[yast-commit] r45941 - in /branches/SuSE-SLE-10-SP2-Branch/registration: VERSION package/yast2-registration.changes src/clients/suse_register_auto.ycp src/modules/Register.ycp

1 Apr 2008

Author: jdsn
Date: Tue Apr  1 21:04:20 2008
New Revision: 45941

URL: http://svn.opensuse.org/viewcvs/yast?rev=45941&view=rev
Log:
rename bootparameters for custom registration server (bnc#376000)
do not prompt for SMT certificate in running system (bnc#375993)
proper pluralization in AutYaST summary (bnc#184893)
version 2.13.20

Modified:
    branches/SuSE-SLE-10-SP2-Branch/registration/VERSION
    branches/SuSE-SLE-10-SP2-Branch/registration/package/yast2-registration.changes
    branches/SuSE-SLE-10-SP2-Branch/registration/src/clients/suse_register_auto.ycp
    branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Register.ycp

Modified: branches/SuSE-SLE-10-SP2-Branch/registration/VERSION
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP2-Branch/registration/VERSION?rev=45941&r1=45940&r2=45941&view=diff
==============================================================================

--- branches/SuSE-SLE-10-SP2-Branch/registration/VERSION (original)
+++ branches/SuSE-SLE-10-SP2-Branch/registration/VERSION Tue Apr  1 21:04:20 2008
@@ -1 +1 @@
-2.13.19
+2.13.20

Modified: branches/SuSE-SLE-10-SP2-Branch/registration/package/yast2-registration.changes
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP2-Branch/registration/package/yast2-registration.changes?rev=45941&r1=45940&r2=45941&view=diff
==============================================================================
--- branches/SuSE-SLE-10-SP2-Branch/registration/package/yast2-registration.changes (original)
+++ branches/SuSE-SLE-10-SP2-Branch/registration/package/yast2-registration.changes Tue Apr  1 21:04:20 2008
@@ -1,4 +1,12 @@
 -------------------------------------------------------------------
+Tue Apr  1 20:03:12 CEST 2008 - jdsn@suse.de
+
+- rename bootparameters for custom registration server (bnc#376000)
+- do not prompt for SMT certificate in running system (bnc#375993)
+- proper pluralization in AutYaST summary (bnc#184893)
+- 2.13.20 
+
+-------------------------------------------------------------------
 Wed Mar 12 16:22:54 CET 2008 - jdsn@suse.de
 
 - fix for textmode registration with w3m (bnc#367719)

Modified: branches/SuSE-SLE-10-SP2-Branch/registration/src/clients/suse_register_auto.ycp
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP2-Branch/registration/src/clients/suse_register_auto.ycp?rev=45941&r1=45940&r2=45941&view=diff
==============================================================================
--- branches/SuSE-SLE-10-SP2-Branch/registration/src/clients/suse_register_auto.ycp (original)
+++ branches/SuSE-SLE-10-SP2-Branch/registration/src/clients/suse_register_auto.ycp Tue Apr  1 21:04:20 2008
@@ -66,8 +66,10 @@
     summary = Summary::AddLine   (summary, Register::do_registration ? _("Run during autoinstallation"):_("Do not run during autoinstallation"));
 
     integer items_count = size (Register::registration_data);
+    // (bnc#184893) - fix is not 100% correct for every language, but will not break the translation
     // Translators: Sentence-like text for singular and plural (incl. zero) of items
-    string  items_msg   = items_count == 1  ? _("1 item of registration data"):sformat(_("%1 items of registration data"), items_count);
+    string  items_msg   = _("1 item of registration data", "%1 items of registration data", items_count);
+    items_msg = sformat(items_msg, items_count);
 
     if ( Register::do_registration )
     {

Modified: branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Register.ycp
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Register.ycp?rev=45941&r1=45940&r2=45941&view=diff
==============================================================================
--- branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Register.ycp (original)
+++ branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Register.ycp Tue Apr  1 21:04:20 2008
@@ -243,6 +243,9 @@
         ay = true;
     }
 
+    string smtpemPath = "/etc/ssl/certs";
+    string smtpemFile = smtpemPath + "/smt.pem";
+
     // check if smt_server is a valid url
     map smt_server_parsed = URL::Parse(smt_server);
     if (smt_server_parsed == $[]  ||  smt_server_parsed["host"]:"" == ""  ||  smt_server_parsed["scheme"]:"" != "https" )
@@ -290,6 +293,15 @@
 
     string certTmpFile = sformat("%1/__tmpSMTcert.crt", SCR::Read(.target.tmpdir));
 
