author | Yiteng Zhang <yiteng.zhang@oracle.com> |
Wed, 09 Mar 2016 11:27:23 -0800 | |
changeset 3321 | 52e8eec3014c |
parent 3318 | 864be9e4db61 |
child 3325 | 18a3d7b0d618 |
permissions | -rw-r--r-- |
1516
8c950a3b4171
10485 move pkg(5) to Python 2.6
Rich Burridge <rich.burridge@sun.com>
parents:
1505
diff
changeset
|
1 |
#!/usr/bin/python |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3 |
# CDDL HEADER START |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
4 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
5 |
# The contents of this file are subject to the terms of the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
6 |
# Common Development and Distribution License (the "License"). |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
7 |
# You may not use this file except in compliance with the License. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
8 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
9 |
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
10 |
# or http://www.opensolaris.org/os/licensing. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
11 |
# See the License for the specific language governing permissions |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
12 |
# and limitations under the License. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
13 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
14 |
# When distributing Covered Code, include this CDDL HEADER in each |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
15 |
# file and include the License file at usr/src/OPENSOLARIS.LICENSE. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
16 |
# If applicable, add the following below this CDDL HEADER, with the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
17 |
# fields enclosed by brackets "[]" replaced with your own identifying |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
18 |
# information: Portions Copyright [yyyy] [name of copyright owner] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
19 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
20 |
# CDDL HEADER END |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
21 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
22 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
23 |
# |
3304
4e3ad216d1e2
17424143 publisher get_cert_by_hash always downloads some certs
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3293
diff
changeset
|
24 |
# Copyright (c) 2009, 2016, Oracle and/or its affiliates. All rights reserved. |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
25 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
26 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
27 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
28 |
# NOTE: Any changes to this file are considered a change in client api |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
29 |
# interfaces and must be fully documented in doc/client_api_versions.txt |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
30 |
# if they are visible changes to the public interfaces provided. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
31 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
32 |
# This also means that changes to the interfaces here must be reflected in |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
33 |
# the client version number and compatible_versions specifier found in |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
34 |
# modules/client/api.py:__init__. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
35 |
# |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
36 |
|
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
37 |
import calendar |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
38 |
import collections |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
39 |
import copy |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
40 |
import cStringIO |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
41 |
import datetime as dt |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
42 |
import errno |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
43 |
import hashlib |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
44 |
import os |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
45 |
import pycurl |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
46 |
import shutil |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
47 |
import six |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
48 |
import tempfile |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
49 |
import time |
1516
8c950a3b4171
10485 move pkg(5) to Python 2.6
Rich Burridge <rich.burridge@sun.com>
parents:
1505
diff
changeset
|
50 |
import uuid |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
51 |
|
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
52 |
from cryptography import x509 |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
53 |
from cryptography.hazmat.backends import default_backend |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
54 |
from cryptography.hazmat.primitives import serialization |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
55 |
from cryptography.hazmat.primitives.asymmetric import padding |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
56 |
from six.moves.urllib.parse import quote, urlsplit, urlparse, urlunparse, \ |
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
57 |
ParseResult |
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
58 |
from six.moves.urllib.request import url2pathname |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
59 |
|
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
60 |
import pkg.catalog |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
61 |
import pkg.client.api_errors as api_errors |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
62 |
import pkg.client.sigpolicy as sigpolicy |
2616
3c00fe4465d3
19148 PKG_STATE_* defines need a new home
Edward Pilatowicz <edward.pilatowicz@oracle.com>
parents:
2558
diff
changeset
|
63 |
import pkg.client.pkgdefs as pkgdefs |
2962
ce8cd4c07986
15433013 content hash handling should handle different hash functions
Tim Foster <tim.s.foster@oracle.com>
parents:
2898
diff
changeset
|
64 |
import pkg.digest as digest |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
65 |
import pkg.misc as misc |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
66 |
import pkg.portable as portable |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
67 |
import pkg.server.catalog as old_catalog |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
68 |
|
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
69 |
from pkg.client import global_settings |
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
70 |
from pkg.client.debugvalues import DebugValues |
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
71 |
logger = global_settings.logger |
2529
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
72 |
from pkg.misc import EmptyDict, EmptyI, SIGNATURE_POLICY, DictProperty, \ |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
73 |
PKG_RO_FILE_MODE |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
74 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
75 |
# The "core" type indicates that a repository contains all of the dependencies |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
76 |
# declared by packages in the repository. It is primarily used for operating |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
77 |
# system repositories. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
78 |
REPO_CTYPE_CORE = "core" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
79 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
80 |
# The "supplemental" type indicates that a repository contains packages that |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
81 |
# rely on or are intended to be used with packages located in another |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
82 |
# repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
83 |
REPO_CTYPE_SUPPLEMENTAL = "supplemental" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
84 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
85 |
# Mapping of constant values to names (in the event these ever get changed to |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
86 |
# numeric values or it is decided they need "prettier" or different labels). |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
87 |
REPO_COLLECTION_TYPES = { |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
88 |
REPO_CTYPE_CORE: "core", |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
89 |
REPO_CTYPE_SUPPLEMENTAL: "supplemental", |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
90 |
} |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
91 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
92 |
# Supported Protocol Schemes |
1895
0a260cc2a689
15762 client support for filesystem-based repository access
Shawn Walker <shawn.walker@oracle.com>
parents:
1795
diff
changeset
|
93 |
SUPPORTED_SCHEMES = set(("file", "http", "https")) |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
94 |
SUPPORTED_PROXY_SCHEMES = ("http") |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
95 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
96 |
# SSL Protocol Schemes |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
97 |
SSL_SCHEMES = set(("https",)) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
98 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
99 |
# Supported RepositoryURI sorting policies. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
100 |
URI_SORT_PRIORITY = "priority" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
101 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
102 |
# Sort policy mapping. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
103 |
URI_SORT_POLICIES = { |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
104 |
URI_SORT_PRIORITY: lambda obj: (obj.priority, obj.uri), |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
105 |
} |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
106 |
|
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
107 |
# The strings in the value field refer to the boolean properties of the |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
108 |
# Cryptography extension classes. If a property has a value True set, it means |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
109 |
# this property is added as an extension value in the certificate generation, |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
110 |
# and vice versa. |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
111 |
EXTENSIONS_VALUES = { |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
112 |
x509.BasicConstraints: ["ca", "path_length"], |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
113 |
x509.KeyUsage: ["digital_signature", "content_commitment", |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
114 |
"key_encipherment", "data_encipherment", "key_agreement", "key_cert_sign", |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
115 |
"crl_sign", "encipher_only", "decipher_only"] |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
116 |
} |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
117 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
118 |
# Only listed extension values (properties) here can have a value True set in a |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
119 |
# certificate extension; any other properties with a value True set will be |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
120 |
# treated as unsupported. |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
121 |
SUPPORTED_EXTENSION_VALUES = { |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
122 |
x509.BasicConstraints: ("ca", "path_length"), |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
123 |
x509.KeyUsage: ("digital_signature", "key_cert_sign", "crl_sign") |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
124 |
} |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
125 |
|
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
126 |
# These dictionaries map uses into their extensions. |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
127 |
CODE_SIGNING_USE = { |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
128 |
x509.KeyUsage: ["digital_signature"], |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
129 |
} |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
130 |
|
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
131 |
CERT_SIGNING_USE = { |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
132 |
x509.BasicConstraints: ["ca"], |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
133 |
x509.KeyUsage: ["key_cert_sign"], |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
134 |
} |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
135 |
|
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
136 |
CRL_SIGNING_USE = { |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
137 |
x509.KeyUsage: ["crl_sign"], |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
138 |
} |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
139 |
|
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
140 |
POSSIBLE_USES = [CODE_SIGNING_USE, CERT_SIGNING_USE, CRL_SIGNING_USE] |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
141 |
|
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
142 |
# A special token used in place of the system repository URL which is |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
143 |
# replaced at runtime by the actual address and port of the |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
144 |
# system-repository. |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
145 |
SYSREPO_PROXY = "<sysrepo>" |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
146 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
147 |
class RepositoryURI(object): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
148 |
"""Class representing a repository URI and any transport-related |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
149 |
information.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
150 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
151 |
# These properties are declared here so that they show up in the pydoc |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
152 |
# documentation as private, and for clarity in the property declarations |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
153 |
# found near the end of the class definition. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
154 |
__priority = None |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
155 |
__proxies = None |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
156 |
__ssl_cert = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
157 |
__ssl_key = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
158 |
__trailing_slash = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
159 |
__uri = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
160 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
161 |
# Used to store the id of the original object this one was copied |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
162 |
# from during __copy__. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
163 |
_source_object_id = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
164 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
165 |
def __init__(self, uri, priority=None, ssl_cert=None, ssl_key=None, |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
166 |
trailing_slash=True, proxy=None, system=False, proxies=None): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
