Author: jdsn Date: Tue Apr 1 21:04:20 2008 New Revision: 45941 URL: http://svn.opensuse.org/viewcvs/yast?rev=45941&view=rev Log: rename bootparameters for custom registration server (bnc#376000) do not prompt for SMT certificate in running system (bnc#375993) proper pluralization in AutYaST summary (bnc#184893) version 2.13.20 Modified: branches/SuSE-SLE-10-SP2-Branch/registration/VERSION branches/SuSE-SLE-10-SP2-Branch/registration/package/yast2-registration.changes branches/SuSE-SLE-10-SP2-Branch/registration/src/clients/suse_register_auto.ycp branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Register.ycp Modified: branches/SuSE-SLE-10-SP2-Branch/registration/VERSION URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP2-Branch/registration/VERSION?rev=45941&r1=45940&r2=45941&view=diff ============================================================================== --- branches/SuSE-SLE-10-SP2-Branch/registration/VERSION (original) +++ branches/SuSE-SLE-10-SP2-Branch/registration/VERSION Tue Apr 1 21:04:20 2008 @@ -1 +1 @@ -2.13.19 +2.13.20 Modified: branches/SuSE-SLE-10-SP2-Branch/registration/package/yast2-registration.changes URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP2-Branch/registration/package/yast2-registration.changes?rev=45941&r1=45940&r2=45941&view=diff ============================================================================== --- branches/SuSE-SLE-10-SP2-Branch/registration/package/yast2-registration.changes (original) +++ branches/SuSE-SLE-10-SP2-Branch/registration/package/yast2-registration.changes Tue Apr 1 21:04:20 2008 @@ -1,4 +1,12 @@ ------------------------------------------------------------------- +Tue Apr 1 20:03:12 CEST 2008 - jdsn@suse.de + +- rename bootparameters for custom registration server (bnc#376000) +- do not prompt for SMT certificate in running system (bnc#375993) +- proper pluralization in AutYaST summary (bnc#184893) +- 2.13.20 + +------------------------------------------------------------------- Wed Mar 12 16:22:54 CET 2008 - jdsn@suse.de - fix for textmode registration with w3m (bnc#367719) Modified: branches/SuSE-SLE-10-SP2-Branch/registration/src/clients/suse_register_auto.ycp URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP2-Branch/registration/src/clients/suse_register_auto.ycp?rev=45941&r1=45940&r2=45941&view=diff ============================================================================== --- branches/SuSE-SLE-10-SP2-Branch/registration/src/clients/suse_register_auto.ycp (original) +++ branches/SuSE-SLE-10-SP2-Branch/registration/src/clients/suse_register_auto.ycp Tue Apr 1 21:04:20 2008 @@ -66,8 +66,10 @@ summary = Summary::AddLine (summary, Register::do_registration ? _("Run during autoinstallation"):_("Do not run during autoinstallation")); integer items_count = size (Register::registration_data); + // (bnc#184893) - fix is not 100% correct for every language, but will not break the translation // Translators: Sentence-like text for singular and plural (incl. zero) of items - string items_msg = items_count == 1 ? _("1 item of registration data"):sformat(_("%1 items of registration data"), items_count); + string items_msg = _("1 item of registration data", "%1 items of registration data", items_count); + items_msg = sformat(items_msg, items_count); if ( Register::do_registration ) { Modified: branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Register.ycp URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Register.ycp?rev=45941&r1=45940&r2=45941&view=diff ============================================================================== --- branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Register.ycp (original) +++ branches/SuSE-SLE-10-SP2-Branch/registration/src/modules/Register.ycp Tue Apr 1 21:04:20 2008 @@ -243,6 +243,9 @@ ay = true; } + string smtpemPath = "/etc/ssl/certs"; + string smtpemFile = smtpemPath + "/smt.pem"; + // check if smt_server is a valid url map smt_server_parsed = URL::Parse(smt_server); if (smt_server_parsed == $[] || smt_server_parsed["host"]:"" == "" || smt_server_parsed["scheme"]:"" != "https" ) @@ -290,6 +293,15 @@ string certTmpFile = sformat("%1/__tmpSMTcert.crt", SCR::Read(.target.tmpdir)); + // check