+    // check for existing certificate (bnc#376000)
+    integer certExists = nil;
+    certExists = (integer) SCR::Execute(.target.bash, sformat("[ -f  %1 ]", smtpemFile));
+    if (certmode != `url  &&  certExists == 0)
+    {
+        // do nothing to refetch the certificate if manual interaction is necessary
+        y2milestone("Existing SMT certificate found and keeping it. To renew the SMT certificate please assign a URL as value to the key 'regcert' in /var/lib/YaST2/install.inf");
+        return `ok;
+    }
 
     if ( certmode == `url )
     {
@@ -310,8 +322,15 @@
 
         // download cert
         string curlcmd = sformat("curl -f --connect-timeout 60  --max-time 120  '%1'   -o  %2", smt_server_cert, certTmpFile);
-        if ( SCR::Execute (.target.bash, curlcmd) != 0)
+        if ( SCR::Execute(.target.bash, curlcmd) != 0)
         {
+            if (certExists == 0)
+            {
+                // do nothing to refetch the certificate if manual interaction is necessary
+                y2milestone("Could not download the current SMT certificate but existing certificate found and keeping it. To renew the SMT certificate please make sure it is available on the registration server.");
+                return `ok;
+            }
+
             y2error("Could not download the SMT certificate file from specified URL %1", smt_server_cert);
             if (ay) return `conferror;
 
@@ -359,7 +378,7 @@
         {
             string fdpath = regexpsub( smt_server_cert , "^floppy/(.+)$","\\1");
             string cp2tmp = sformat("/bin/cp -a  %1  %2 ", mf["mpoint"]:"/media/floppy" + "/" + fdpath, certTmpFile  );
-            if ( SCR::Execute (.target.bash, cp2tmp) != 0)
+            if ( SCR::Execute(.target.bash, cp2tmp) != 0)
             {
                 y2error("Could not copy the specified SMT certificate file from floppy disk.");
                 if (ay) return `silentskip;
@@ -491,6 +510,18 @@
     map cP = RegisterCert::parseCertificate(certTmpFile);
     y2milestone("SMT certificate file information: %1", cP);
 
+    // compare with existing certificate (bnc#376000)
+    if (certExists == 0)
+    {
+        map orig_cP = RegisterCert::parseCertificate(smtpemFile);
+        if (orig_cP["FINGERPRINT"]:"foo" == cP["FINGERPRINT"]:"bar" )
+        {
+            // return `ok if fingerprints match - no need to ask again
+            y2milestone("Current SMT certificate is up to date and will be kept.");
+            return `ok;
+        }
+    }
+
     string trustQuestion = _("Do you want to trust this certificate?");
     string trustMessage  = _("This certificate will be used to connect to the SMT server.\nYou have to trust this certificate in order to continue with the Registration.");
 
@@ -544,7 +575,7 @@
 
     if ((symbol)uret == `trust)
     {
-        string installCert    = sformat("cp -a  %1  /etc/ssl/certs/smt.pem  &&  c_rehash /etc/ssl/certs", certTmpFile);
+        string installCert    = sformat("cp -a  %1  %2  &&  c_rehash %3", certTmpFile, smtpemFile, smtpemPath);
         string installCertZMD = sformat("[ -d /etc/zmd/trusted-certs ] &&  cp -a  %1  /etc/zmd/trusted-certs/smt.cer", certTmpFile);
 
         integer instret    = (integer) SCR::Execute(.target.bash, installCert);
@@ -592,18 +623,22 @@
  */
 global symbol configureRegistrationServer()
 {
-    smt_server = Linuxrc::InstallInf("smturl");
-    smt_server_cert = Linuxrc::InstallInf("smtcert");
-
-    y2milestone("SMT config - smturl:  %1", smt_server);
-    y2milestone("SMT config - smtcert: %1", smt_server_cert);
+    // boot parameters have a generic naming (regurl) - internally keeping smt for variable names
+    smt_server = Linuxrc::InstallInf("regurl");
+    smt_server_cert = Linuxrc::InstallInf("regcert");
+
+    y2milestone("SMT config - regurl:  %1", smt_server);
+    y2milestone("SMT config - regcert: %1", smt_server_cert);
+
+/*  regurl=https:/smt.mybigcompany.com/center/regsvc/
+    regcert=ask      open FileDialog
+    regcert=done     Cert already insalled - do nothing
+    regcert=http:/certpool.mybigcompany.com/smt/smt.crt     download from there
+    regcert=floppy/path/to/file.crt
+    regcert=/path/to/local/file.crt   copy from there
 
-/*  smturl=https:/smt.mybigcompany.com/center/regsvc/
-    smtcert=ask      open FileDialog
-    smtcert=done     Cert already insalled - do nothing
-    smtcert=http:/certpool.mybigcompany.com/smt/smt.crt     download from there
-    smtcert=floppy/path/to/file.crt
-    smtcert=/path/to/local/file.crt   copy from there
+    the old parameters 'smturl' and 'smtcert' are supported as well
+      but their values will be written to 'regurl' and 'regcert'
 */
 
     // setup the smt_server settings

-- 
To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org
For additional commands, e-mail: yast-commit+help@opensuse.org

    

[yast-commit] r45941 - in /branches/SuSE-SLE-10-SP2-Branch/registration: VERSION package/yast2-registration.changes src/clients/suse_register_auto.ycp src/modules/Register.ycp

jdsn＠svn.opensuse.org