167 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
168 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
169 |
# Must set first. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
170 |
self.__trailing_slash = trailing_slash |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
171 |
self.__scheme = None |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
172 |
self.__netloc = None |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
173 |
self.__proxies = [] |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
174 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
175 |
# Note that the properties set here are intentionally lacking |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
176 |
# the '__' prefix which means assignment will occur using the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
177 |
# get/set methods declared for the property near the end of |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
178 |
# the class definition. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
179 |
self.priority = priority |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
180 |
self.uri = uri |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
181 |
self.ssl_cert = ssl_cert |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
182 |
self.ssl_key = ssl_key |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
183 |
# The proxy parameter is deprecated and remains for backwards |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
184 |
# compatibity, for now. If we get given both, then we must |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
185 |
# complain - this error is for internal use only. |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
186 |
if proxy and proxies: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
187 |
raise api_errors.PublisherError("Both 'proxies' and " |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
188 |
"'proxy' values were used to create a " |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
189 |
"RepositoryURI object.") |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
190 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
191 |
if proxy: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
192 |
self.proxies = [ProxyURI(proxy)] |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
193 |
if proxies: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
194 |
self.proxies = proxies |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
195 |
self.system = system |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
196 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
197 |
def __copy__(self): |
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
198 |
uri = RepositoryURI(self.__uri, priority=self.__priority, |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
199 |
ssl_cert=self.__ssl_cert, ssl_key=self.__ssl_key, |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
200 |
trailing_slash=self.__trailing_slash, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
201 |
proxies=self.__proxies, system=self.system) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
202 |
uri._source_object_id = id(self) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
203 |
return uri |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
204 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
205 |
def __eq__(self, other): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
206 |
if isinstance(other, RepositoryURI): |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
207 |
return self.uri == other.uri |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
208 |
if isinstance(other, str): |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
209 |
return self.uri == other |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
210 |
return False |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
211 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
212 |
def __ne__(self, other): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
213 |
if isinstance(other, RepositoryURI): |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
214 |
return self.uri != other.uri |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
215 |
if isinstance(other, str): |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
216 |
return self.uri != other |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
217 |
return True |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
218 |
|
3245
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
219 |
__hash__ = object.__hash__ |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
220 |
|
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
221 |
def __lt__(self, other): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
222 |
if not other: |
3245
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
223 |
return False |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
224 |
if not isinstance(other, RepositoryURI): |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
225 |
other = RepositoryURI(other) |
3245
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
226 |
return self.uri < other.uri |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
227 |
|
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
228 |
def __gt__(self, other): |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
229 |
if not other: |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
230 |
return True |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
231 |
if not isinstance(other, RepositoryURI): |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
232 |
other = RepositoryURI(other) |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
233 |
return self.uri > other.uri |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
234 |
|
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
235 |
def __le__(self, other): |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
236 |
return self == other or self < other |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
237 |
|
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
238 |
def __ge__(self, other): |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
239 |
return self == other or self > other |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
240 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
241 |
def __set_priority(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
242 |
if value is not None: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
243 |
try: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
244 |
value = int(value) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
245 |
except (TypeError, ValueError): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
246 |
raise api_errors.BadRepositoryURIPriority(value) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
247 |
self.__priority = value |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
248 |
|
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
249 |
def __get_proxy(self): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
250 |
if not self.__proxies: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
251 |
return None |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
252 |
else: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
253 |
return self.__proxies[0].uri |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
254 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
255 |
def __set_proxy(self, proxy): |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
256 |
if not proxy: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
257 |
return |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
258 |
if not isinstance(proxy, ProxyURI): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
259 |
p = ProxyURI(proxy) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
260 |
else: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
261 |
p = proxy |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
262 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
263 |
self.__proxies = [p] |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
264 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
265 |
def __set_proxies(self, proxies): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
266 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
267 |
for proxy in proxies: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
268 |
if not isinstance(proxy, ProxyURI): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
269 |
raise api_errors.BadRepositoryAttributeValue( |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
270 |
"proxies", value=proxy) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
271 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
272 |
if proxies and self.scheme == "file": |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
273 |
raise api_errors.UnsupportedRepositoryURIAttribute( |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
274 |
"proxies", scheme=self.scheme) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
275 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
276 |
if not (isinstance(proxies, list) or |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
277 |
isinstance(proxies, tuple)): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
278 |
raise api_errors.BadRepositoryAttributeValue( |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
279 |
"proxies", value=proxies) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
280 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
281 |
# for now, we only support a single proxy per RepositoryURI |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
282 |
if len(proxies) > 1: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
283 |
raise api_errors.BadRepositoryAttributeValue( |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
284 |
"proxies", value=proxies) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
285 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
286 |
if proxies: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
287 |
self.__proxies = proxies |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
288 |
else: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
289 |
self.__proxies = [] |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
290 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
291 |
def __set_ssl_cert(self, filename): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
292 |
if self.scheme not in SSL_SCHEMES and filename: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
293 |
raise api_errors.UnsupportedRepositoryURIAttribute( |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
294 |
"ssl_cert", scheme=self.scheme) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
295 |
if filename: |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
296 |
if not isinstance(filename, six.string_types): |
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
297 |
raise api_errors.BadRepositoryAttributeValue( |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
298 |
"ssl_cert", value=filename) |
2433
7af4ccfa1c06
5060 cert and key files should be validated when adding or updating publishers
Shawn Walker <shawn.walker@oracle.com>
parents:
2414
diff
changeset
|
299 |
filename = os.path.normpath(filename) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
300 |
if filename == "": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
301 |
filename = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
302 |
self.__ssl_cert = filename |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
303 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
304 |
def __set_ssl_key(self, filename): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
305 |
if self.scheme not in SSL_SCHEMES and filename: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
306 |
raise api_errors.UnsupportedRepositoryURIAttribute( |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
307 |
"ssl_key", scheme=self.scheme) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
308 |
if filename: |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
309 |
if not isinstance(filename, six.string_types): |
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
310 |
raise api_errors.BadRepositoryAttributeValue( |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
311 |
"ssl_key", value=filename) |
2433
7af4ccfa1c06
5060 cert and key files should be validated when adding or updating publishers
Shawn Walker <shawn.walker@oracle.com>
parents:
2414
diff
changeset
|
312 |
filename = os.path.normpath(filename) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
313 |
if filename == "": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
314 |
filename = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
315 |
self.__ssl_key = filename |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
316 |
|
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
317 |
def __set_trailing_slash(self, value): |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
318 |
if value not in (True, False): |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
319 |
raise api_errors.BadRepositoryAttributeValue( |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
320 |
"trailing_slash", value=value) |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
321 |
self.__trailing_slash = value |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
322 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
323 |
def __set_uri(self, uri): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
324 |
if uri is None: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
325 |
raise api_errors.BadRepositoryURI(uri) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
326 |
|
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
327 |
# if we're setting the URI to an existing value, do nothing. |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
328 |
if uri == self.__uri: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
329 |
return |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
330 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
331 |
# This is not ideal, but determining whether we're operating |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
332 |
# on a ProxyURI saves us duplicating code in that class, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
333 |
# which we would otherwise need, due to __protected members |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
334 |
# here. |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
335 |
if isinstance(self, ProxyURI): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
336 |
is_proxy = True |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
337 |
else: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
338 |
is_proxy = False |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
339 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
340 |
# Decompose URI to verify attributes. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
341 |
scheme, netloc, path, params, query = \ |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
342 |
urlsplit(uri, allow_fragments=0) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
343 |
|
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
344 |
self.__scheme = scheme.lower() |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
345 |
self.__netloc = netloc |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
346 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
347 |
# The set of currently supported protocol schemes. |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
348 |
if is_proxy and self.__scheme not in \ |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
349 |