for existing certificate (bnc#376000) + integer certExists = nil; + certExists = (integer) SCR::Execute(.target.bash, sformat("[ -f %1 ]", smtpemFile)); + if (certmode != `url && certExists == 0) + { + // do nothing to refetch the certificate if manual interaction is necessary + y2milestone("Existing SMT certificate found and keeping it. To renew the SMT certificate please assign a URL as value to the key 'regcert' in /var/lib/YaST2/install.inf"); + return `ok; + } if ( certmode == `url ) { @@ -310,8 +322,15 @@ // download cert string curlcmd = sformat("curl -f --connect-timeout 60 --max-time 120 '%1' -o %2", smt_server_cert, certTmpFile); - if ( SCR::Execute (.target.bash, curlcmd) != 0) + if ( SCR::Execute(.target.bash, curlcmd) != 0) { + if (certExists == 0) + { + // do nothing to refetch the certificate if manual interaction is necessary + y2milestone("Could not download the current SMT certificate but existing certificate found and keeping it. To renew the SMT certificate please make sure it is available on the registration server."); + return `ok; + } + y2error("Could not download the SMT certificate file from specified URL %1", smt_server_cert); if (ay) return `conferror; @@ -359,7 +378,7 @@ { string fdpath = regexpsub( smt_server_cert , "^floppy/(.+)$","\\1"); string cp2tmp = sformat("/bin/cp -a %1 %2 ", mf["mpoint"]:"/media/floppy" + "/" + fdpath, certTmpFile ); - if ( SCR::Execute (.target.bash, cp2tmp) != 0) + if ( SCR::Execute(.target.bash, cp2tmp) != 0) { y2error("Could not copy the specified SMT certificate file from floppy disk."); if (ay) return `silentskip; @@ -491,6 +510,18 @@ map cP = RegisterCert::parseCertificate(certTmpFile); y2milestone("SMT certificate file information: %1", cP); + // compare with existing certificate (bnc#376000) + if (certExists == 0) + { + map orig_cP = RegisterCert::parseCertificate(smtpemFile); + if (orig_cP["FINGERPRINT"]:"foo" == cP["FINGERPRINT"]:"bar" ) + { + // return `ok if fingerprints match - no need to ask again + y2milestone("Current SMT certificate is up to date and will be kept."); + return `ok; + } + } + string trustQuestion = _("Do you want to trust this certificate?"); string trustMessage = _("This certificate will be used to connect to the SMT server.\nYou have to trust this certificate in order to continue with the Registration."); @@ -544,7 +575,7 @@ if ((symbol)uret == `trust) { - string installCert = sformat("cp -a %1 /etc/ssl/certs/smt.pem && c_rehash /etc/ssl/certs", certTmpFile); + string installCert = sformat("cp -a %1 %2 && c_rehash %3", certTmpFile, smtpemFile, smtpemPath); string installCertZMD = sformat("[ -d /etc/zmd/trusted-certs ] && cp -a %1 /etc/zmd/trusted-certs/smt.cer", certTmpFile); integer instret = (integer) SCR::Execute(.target.bash, installCert); @@ -592,18 +623,22 @@ */ global symbol configureRegistrationServer() { - smt_server = Linuxrc::InstallInf("smturl"); - smt_server_cert = Linuxrc::InstallInf("smtcert"); - - y2milestone("SMT config - smturl: %1", smt_server); - y2milestone("SMT config - smtcert: %1", smt_server_cert); + // boot parameters have a generic naming (regurl) - internally keeping smt for variable names + smt_server = Linuxrc::InstallInf("regurl"); + smt_server_cert = Linuxrc::InstallInf("regcert"); + + y2milestone("SMT config - regurl: %1", smt_server); + y2milestone("SMT config - regcert: %1", smt_server_cert); + +/* regurl=https:/smt.mybigcompany.com/center/regsvc/ + regcert=ask open FileDialog + regcert=done Cert already insalled - do nothing + regcert=http:/certpool.mybigcompany.com/smt/smt.crt download from there + regcert=floppy/path/to/file.crt + regcert=/path/to/local/file.crt copy from there -/* smturl=https:/smt.mybigcompany.com/center/regsvc/ - smtcert=ask open FileDialog - smtcert=done Cert already insalled - do nothing - smtcert=http:/certpool.mybigcompany.com/smt/smt.crt download from there - smtcert=floppy/path/to/file.crt - smtcert=/path/to/local/file.crt copy from there + the old parameters 'smturl' and 'smtcert' are supported as well + but their values will be written to 'regurl' and 'regcert' */ // setup the smt_server settings -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org