKey,
- "caPasswd" : getPassword(caName)
- ]);
-
- }
- }
if (yapiret == nil)
{
- showErrorCaManagement ();
- ret = `again;
+ showErrorCaManagement ();
+ ret = `again;
}
else
{
- Popup::Message(_("Request has been imported."));
- success = true;
- }
+ // Error popup
+ Popup::Message(_("CA has been imported."));
+ success = true;
+ }
UI::CloseDialog ();
}
}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ca-management-2.16.2/src/YaPI/CaManagement.pm new/yast2-ca-management-2.16.3/src/YaPI/CaManagement.pm
--- old/yast2-ca-management-2.16.2/src/YaPI/CaManagement.pm 2007-10-12 17:56:09.000000000 +0200
+++ new/yast2-ca-management-2.16.3/src/YaPI/CaManagement.pm 2007-11-06 15:03:20.000000000 +0100
@@ -1,7 +1,7 @@
###############################################################
# Copyright 2004,2005 Novell, Inc. All rights reserved.
#
-# $Id: CaManagement.pm 41412 2007-10-12 15:56:09Z mcalmer $
+# $Id: CaManagement.pm 41818 2007-11-06 14:03:20Z mcalmer $
###############################################################
package YaPI::CaManagement;
@@ -6693,7 +6693,7 @@
* caKey (required - path to private key in PEM format)
-* caPasswd (required, if the private key is unencrypted)
+* caPasswd (required; password of the private key or a new password if the key is unencrypted)
The return value is "undef" on an error and "1" on success.
@@ -6702,7 +6702,8 @@
my $data = {
caName => 'My_CA',
caCertificate => /path/to/cacert.pem,
- caKey => /path/to/cacert.key
+ caKey => /path/to/cacert.key,
+ caPasswd => "secret"
};
my $res = YaPI::CaManagement->ImportCA($data);
@@ -6750,23 +6751,24 @@
code => "FILE_DOES_NOT_EXIST");
}
+ if (!exists $data->{caPasswd} || !defined $data->{"caPasswd"} ) {
+ return $self->SetError( summary => __("Missing value 'caPasswd'."),
+ code => "CHECK_PARAM_FAILED");
+ }
+
eval {
my $cert = LIMAL::CaMgm::LocalManagement::readFile($data->{caCertificate});
my $key = LIMAL::CaMgm::LocalManagement::readFile($data->{caKey});
- if(!exists $data->{caPasswd} || !defined $data->{caPasswd}) {
- $data->{caPasswd} = "";
- }
-
- if( defined $data->{'repository'}) {
-
+ if( defined $data->{'repository'})
+ {
LIMAL::CaMgm::CA::importCA($caName, $cert, $key,
$data->{caPasswd},
$data->{"repository"});
-
- } else {
-
+ }
+ else
+ {
LIMAL::CaMgm::CA::importCA($caName, $cert, $key,
$data->{caPasswd});
}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ca-management-2.16.2/VERSION new/yast2-ca-management-2.16.3/VERSION
--- old/yast2-ca-management-2.16.2/VERSION 2007-10-29 16:13:24.000000000 +0100
+++ new/yast2-ca-management-2.16.3/VERSION 2007-11-06 14:49:29.000000000 +0100
@@ -1 +1 @@
-2.16.2
+2.16.3
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org