SUPPORTED_PROXY_SCHEMES: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
350 |
raise api_errors.UnsupportedProxyURI(uri) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
351 |
else: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
352 |
if self.__scheme not in SUPPORTED_SCHEMES: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
353 |
raise api_errors.UnsupportedRepositoryURI(uri) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
354 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
355 |
# XXX valid_pub_url's check isn't quite right and could prevent |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
356 |
# usage of IDNs (international domain names). |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
357 |
if (self.__scheme.startswith("http") and not netloc) or \ |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
358 |
not misc.valid_pub_url(uri, proxy=is_proxy): |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
359 |
raise api_errors.BadRepositoryURI(uri) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
360 |
|
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
361 |
if self.__scheme == "file" and netloc: |
1968
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
362 |
raise api_errors.BadRepositoryURI(uri) |
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
363 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
364 |
# Normalize URI scheme. |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
365 |
uri = uri.replace(scheme, self.__scheme, 1) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
366 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
367 |
if self.__trailing_slash: |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
368 |
uri = uri.rstrip("/") |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
369 |
uri = misc.url_affix_trailing_slash(uri) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
370 |
|
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
371 |
if self.__scheme not in SSL_SCHEMES: |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
372 |
self.__ssl_cert = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
373 |
self.__ssl_key = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
374 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
375 |
self.__uri = uri |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
376 |
|
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
377 |
def _override_uri(self, uri): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
378 |
"""Allow the __uri field of the object to be overridden in |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
379 |
special cases.""" |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
380 |
if uri not in [None, SYSREPO_PROXY]: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
381 |
raise api_errors.BadRepositoryURI(uri) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
382 |
self.__uri = uri |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
383 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
384 |
def __str__(self): |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
385 |
return str(self.__uri) |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
386 |
|
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
387 |
def change_scheme(self, new_scheme): |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
388 |
"""Change the scheme of this uri.""" |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
389 |
|
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
390 |
assert self.__uri |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
391 |
scheme, netloc, path, params, query, fragment = \ |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
392 |
urlparse(self.__uri, allow_fragments=False) |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
393 |
if new_scheme == scheme: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
394 |
return |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
395 |
self.uri = urlunparse( |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
396 |
(new_scheme, netloc, path, params, query, fragment)) |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
397 |
|
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
398 |
def get_host(self): |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
399 |
"""Get the host and port of this URI if it's a http uri.""" |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
400 |
|
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
401 |
scheme, netloc, path, params, query, fragment = \ |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
402 |
urlparse(self.__uri, allow_fragments=0) |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
403 |
if scheme != "file": |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
404 |
return netloc |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
405 |
return "" |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
406 |
|
1968
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
407 |
def get_pathname(self): |
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
408 |
"""Returns the URI path as a pathname if the URI is a file |
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
409 |
URI or '' otherwise.""" |
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
410 |
|
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
411 |
scheme, netloc, path, params, query, fragment = \ |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
412 |
urlparse(self.__uri, allow_fragments=0) |
1968
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
413 |
if scheme == "file": |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
414 |
return url2pathname(path) |
1968
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
415 |
return "" |
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
416 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
417 |
ssl_cert = property(lambda self: self.__ssl_cert, __set_ssl_cert, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
418 |
"The absolute pathname of a PEM-encoded SSL certificate file.") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
419 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
420 |
ssl_key = property(lambda self: self.__ssl_key, __set_ssl_key, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
421 |
"The absolute pathname of a PEM-encoded SSL key file.") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
422 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
423 |
uri = property(lambda self: self.__uri, __set_uri, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
424 |
"The URI used to access a repository.") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
425 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
426 |
priority = property(lambda self: self.__priority, __set_priority, None, |
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
427 |
"An integer value representing the importance of this repository " |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
428 |
"URI relative to others.") |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
429 |
|
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
430 |
proxy = property(__get_proxy, __set_proxy, None, "The proxy to use to " |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
431 |
"access this repository.") |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
432 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
433 |
proxies = property(lambda self: self.__proxies, __set_proxies, None, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
434 |
"A list of proxies that can be used to access this repository." |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
435 |
"At runtime, a $http_proxy environment variable might override this." |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
436 |
) |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
437 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
438 |
@property |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
439 |
def scheme(self): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
440 |
"""The URI scheme.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
441 |
if not self.__uri: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
442 |
return "" |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
443 |
return urlsplit(self.__uri, allow_fragments=0)[0] |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
444 |
|
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
445 |
trailing_slash = property(lambda self: self.__trailing_slash, |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
446 |
__set_trailing_slash, None, |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
447 |
"A boolean value indicating whether any URI provided for this " |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
448 |
"object should have a trailing slash appended when setting the " |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
449 |
"URI property.") |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
450 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
451 |
|
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
452 |
class ProxyURI(RepositoryURI): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
453 |
"""A class to represent the URI of a proxy. The 'uri' value can be |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
454 |
'None' if 'system' is set to True.""" |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
455 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
456 |
def __init__(self, uri, system=False): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
457 |
self.__system = None |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
458 |
self.system = system |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
459 |
if not system: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
460 |
self.uri = uri |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
461 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
462 |
def __set_system(self, value): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
463 |
"""A property to specify whether we should use the system |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
464 |
publisher as the proxy. Note that this method modifies the |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
465 |
'uri' property when set or cleared.""" |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
466 |
if value not in (True, False): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
467 |
raise api_errors.BadRepositoryAttributeValue( |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
468 |
"system", value=value) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
469 |
self.__system = value |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
470 |
if value: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
471 |
# Set a special value for the uri, intentionally an |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
472 |
# invalid URI which should get caught by any consumers |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
473 |
# using it by mistake. This also allows us to reuse |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
474 |
# the __eq__, __cmp__, etc. methods from the parent |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
475 |
# (where there is no public way of setting the URI to |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
476 |
# SYSREPO_PROXY, '<sysrepo>') |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
477 |
self._override_uri(SYSREPO_PROXY) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
478 |
else: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
479 |
self._override_uri(None) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
480 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
481 |
def __unsupported(self, value): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
482 |
"""A method used to prevent certain properties defined in the |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
483 |
parent class from being set on ProxyURI objects.""" |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
484 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
485 |
# We don't expect this string to be exposed to users. |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
486 |
raise ValueError("This property cannot be set to {0} on a " |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
487 |
"ProxyURI object.".format(value)) |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
488 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
489 |
system = property(lambda self: self.__system, __set_system, None, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
490 |
"True, if we should use the system publisher as a proxy.") |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
491 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
492 |
# Ensure we can't set any of the following properties. |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
493 |
proxies = property(lambda self: None, __unsupported, None, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
494 |
"proxies is an invalid property for ProxyURI properties") |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
495 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
496 |
ssl_cert = property(lambda self: None, __unsupported, None, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
497 |
"ssl_cert is an invalid property for ProxyURI properties") |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
498 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
499 |
ssl_key = property(lambda self: None, __unsupported, None, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
500 |
"ssl_key is an invalid property for ProxyURI properties") |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
501 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
502 |
priority = property(lambda self: None, __unsupported, None, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
503 |
"priority is an invalid property for ProxyURI properties") |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
504 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
505 |
trailing_slash = property(lambda self: None, __unsupported, None, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
506 |
"trailing_slash is an invalid property for ProxyURI properties") |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
507 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
508 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
509 |
class TransportRepoURI(RepositoryURI): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
510 |
"""A TransportRepoURI allows for multiple representations of a given |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
511 |
RepositoryURI, each with different properties. |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
512 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
513 |
One RepositoryURI could be represented by several TransportRepoURIs, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
514 |
used to allow the transport to properly track repo statistics for |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
515 |
for each discrete path to a given URI, perhaps using different proxies |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
516 |
or trying one of several SSL key/cert pairs.""" |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
517 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
518 |
def __init__(self, uri, priority=None, ssl_cert=None, ssl_key=None, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
519 |
trailing_slash=True, proxy=None, system=False): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
520 |
# Must set first. |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
521 |
