[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Pki-devel] [PATCH] remove inaccessible URLs from server.xml



Please review the following patch which addresses:

It has been tested by:

  • creating a new instance
  • upgrading RPMS which successfully fixed a running instance (verified the upgrade script)
From bd5b8c0e1fc82d166b8a3ba89e159ede1c3a6019 Mon Sep 17 00:00:00 2001
From: Matthew Harmsen <mharmsen redhat com>
Date: Sat, 11 Jul 2015 10:46:34 -0600
Subject: [PATCH] remove inaccessible URLs from server.xml

- PKI TRAC Ticket #1443 - pkidaemon status tomcat list URLs under PKI
  subsystems which are not accessible
---
 base/server/tomcat7/conf/server.xml                |  3 --
 base/server/tomcat8/conf/server.xml                |  3 --
 .../10.2.6/01-RemoveInaccessableURLsFromServerXML  | 40 ++++++++++++++++++++++
 3 files changed, 40 insertions(+), 6 deletions(-)
 create mode 100755 base/server/upgrade/10.2.6/01-RemoveInaccessableURLsFromServerXML

diff --git a/base/server/tomcat7/conf/server.xml b/base/server/tomcat7/conf/server.xml
index 81ed5c4..c52bd5b 100644
--- a/base/server/tomcat7/conf/server.xml
+++ b/base/server/tomcat7/conf/server.xml
@@ -32,7 +32,6 @@ Unsecure URL        = http://[PKI_HOSTNAME]:[PKI_UNSECURE_PORT]/ca/ee/ca
 Secure Agent URL    = https://[PKI_HOSTNAME]:[PKI_AGENT_SECURE_PORT]/ca/agent/ca
 Secure EE URL       = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_PORT]/ca/ee/ca
 Secure Admin URL    = https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/ca/services
-EE Client Auth URL  = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_CLIENT_AUTH_PORT]/ca/eeca/ca
 PKI Console Command = pkiconsole https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/ca
 Tomcat Port         = [TOMCAT_SERVER_PORT] (for shutdown)
 -->
@@ -40,7 +39,6 @@ Tomcat Port         = [TOMCAT_SERVER_PORT] (for shutdown)
 <!--
 Unsecure URL        = http://[PKI_HOSTNAME]:[PKI_UNSECURE_PORT]/kra/ee/kra
 Secure Agent URL    = https://[PKI_HOSTNAME]:[PKI_AGENT_SECURE_PORT]/kra/agent/kra
-Secure EE URL       = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_PORT]/kra/ee/kra
 Secure Admin URL    = https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/kra/services
 PKI Console Command = pkiconsole https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/kra
 Tomcat Port         = [TOMCAT_SERVER_PORT] (for shutdown)
@@ -58,7 +56,6 @@ Tomcat Port         = [TOMCAT_SERVER_PORT] (for shutdown)
 <!--
 Unsecure URL        = http://[PKI_HOSTNAME]:[PKI_UNSECURE_PORT]/tks/ee/tks
 Secure Agent URL    = https://[PKI_HOSTNAME]:[PKI_AGENT_SECURE_PORT]/tks/agent/tks
-Secure EE URL       = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_PORT]/tks/ee/tks
 Secure Admin URL    = https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/tks/services
 PKI Console Command = pkiconsole https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/tks
 Tomcat Port         = [TOMCAT_SERVER_PORT] (for shutdown)
diff --git a/base/server/tomcat8/conf/server.xml b/base/server/tomcat8/conf/server.xml
index 3a6c559..a794760 100644
--- a/base/server/tomcat8/conf/server.xml
+++ b/base/server/tomcat8/conf/server.xml
@@ -32,7 +32,6 @@ Unsecure URL        = http://[PKI_HOSTNAME]:[PKI_UNSECURE_PORT]/ca/ee/ca
 Secure Agent URL    = https://[PKI_HOSTNAME]:[PKI_AGENT_SECURE_PORT]/ca/agent/ca
 Secure EE URL       = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_PORT]/ca/ee/ca
 Secure Admin URL    = https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/ca/services
-EE Client Auth URL  = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_CLIENT_AUTH_PORT]/ca/eeca/ca
 PKI Console Command = pkiconsole https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/ca
 Tomcat Port         = [TOMCAT_SERVER_PORT] (for shutdown)
 -->
@@ -40,7 +39,6 @@ Tomcat Port         = [TOMCAT_SERVER_PORT] (for shutdown)
 <!--
 Unsecure URL        = http://[PKI_HOSTNAME]:[PKI_UNSECURE_PORT]/kra/ee/kra
 Secure Agent URL    = https://[PKI_HOSTNAME]:[PKI_AGENT_SECURE_PORT]/kra/agent/kra
-Secure EE URL       = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_PORT]/kra/ee/kra
 Secure Admin URL    = https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/kra/services
 PKI Console Command = pkiconsole https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/kra
 Tomcat Port         = [TOMCAT_SERVER_PORT] (for shutdown)
@@ -58,7 +56,6 @@ Tomcat Port         = [TOMCAT_SERVER_PORT] (for shutdown)
 <!--
 Unsecure URL        = http://[PKI_HOSTNAME]:[PKI_UNSECURE_PORT]/tks/ee/tks
 Secure Agent URL    = https://[PKI_HOSTNAME]:[PKI_AGENT_SECURE_PORT]/tks/agent/tks
-Secure EE URL       = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_PORT]/tks/ee/tks
 Secure Admin URL    = https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/tks/services
 PKI Console Command = pkiconsole https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/tks
 Tomcat Port         = [TOMCAT_SERVER_PORT] (for shutdown)
diff --git a/base/server/upgrade/10.2.6/01-RemoveInaccessableURLsFromServerXML b/base/server/upgrade/10.2.6/01-RemoveInaccessableURLsFromServerXML
new file mode 100755
index 0000000..1a9d328
--- /dev/null
+++ b/base/server/upgrade/10.2.6/01-RemoveInaccessableURLsFromServerXML
@@ -0,0 +1,40 @@
+#!/usr/bin/python
+# Authors:
+#     Matthew Harmsen <mharmsen redhat com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Copyright (C) 2015 Red Hat, Inc.
+# All rights reserved.
+#
+
+import subprocess
+
+import pki.server.upgrade
+
+
+class RemoveInaccessableURLsFromServerXML(
+    pki.server.upgrade.PKIServerUpgradeScriptlet):
+    def __init__(self):
+        super(RemoveInaccessableURLsFromServerXML, self).__init__()
+        self.message = 'Remove inaccessable URLs from server.xml'
+
+    def upgrade_instance(self, instance):
+        subprocess.check_call([
+            'sed', '-i',
+            '-e', '\|^.*EE Client Auth URL.*ca/eeca/ca.*$|d',
+            '-e', '\|^.*Secure EE URL.*kra/ee/kra.*$|d',
+            '-e', '\|^.*Secure EE URL.*tks/ee/tks.*$|d',
+            '/etc/pki/{0}/server.xml'.format(instance.name)
+        ])
-- 
1.8.3.1


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]