[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Pki-devel] [PATCH] pki-cfu-0055-Ticket-1295-CA-OCSP-via-GET-does-not-work.patch



here is the patch for the upgrade script for this ticket https://fedorahosted.org/pki/ticket/1295
Please review.

Note: I was able to get the xml element added to the web.xml and the server will work with the ocsp GET request, however, there is a cosmetic issue with missing blank line and a few spaces for the next element after.  If anyone has ideas on how to fix this, please feel free to make suggestions.
Here is how it looks like now:
http://fpaste.org/218405/

thanks,
Christina


On 04/28/2015 04:06 PM, Christina Fu wrote:
 pushed to master
 commit 267635f87c5ba9382f0931ad3e1b7cb9e42c6a6d
On 04/28/2015 03:38 PM, Christina Fu wrote:
This patch should address the issue reported in:
https://fedorahosted.org/pki/ticket/1295
Please review.

thanks,
Christina


_______________________________________________
Pki-devel mailing list
Pki-devel redhat com
https://www.redhat.com/mailman/listinfo/pki-devel



_______________________________________________
Pki-devel mailing list
Pki-devel redhat com
https://www.redhat.com/mailman/listinfo/pki-devel

>From 2e2c3f9b1c5d5605ab30489c68c5a0a54d139483 Mon Sep 17 00:00:00 2001
From: Christina Fu <cfu redhat com>
Date: Mon, 4 May 2015 15:51:48 -0700
Subject: [PATCH] Ticket 1295 Upgrade script for - CA: OCSP via GET does not
 work

---
 .../01-AddMissingOCSPGETServletMappingToWebXML     | 76 ++++++++++++++++++++++
 1 file changed, 76 insertions(+)
 create mode 100755 base/server/upgrade/10.2.4/01-AddMissingOCSPGETServletMappingToWebXML

diff --git a/base/server/upgrade/10.2.4/01-AddMissingOCSPGETServletMappingToWebXML b/base/server/upgrade/10.2.4/01-AddMissingOCSPGETServletMappingToWebXML
new file mode 100755
index 0000000000000000000000000000000000000000..6525d854d077630912e072f83045f71f7c91d7f7
--- /dev/null
+++ b/base/server/upgrade/10.2.4/01-AddMissingOCSPGETServletMappingToWebXML
@@ -0,0 +1,76 @@
+#!/usr/bin/python
+# Authors:
+#     Christina Fu <cfu redhat com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Copyright (C) 2015 Red Hat, Inc.
+# All rights reserved.
+#
+
+import os
+import sys
+from lxml import etree as ET
+
+import pki
+import pki.server.upgrade
+
+class AddMissingOCSPGETServletMappingToWebXML(pki.server.upgrade.PKIServerUpgradeScriptlet):
+
+    OCSPGETServletMappingData = """
+        <servlet-mapping>
+            <servlet-name> caOCSP </servlet-name>
+            <url-pattern> /ocsp/* </url-pattern>
+        </servlet-mapping>
+
+    """
+
+    def __init__(self):
+
+        self.message = 'Add missing OCSP Get Servlet Mapping to upgraded Dogtag 9 instances'
+
+    def upgrade_subsystem(self, instance, subsystem):
+        # only affects CA
+        if subsystem.name != "ca":
+            return
+
+        web_xml = os.path.join(
+            instance.base_dir,
+            'ca', 'webapps', subsystem.name,
+            'WEB-INF', 'web.xml')
+
+        self.backup(web_xml)
+
+        self.doc = ET.parse(web_xml)
+        self.root = self.doc.getroot()
+        self.add_ocsp_get_servlet_mapping()
+
+        self.doc.write(web_xml)
+
+    def add_ocsp_get_servlet_mapping(self):
+        #add missing OCSP Get servlet mapping
+        mappingFound = False
+        urlPattern = ""
+        index = 0
+        for mapping in self.doc.findall('.//servlet-mapping'):
+            name = mapping.find('servlet-name').text.strip()
+            if name == 'caOCSP':
+                urlPattern = mapping.find('url-pattern').text.strip()
+                index = self.root.index(mapping) + 1
+            if urlPattern == '/ocsp/*':
+                mappingFound = True
+        if not mappingFound:
+            mapping = ET.fromstring(self.OCSPGETServletMappingData)
+            mapping.tail = '\n'
+            self.root.insert(index, mapping)
-- 
1.8.4.2


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]