self.__proxy = None |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
522 |
self.__runtime_proxy = None |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
523 |
self.proxy = proxy |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
524 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
525 |
RepositoryURI.__init__(self, uri, priority=priority, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
526 |
ssl_cert=ssl_cert, ssl_key=ssl_key, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
527 |
trailing_slash=trailing_slash, system=system) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
528 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
529 |
def __eq__(self, other): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
530 |
if isinstance(other, TransportRepoURI): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
531 |
return self.uri == other.uri and \ |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
532 |
self.proxy == other.proxy |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
533 |
if isinstance(other, six.string_types): |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
534 |
return self.uri == other and self.proxy == None |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
535 |
return False |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
536 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
537 |
def __ne__(self, other): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
538 |
if isinstance(other, TransportRepoURI): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
539 |
return self.uri != other.uri or \ |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
540 |
self.proxy != other.proxy |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
541 |
if isinstance(other, six.string_types): |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
542 |
return self.uri != other or self.proxy != None |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
543 |
return True |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
544 |
|
3245
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
545 |
__hash__ = object.__hash__ |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
546 |
|
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
547 |
def __lt__(self, other): |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
548 |
if not other: |
3245
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
549 |
return False |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
550 |
if isinstance(other, six.string_types): |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
551 |
other = TransportRepoURI(other) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
552 |
elif not isinstance(other, TransportRepoURI): |
3245
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
553 |
return False |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
554 |
if self.uri < other.uri: |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
555 |
return True |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
556 |
if self.uri != other.uri: |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
557 |
return False |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
558 |
return self.proxy < other.proxy |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
559 |
|
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
560 |
def __gt__(self, other): |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
561 |
if not other: |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
562 |
return True |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
563 |
if isinstance(other, six.string_types): |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
564 |
other = TransportRepoURI(other) |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
565 |
elif not isinstance(other, TransportRepoURI): |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
566 |
return True |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
567 |
if self.uri > other.uri: |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
568 |
return True |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
569 |
if self.uri != other.uri: |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
570 |
return False |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
571 |
return self.proxy > other.proxy |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
572 |
|
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
573 |
def __le__(self, other): |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
574 |
return self == other or self < other |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
575 |
|
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
576 |
def __ge__(self, other): |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
577 |
return self == other or self > other |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
578 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
579 |
def key(self): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
580 |
"""Returns a value that can be used to identify this RepoURI |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
581 |
uniquely for the transport system. Normally, this would be done |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
582 |
using __hash__() however, TransportRepoURI objects are not |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
583 |
guaranteed to be immutable. |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
584 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
585 |
The key is a (uri, proxy) tuple, where the proxy is |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
586 |
the proxy used to reach that URI. Note that in the transport |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
587 |
system, we may choose to override the proxy value here. |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
588 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
589 |
If this key format changes, a corresponding change should be |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
590 |
made in pkg.client.transport.engine.__cleanup_requests(..)""" |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
591 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
592 |
u = self.uri |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
593 |
p = self.__proxy |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
594 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
595 |
if self.uri: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
596 |
u = self.uri.rstrip("/") |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
597 |
return (u, p) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
598 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
599 |
def __set_proxy(self, proxy): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
600 |
assert not self.ssl_cert |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
601 |
assert not self.ssl_key |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
602 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
603 |
if proxy and self.scheme == "file": |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
604 |
raise api_errors.UnsupportedRepositoryURIAttribute( |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
605 |
"proxy", scheme=self.scheme) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
606 |
if proxy: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
607 |
self.__proxy = proxy.rstrip("/") |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
608 |
else: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
609 |
self.__proxy = None |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
610 |
# Changing the proxy value causes us to clear any cached |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
611 |
# value we have in __runtime_proxy. |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
612 |
self.__runtime_proxy = None |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
613 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
614 |
def __get_runtime_proxy(self): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
615 |
"""Returns the proxy that should be used at runtime, which may |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
616 |
differ from the persisted proxy value. We check for http_proxy, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
617 |
https_proxy and all_proxy OS environment variables. |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
618 |
|
2764
7220dcd7755f
7189150 zone install can fail w/ proxy env vars set; tries to reach sysrepo through proxy
Tim Foster <tim.s.foster@oracle.com>
parents:
2749
diff
changeset
|
619 |
To avoid repeated environment lookups, we cache the results.""" |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
620 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
621 |
# we don't permit the proxy used by system publishers to be |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
622 |
# overridden by environment variables. |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
623 |
if self.system: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
624 |
return self.proxy |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
625 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
626 |
if not self.__runtime_proxy: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
627 |
self.__runtime_proxy = misc.get_runtime_proxy( |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
628 |
self.__proxy, self.uri) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
629 |
return self.__runtime_proxy |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
630 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
631 |
def __set_runtime_proxy(self, runtime_proxy): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
632 |
"""The runtime proxy value is always computed dynamically, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
633 |
we should not allow a caller to set it.""" |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
634 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
635 |
assert False, "Refusing to set a runtime_proxy value." |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
636 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
637 |
@staticmethod |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
638 |
def fromrepouri(repouri): |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
639 |
"""Build a list of TransportRepositoryURI objects using |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
640 |
properties from the given RepositoryURI, 'repouri'. |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
641 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
642 |
This is to allow the transport to try different paths to |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
643 |
a given RepositoryURI, if more than one is possible.""" |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
644 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
645 |
trans_repouris = [] |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
646 |
# we just use the proxies for now, but in future, we may want |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
647 |
# other per-origin/mirror properties |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
648 |
if repouri.proxies: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
649 |
for p in repouri.proxies: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
650 |
t = TransportRepoURI(repouri.uri, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
651 |
priority=repouri.priority, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
652 |
ssl_cert=repouri.ssl_cert, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
653 |
ssl_key=repouri.ssl_key, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
654 |
system=repouri.system, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
655 |
trailing_slash=repouri.trailing_slash, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
656 |
proxy=p.uri) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
657 |
trans_repouris.append(t) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
658 |
else: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
659 |
trans_repouris.append(TransportRepoURI(repouri.uri, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
660 |
priority=repouri.priority, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
661 |
ssl_cert=repouri.ssl_cert, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
662 |
ssl_key=repouri.ssl_key, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
663 |
system=repouri.system, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
664 |
trailing_slash=repouri.trailing_slash)) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
665 |
return trans_repouris |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
666 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
667 |
proxy = property(lambda self: self.__proxy, __set_proxy, None, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
668 |
"The proxy that is used to access this repository." |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
669 |
"At runtime, a $http_proxy environnent variable might override this." |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
670 |
) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
671 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
672 |
runtime_proxy = property(__get_runtime_proxy, __set_runtime_proxy, None, |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
673 |
"The proxy to use to access this repository. This value checks" |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
674 |
"OS environment variables, and expands any $user:$password values.") |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
675 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
676 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
677 |
class Repository(object): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
678 |
"""Class representing a repository object. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
679 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
680 |
A repository object represents a location where clients can publish |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
681 |
and retrieve package content and/or metadata. It has the following |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
682 |
characteristics: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
683 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
684 |
- may have one or more origins (URIs) for publication and |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
685 |
retrieval of package metadata and content. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
686 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
687 |
- may have zero or more mirrors (URIs) for retrieval of package |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
688 |
content.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
689 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
690 |
# These properties are declared here so that they show up in the pydoc |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
691 |
# documentation as private, and for clarity in the property declarations |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
692 |
# found near the end of the class definition. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
693 |
__collection_type = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
694 |
__legal_uris = [] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
695 |
__mirrors = [] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
696 |
__origins = [] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
697 |
__refresh_seconds = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
698 |
__registration_uri = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
699 |
__related_uris = [] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
700 |
__sort_policy = URI_SORT_PRIORITY |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
701 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
702 |
# Used to store the id of the original object this one was copied |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
703 |
# from during __copy__. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
704 |
_source_object_id = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
705 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
706 |
name = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
707 |
description = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
708 |
registered = False |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
709 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
710 |
def __init__(self, collection_type=REPO_CTYPE_CORE, description=None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
711 |
legal_uris=None, mirrors=None, name=None, origins=None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
712 |
refresh_seconds=None, registered=False, registration_uri=None, |
2100
6a366b063036
17144 Unix socket support is defunct
johansen <johansen@opensolaris.org>
parents:
2097
diff
changeset
|
713 |
related_uris=None, sort_policy=URI_SORT_PRIORITY): |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
714 |
"""Initializes a repository object. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
715 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
716 |
'collection_type' is an optional constant value indicating the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
717 |
type of packages in the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
718 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
719 |
'description' is an optional string value containing a |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
720 |
descriptive paragraph for the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
721 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
722 |
'legal_uris' should be a list of RepositoryURI objects or URI |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
723 |
strings indicating where licensing, legal, and terms of service |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
724 |
information for the repository can be found. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
725 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
726 |
'mirrors' is an optional list of RepositoryURI objects or URI |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
727 |
strings indicating where package content can be retrieved. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
728 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
729 |
'name' is an optional, short, descriptive name for the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
730 |
repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
731 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
732 |
'origins' should be a list of RepositoryURI objects or URI |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
733 |
strings indicating where package metadata can be retrieved. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
734 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
735 |
'refresh_seconds' is an optional integer value indicating the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
736 |
number of seconds clients should wait before refreshing cached |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
737 |
repository catalog or repository metadata information. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
738 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
739 |
'registered' is an optional boolean value indicating whether |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
740 |
a client has registered with the repository's publisher. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
741 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
742 |
'registration_uri' is an optional RepositoryURI object or a URI |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
743 |
string indicating a location clients can use to register or |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
744 |
obtain credentials needed to access the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
745 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
746 |
'related_uris' is an optional list of RepositoryURI objects or a |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
747 |
list of URI strings indicating the location of related |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
748 |
repositories that a client may be interested in. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
749 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
750 |
'sort_policy' is an optional constant value indicating how |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
751 |
legal_uris, mirrors, origins, and related_uris should be |
2100
6a366b063036
17144 Unix socket support is defunct
johansen <johansen@opensolaris.org>
parents:
2097
diff
changeset
|
752 |
sorted.""" |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
753 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
754 |
# Note that the properties set here are intentionally lacking |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
755 |
# the '__' prefix which means assignment will occur using the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
756 |
# get/set methods declared for the property near the end of |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
757 |
# the class definition. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
758 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
759 |
# Must be set first so that it will apply to attributes set |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
760 |
# afterwards. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
761 |
self.sort_policy = sort_policy |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
762 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
763 |
self.collection_type = collection_type |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
764 |
self.description = description |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
765 |
self.legal_uris = legal_uris |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
766 |
self.mirrors = mirrors |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
767 |
self.name = name |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
768 |
self.origins = origins |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
769 |
self.refresh_seconds = refresh_seconds |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
770 |
self.registered = registered |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
771 |
self.registration_uri = registration_uri |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
772 |
self.related_uris = related_uris |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
773 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
774 |
def __add_uri(self, attr, uri, dup_check=None, priority=None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
775 |
ssl_cert=None, ssl_key=None, trailing_slash=True): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
776 |
if not isinstance(uri, RepositoryURI): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
777 |
uri = RepositoryURI(uri, priority=priority, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
778 |
ssl_cert=ssl_cert, ssl_key=ssl_key, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
779 |
trailing_slash=trailing_slash) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
780 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
781 |
if dup_check: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
782 |
dup_check(uri) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
783 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
784 |
ulist = getattr(self, attr) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
785 |
ulist.append(uri) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
786 |
ulist.sort(key=URI_SORT_POLICIES[self.__sort_policy]) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
787 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
788 |
def __copy__(self): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
789 |
cluris = [copy.copy(u) for u in self.legal_uris] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
790 |
cmirrors = [copy.copy(u) for u in self.mirrors] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
791 |
cruris = [copy.copy(u) for u in self.related_uris] |
2100
6a366b063036
17144 Unix socket support is defunct
johansen <johansen@opensolaris.org>
parents:
2097
diff
changeset
|
792 |
corigins = [copy.copy(u) for u in self.origins] |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
793 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
794 |
repo = Repository(collection_type=self.collection_type, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
795 |
description=self.description, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
796 |
legal_uris=cluris, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
797 |
mirrors=cmirrors, name=self.name, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
798 |
origins=corigins, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
799 |
refresh_seconds=self.refresh_seconds, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
800 |
registered=self.registered, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
801 |
registration_uri=copy.copy(self.registration_uri), |
2100
6a366b063036
17144 Unix socket support is defunct
johansen <johansen@opensolaris.org>
parents:
2097
diff
changeset
|
802 |
related_uris=cruris) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
803 |
repo._source_object_id = id(self) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
804 |
return repo |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
805 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
806 |
def __replace_uris(self, attr, value, trailing_slash=True): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
807 |
if value is None: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
808 |
value = [] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
809 |
if not isinstance(value, list): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
810 |
raise api_errors.BadRepositoryAttributeValue(attr, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
811 |
value=value) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
812 |
uris = [] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
813 |
for u in value: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
814 |
if not isinstance(u, RepositoryURI): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
815 |
u = RepositoryURI(u, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
816 |
trailing_slash=trailing_slash) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
817 |
elif trailing_slash: |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
818 |
u.uri = misc.url_affix_trailing_slash(u.uri) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
819 |
uris.append(u) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
820 |
uris.sort(key=URI_SORT_POLICIES[self.__sort_policy]) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
821 |
return uris |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
822 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
823 |
def __set_collection_type(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
824 |
if value not in REPO_COLLECTION_TYPES: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
825 |
raise api_errors.BadRepositoryCollectionType(value) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
826 |
self.__collection_type = value |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
827 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
828 |
def __set_legal_uris(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
829 |
self.__legal_uris = self.__replace_uris("legal_uris", value, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
830 |
trailing_slash=False) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
831 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
832 |
def __set_mirrors(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
833 |
self.__mirrors = self.__replace_uris("mirrors", value) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
834 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
835 |
def __set_origins(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
836 |
self.__origins = self.__replace_uris("origins", value) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
837 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
838 |
def __set_registration_uri(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
839 |
if value and not isinstance(value, RepositoryURI): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
840 |
value = RepositoryURI(value, trailing_slash=False) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
841 |
self.__registration_uri = value |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
842 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
843 |
def __set_related_uris(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
844 |
self.__related_uris = self.__replace_uris("related_uris", |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
845 |
value, trailing_slash=False) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
846 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
847 |
def __set_refresh_seconds(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
848 |
if value is not None: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
849 |
try: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
850 |
value = int(value) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
851 |
except (TypeError, ValueError): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
852 |
raise api_errors.BadRepositoryAttributeValue( |
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
853 |
"refresh_seconds", value=value) |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
854 |
if value < 0: |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
855 |
raise api_errors.BadRepositoryAttributeValue( |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
856 |
"refresh_seconds", value=value) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
857 |
self.__refresh_seconds = value |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
858 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
859 |
def __set_sort_policy(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
860 |
if value not in URI_SORT_POLICIES: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
861 |
raise api_errors.BadRepositoryURISortPolicy(value) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
862 |
self.__sort_policy = value |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
863 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
864 |
def add_legal_uri(self, uri, priority=None, ssl_cert=None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
865 |
ssl_key=None): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
866 |
"""Adds the specified legal URI to the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
867 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
868 |
'uri' can be a RepositoryURI object or a URI string. If |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
869 |
it is a RepositoryURI object, all other parameters will be |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
870 |
ignored.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
871 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
872 |
self.__add_uri("legal_uris", uri, priority=priority, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
873 |
ssl_cert=ssl_cert, ssl_key=ssl_key, trailing_slash=False) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
874 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
875 |
def add_mirror(self, mirror, priority=None, ssl_cert=None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
876 |
ssl_key=None): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
877 |
"""Adds the specified mirror to the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
878 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
879 |
'mirror' can be a RepositoryURI object or a URI string. If |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
880 |
it is a RepositoryURI object, all other parameters will be |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
881 |
ignored.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
882 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
883 |
def dup_check(mirror): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
884 |
if self.has_mirror(mirror): |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
885 |
o = self.get_mirror(mirror) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
886 |
if o.system: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
887 |
raise api_errors.DuplicateSyspubMirror( |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
888 |
mirror) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
889 |
raise api_errors.DuplicateRepositoryMirror( |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
890 |
mirror) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
891 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
892 |
self.__add_uri("mirrors", mirror, dup_check=dup_check, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
893 |
priority=priority, ssl_cert=ssl_cert, ssl_key=ssl_key) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
894 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
895 |
def add_origin(self, origin, priority=None, ssl_cert=None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
896 |
ssl_key=None): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
897 |
"""Adds the specified origin to the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
898 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
899 |
'origin' can be a RepositoryURI object or a URI string. If |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
900 |
it is a RepositoryURI object, all other parameters will be |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
901 |
ignored.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
902 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
903 |
def dup_check(origin): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
904 |
if self.has_origin(origin): |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
905 |
o = self.get_origin(origin) |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
906 |
if o.system: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
907 |
raise api_errors.DuplicateSyspubOrigin( |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
908 |
origin) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
909 |
raise api_errors.DuplicateRepositoryOrigin( |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
910 |
origin) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
911 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
912 |
self.__add_uri("origins", origin, dup_check=dup_check, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
913 |
priority=priority, ssl_cert=ssl_cert, ssl_key=ssl_key) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
914 |
|
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
915 |
def add_related_uri(self, uri, priority=None, ssl_cert=None, |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
916 |
ssl_key=None): |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
917 |
"""Adds the specified related URI to the repository. |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
918 |
|
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
919 |
'uri' can be a RepositoryURI object or a URI string. If |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
920 |
it is a RepositoryURI object, all other parameters will be |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
921 |
ignored.""" |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
922 |
|
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
923 |
self.__add_uri("related_uris", uri, priority=priority, |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
924 |
ssl_cert=ssl_cert, ssl_key=ssl_key, trailing_slash=False) |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
925 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
926 |
def get_mirror(self, mirror): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
927 |
"""Returns a RepositoryURI object representing the mirror |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
928 |
that matches 'mirror'. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
929 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
930 |
'mirror' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
931 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
932 |
if not isinstance(mirror, RepositoryURI): |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
933 |
mirror = misc.url_affix_trailing_slash(mirror) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
934 |
for m in self.mirrors: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
935 |
if mirror == m.uri: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
936 |
return m |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
937 |
raise api_errors.UnknownRepositoryMirror(mirror) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
938 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
939 |
def get_origin(self, origin): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
940 |
"""Returns a RepositoryURI object representing the origin |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
941 |
that matches 'origin'. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
942 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
943 |
'origin' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
944 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
945 |
if not isinstance(origin, RepositoryURI): |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
946 |
origin = misc.url_affix_trailing_slash(origin) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
947 |
for o in self.origins: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
948 |
if origin == o.uri: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
949 |
return o |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
950 |
raise api_errors.UnknownRepositoryOrigin(origin) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
951 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
952 |
def has_mirror(self, mirror): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
953 |
"""Returns a boolean value indicating whether a matching |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
954 |
'mirror' exists for the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
955 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
956 |
'mirror' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
957 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
958 |
if not isinstance(mirror, RepositoryURI): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
959 |
mirror = RepositoryURI(mirror) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
960 |
return mirror in self.mirrors |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
961 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
962 |
def has_origin(self, origin): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
963 |
"""Returns a boolean value indicating whether a matching |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
964 |
'origin' exists for the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
965 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
966 |
'origin' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
967 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
968 |
if not isinstance(origin, RepositoryURI): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
969 |
origin = RepositoryURI(origin) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
970 |
return origin in self.origins |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
971 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
972 |
def remove_legal_uri(self, uri): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
973 |
"""Removes the legal URI matching 'uri' from the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
974 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
975 |
'uri' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
976 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
977 |
for i, m in enumerate(self.legal_uris): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
978 |
if uri == m.uri: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
979 |
# Immediate return as the index into the array |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
980 |
# changes with each removal. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
981 |
del self.legal_uris[i] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
982 |
return |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
983 |
raise api_errors.UnknownLegalURI(uri) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
984 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
985 |
def remove_mirror(self, mirror): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
986 |
"""Removes the mirror matching 'mirror' from the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
987 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
988 |
'mirror' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
989 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
990 |
if not isinstance(mirror, RepositoryURI): |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
991 |
mirror = misc.url_affix_trailing_slash(mirror) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
992 |
for i, m in enumerate(self.mirrors): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
993 |
if mirror == m.uri: |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
994 |
if m.system: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
995 |
api_errors.RemoveSyspubMirror( |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
996 |
mirror.uri) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
997 |
# Immediate return as the index into the array |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
998 |
# changes with each removal. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
999 |
del self.mirrors[i] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1000 |
return |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1001 |
raise api_errors.UnknownRepositoryMirror(mirror) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1002 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1003 |
def remove_origin(self, origin): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1004 |
"""Removes the origin matching 'origin' from the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1005 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1006 |
'origin' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1007 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1008 |
if not isinstance(origin, RepositoryURI): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1009 |
origin = RepositoryURI(origin) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1010 |
for i, o in enumerate(self.origins): |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
1011 |
if origin == o.uri: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
1012 |
if o.system: |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
1013 |
raise api_errors.RemoveSyspubOrigin( |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
1014 |
origin.uri) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1015 |
# Immediate return as the index into the array |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1016 |
# changes with each removal. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1017 |
del self.origins[i] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1018 |
return |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1019 |
raise api_errors.UnknownRepositoryOrigin(origin) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1020 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1021 |
def remove_related_uri(self, uri): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1022 |
"""Removes the related URI matching 'uri' from the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1023 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1024 |
'uri' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1025 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1026 |
for i, m in enumerate(self.related_uris): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1027 |
if uri == m.uri: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1028 |
# Immediate return as the index into the array |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1029 |
# changes with each removal. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1030 |
del self.related_uris[i] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1031 |
return |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1032 |
raise api_errors.UnknownRelatedURI(uri) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1033 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1034 |
def update_mirror(self, mirror, priority=None, ssl_cert=None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1035 |
ssl_key=None): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1036 |
"""Updates an existing mirror object matching 'mirror'. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1037 |
|
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
1038 |
'mirror' can be a RepositoryURI object or a URI string. |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
1039 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
1040 |
This method is deprecated, and may be removed in future API |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
1041 |
versions.""" |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1042 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1043 |
if not isinstance(mirror, RepositoryURI): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1044 |
mirror = RepositoryURI(mirror, priority=priority, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1045 |
ssl_cert=ssl_cert, ssl_key=ssl_key) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1046 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1047 |
target = self.get_mirror(mirror) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1048 |
target.priority = mirror.priority |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1049 |
target.ssl_cert = mirror.ssl_cert |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1050 |
target.ssl_key = mirror.ssl_key |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
1051 |
target.proxies = mirror.proxies |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1052 |
self.mirrors.sort(key=URI_SORT_POLICIES[self.__sort_policy]) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1053 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1054 |
def update_origin(self, origin, priority=None, ssl_cert=None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1055 |
ssl_key=None): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1056 |
"""Updates an existing origin object matching 'origin'. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1057 |
|
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
1058 |
'origin' can be a RepositoryURI object or a URI string. |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
1059 |
|
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
1060 |
This method is deprecated, and may be removed in future API |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
1061 |
versions.""" |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1062 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1063 |
if not isinstance(origin, RepositoryURI): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1064 |
origin = RepositoryURI(origin, priority=priority, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1065 |
ssl_cert=ssl_cert, ssl_key=ssl_key) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1066 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1067 |
target = self.get_origin(origin) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1068 |
target.priority = origin.priority |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1069 |
target.ssl_cert = origin.ssl_cert |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1070 |
target.ssl_key = origin.ssl_key |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
1071 |
target.proxies = origin.proxies |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1072 |
self.origins.sort(key=URI_SORT_POLICIES[self.__sort_policy]) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1073 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1074 |
def reset_mirrors(self): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1075 |
"""Discards the current list of repository mirrors.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1076 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1077 |
self.mirrors = [] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1078 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1079 |
def reset_origins(self): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1080 |
"""Discards the current list of repository origins.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1081 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1082 |
self.origins = [] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1083 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1084 |
collection_type = property(lambda self: self.__collection_type, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1085 |
__set_collection_type, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1086 |
"""A constant value indicating the type of packages in the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1087 |
repository. The following collection types are recognized: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1088 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1089 |
REPO_CTYPE_CORE |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1090 |
The "core" type indicates that the repository contains |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1091 |
all of the dependencies declared by packages in the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1092 |
repository. It is primarily used for operating system |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1093 |
repositories. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1094 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1095 |
REPO_CTYPE_SUPPLEMENTAL |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1096 |
The "supplemental" type indicates that the repository |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1097 |
contains packages that rely on or are intended to be |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1098 |
used with packages located in another repository.""") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1099 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1100 |
legal_uris = property(lambda self: self.__legal_uris, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1101 |
__set_legal_uris, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1102 |
"""A list of RepositoryURI objects indicating where licensing, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1103 |
legal, and terms of service information for the repository can be |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1104 |
found.""") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1105 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1106 |
mirrors = property(lambda self: self.__mirrors, __set_mirrors, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1107 |
"""A list of RepositoryURI objects indicating where package content |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1108 |
can be retrieved. If any value in the list provided is a URI |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1109 |
string, it will be replaced with a RepositoryURI object.""") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1110 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1111 |
origins = property(lambda self: self.__origins, __set_origins, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1112 |
"""A list of RepositoryURI objects indicating where package content |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1113 |
can be retrieved. If any value in the list provided is a URI |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1114 |
string, it will be replaced with a RepositoryURI object.""") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1115 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1116 |
registration_uri = property(lambda self: self.__registration_uri, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1117 |
__set_registration_uri, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1118 |
"""A RepositoryURI object indicating a location clients can use to |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1119 |
register or obtain credentials needed to access the repository. If |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1120 |
the value provided is a URI string, it will be replaced with a |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1121 |
RepositoryURI object.""") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1122 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1123 |
related_uris = property(lambda self: self.__related_uris, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1124 |
__set_related_uris, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1125 |
"""A list of RepositoryURI objects indicating the location of |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1126 |
related repositories that a client may be interested in. If any |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1127 |
value in the list provided is a URI string, it will be replaced with |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1128 |
a RepositoryURI object.""") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1129 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1130 |
refresh_seconds = property(lambda self: self.__refresh_seconds, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1131 |
__set_refresh_seconds, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1132 |
"""An integer value indicating the number of seconds clients should |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1133 |
wait before refreshing cached repository metadata information. A |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1134 |
value of None indicates that refreshes should be performed at the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1135 |
client's discretion.""") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1136 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1137 |
sort_policy = property(lambda self: self.__sort_policy, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1138 |
__set_sort_policy, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1139 |
"""A constant value indicating how legal_uris, mirrors, origins, and |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1140 |
related_uris should be sorted. The following policies are |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1141 |
recognized: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1142 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1143 |
URI_SORT_PRIORITY |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1144 |
The "priority" policy indicate that URIs should be |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1145 |
sorted according to the value of their priority |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1146 |
attribute.""") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1147 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1148 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1149 |
class Publisher(object): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1150 |
"""Class representing a publisher object and a set of interfaces to set |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1151 |
and retrieve its information. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1152 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1153 |
A publisher is a forward or reverse domain name identifying a source |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1154 |
(e.g. "publisher") of packages.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1155 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1156 |
# These properties are declared here so that they show up in the pydoc |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1157 |
# documentation as private, and for clarity in the property declarations |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1158 |
# found near the end of the class definition. |
2808
05c6015a8c62
7195369 corrupt manifests can end up on disk when -g is used
Dan Price <daniel.price@oracle.com>
parents:
2768
diff
changeset
|
1159 |
_catalog = None |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1160 |
__alias = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1161 |
__client_uuid = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1162 |
__disabled = False |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1163 |
__meta_root = None |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1164 |
__origin_root = None |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1165 |
__prefix = None |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1166 |
__repository = None |
1505
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
1167 |
__sticky = True |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1168 |
transport = None |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1169 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1170 |
# Used to store the id of the original object this one was copied |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1171 |
# from during __copy__. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1172 |
_source_object_id = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1173 |
|
2408
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
1174 |
# Used to record those CRLs which are unreachable during the current |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
1175 |
# operation. |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
1176 |
__bad_crls = set() |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
1177 |
|
2219
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
1178 |
def __init__(self, prefix, alias=None, catalog=None, client_uuid=None, |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1179 |
disabled=False, meta_root=None, repository=None, |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1180 |
transport=None, sticky=True, props=None, revoked_ca_certs=EmptyI, |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1181 |
approved_ca_certs=EmptyI, sys_pub=False): |
2219
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
1182 |
"""Initialize a new publisher object. |
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
1183 |
|
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
1184 |
'catalog' is an optional Catalog object to use in place of |
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
1185 |
retrieving one from the publisher's meta_root. This option |
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
1186 |
may only be used when meta_root is not provided. |
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
1187 |
""" |
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
1188 |
|
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
1189 |
assert not (catalog and meta_root) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1190 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1191 |
if client_uuid is None: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1192 |
self.reset_client_uuid() |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1193 |
else: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1194 |
self.__client_uuid = client_uuid |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1195 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1196 |
self.sys_pub = False |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1197 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1198 |
# Note that the properties set here are intentionally lacking |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1199 |
# the '__' prefix which means assignment will occur using the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1200 |
# get/set methods declared for the property near the end of |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1201 |
# the class definition. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1202 |
self.alias = alias |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1203 |
self.disabled = disabled |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1204 |
self.prefix = prefix |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1205 |
self.transport = transport |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1206 |
self.meta_root = meta_root |
1505
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
1207 |
self.sticky = sticky |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1208 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1209 |
|
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1210 |
self.__sig_policy = None |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1211 |
self.__delay_validation = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1212 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1213 |
self.__properties = {} |
2529
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
1214 |
self.__tmp_crls = {} |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1215 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1216 |
# Writing out an EmptyI to a config file and reading it back |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1217 |
# in doesn't work correctly at the moment, but reading and |
2028
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
1218 |
# writing an empty list does. So if intermediate_certs is empty, |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
1219 |
# make sure it's stored as an empty list. |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1220 |
# |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1221 |
# The relevant implementation is probably the line which |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1222 |
# strips ][ from the input in imageconfig.read_list. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1223 |
if revoked_ca_certs: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1224 |
self.revoked_ca_certs = revoked_ca_certs |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1225 |
else: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1226 |
self.revoked_ca_certs = [] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1227 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1228 |
if approved_ca_certs: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1229 |
self.approved_ca_certs = approved_ca_certs |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1230 |
else: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1231 |
self.approved_ca_certs = [] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1232 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1233 |
if props: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1234 |
self.properties.update(props) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1235 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1236 |
self.ca_dict = None |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1237 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1238 |
if repository: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1239 |
self.repository = repository |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1240 |
self.sys_pub = sys_pub |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1241 |
|
2467
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
1242 |
# A dictionary to story the mapping for subject -> certificate |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
1243 |
# for those certificates we couldn't store on disk. |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
1244 |
self.__issuers = {} |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
1245 |
|
2219
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
1246 |
# Must be done last. |
2808
05c6015a8c62
7195369 corrupt manifests can end up on disk when -g is used
Dan Price <daniel.price@oracle.com>
parents:
2768
diff
changeset
|
1247 |
self._catalog = catalog |
2219
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
1248 |
|
3245
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1249 |
def __lt__(self, other): |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1250 |
if other is None: |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1251 |
return False |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1252 |
if isinstance(other, Publisher): |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1253 |
return self.prefix < other.prefix |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1254 |
return self.prefix < other |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1255 |
|
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1256 |
def __gt__(self, other): |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1257 |
if other is None: |
3245
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1258 |
return True |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1259 |
if isinstance(other, Publisher): |
3245
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1260 |
return self.prefix > other.prefix |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1261 |
return self.prefix > other |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1262 |
|
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1263 |
def __le__(self, other): |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1264 |
return not self > other |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1265 |
|
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1266 |
def __ge__(self, other): |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1267 |
return not self < other |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1268 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1269 |
@staticmethod |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1270 |
def __contains__(key): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1271 |
"""Supports deprecated compatibility interface.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1272 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1273 |
return key in ("client_uuid", "disabled", "mirrors", "origin", |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1274 |
"prefix", "ssl_cert", "ssl_key") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1275 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1276 |
def __copy__(self): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1277 |
selected = None |
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
1278 |
pub = Publisher(self.__prefix, alias=self.__alias, |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
1279 |
client_uuid=self.__client_uuid, disabled=self.__disabled, |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1280 |
meta_root=self.meta_root, |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1281 |
repository=copy.copy(self.repository), |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1282 |
transport=self.transport, sticky=self.__sticky, |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1283 |
props=self.properties, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1284 |
revoked_ca_certs=self.revoked_ca_certs, |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1285 |
approved_ca_certs=self.approved_ca_certs, |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1286 |
sys_pub=self.sys_pub) |
2808
05c6015a8c62
7195369 corrupt manifests can end up on disk when -g is used
Dan Price <daniel.price@oracle.com>
parents:
2768
diff
changeset
|
1287 |
pub._catalog = self._catalog |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1288 |
pub._source_object_id = id(self) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1289 |
return pub |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1290 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1291 |
def __eq__(self, other): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1292 |
if isinstance(other, Publisher): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1293 |
return self.prefix == other.prefix |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1294 |
if isinstance(other, str): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1295 |
return self.prefix == other |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1296 |
return False |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1297 |
|
3245
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1298 |
__hash__ = object.__hash__ |
d04bb3ca0128
20780066 change ordering comparisons for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3234
diff
changeset
|
1299 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1300 |
def __getitem__(self, key): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1301 |
"""Deprecated compatibility interface allowing publisher |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1302 |
attributes to be read as pub["attribute"].""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1303 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1304 |
if key == "client_uuid": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1305 |
return self.__client_uuid |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1306 |
if key == "disabled": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1307 |
return self.__disabled |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1308 |
if key == "prefix": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1309 |
return self.__prefix |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1310 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1311 |
repo = self.repository |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1312 |
if key == "mirrors": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1313 |
return [str(m) for m in repo.mirrors] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1314 |
if key == "origin": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1315 |
if not repo.origins[0]: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1316 |
return None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1317 |
return repo.origins[0].uri |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1318 |
if key == "ssl_cert": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1319 |
if not repo.origins[0]: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1320 |
return None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1321 |
return repo.origins[0].ssl_cert |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1322 |
if key == "ssl_key": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1323 |
if not repo.origins[0]: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1324 |
return None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1325 |
return repo.origins[0].ssl_key |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1326 |
|
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1327 |
def __get_last_refreshed(self): |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1328 |
if not self.meta_root: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1329 |
return None |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1330 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1331 |
lcfile = os.path.join(self.meta_root, "last_refreshed") |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1332 |
try: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1333 |
mod_time = os.stat(lcfile).st_mtime |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
1334 |
except EnvironmentError as e: |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1335 |
if e.errno == errno.ENOENT: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1336 |
return None |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1337 |
raise |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1338 |
return dt.datetime.utcfromtimestamp(mod_time) |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1339 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1340 |
def __ne__(self, other): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1341 |
if isinstance(other, Publisher): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1342 |
return self.prefix != other.prefix |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1343 |
if isinstance(other, str): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1344 |
return self.prefix != other |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1345 |
return True |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1346 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1347 |
def __set_alias(self, value): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1348 |
if self.sys_pub: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1349 |
raise api_errors.ModifyingSyspubException( |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1350 |
"Cannot set the alias of a system publisher") |
2028
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
1351 |
# Aliases must comply with the same restrictions that prefixes |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
1352 |
# have as they are intended to be useable in any case where |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
1353 |
# a prefix may be used. |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
1354 |
if value is not None and value != "" and \ |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
1355 |
not misc.valid_pub_prefix(value): |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
1356 |
raise api_errors.BadPublisherAlias(value) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1357 |
self.__alias = value |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1358 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1359 |
def __set_disabled(self, disabled): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1360 |
if self.sys_pub: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1361 |
raise api_errors.ModifyingSyspubException(_("Cannot " |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1362 |
"enable or disable a system publisher")) |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1363 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1364 |
if disabled: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1365 |
self.__disabled = True |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1366 |
else: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1367 |
self.__disabled = False |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1368 |
|
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1369 |
def __set_last_refreshed(self, value): |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1370 |
if not self.meta_root: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1371 |
return |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1372 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1373 |
if value is not None and not isinstance(value, dt.datetime): |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1374 |
raise api_errors.BadRepositoryAttributeValue( |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1375 |
"last_refreshed", value=value) |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1376 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1377 |
lcfile = os.path.join(self.meta_root, "last_refreshed") |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1378 |
if not value: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1379 |
# If no value was provided, attempt to remove the |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1380 |
# tracking file. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1381 |
try: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1382 |
portable.remove(lcfile) |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
1383 |
except EnvironmentError as e: |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1384 |
# If the file can't be removed due to |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1385 |
# permissions, a read-only filesystem, or |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1386 |
# because it doesn't exist, continue on. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1387 |
if e.errno not in (errno.ENOENT, errno.EACCES, |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1388 |
errno.EROFS): |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1389 |
raise |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1390 |
return |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1391 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1392 |
def create_tracker(): |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1393 |
try: |
3065
1dbcb0bd5069
15786486 problem in UTILITY/ZONES
Kartik Gupta <kartik.k.gupta@oracle.com>
parents:
2962
diff
changeset
|
1394 |
# If the file is a symlink we catch an |
1dbcb0bd5069
15786486 problem in UTILITY/ZONES
Kartik Gupta <kartik.k.gupta@oracle.com>
parents:
2962
diff
changeset
|
1395 |
# exception and do not update the file. |
1dbcb0bd5069
15786486 problem in UTILITY/ZONES
Kartik Gupta <kartik.k.gupta@oracle.com>
parents:
2962
diff
changeset
|
1396 |
fd = os.open(lcfile, |
1dbcb0bd5069
15786486 problem in UTILITY/ZONES
Kartik Gupta <kartik.k.gupta@oracle.com>
parents:
2962
diff
changeset
|
1397 |
os.O_WRONLY|os.O_NOFOLLOW|os.O_CREAT) |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1398 |
os.write(fd, "{0}\n".format( |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1399 |
misc.time_to_timestamp( |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1400 |
calendar.timegm(value.utctimetuple())))) |
3065
1dbcb0bd5069
15786486 problem in UTILITY/ZONES
Kartik Gupta <kartik.k.gupta@oracle.com>
parents:
2962
diff
changeset
|
1401 |
os.close(fd) |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
1402 |
except EnvironmentError as e: |
3065
1dbcb0bd5069
15786486 problem in UTILITY/ZONES
Kartik Gupta <kartik.k.gupta@oracle.com>
parents:
2962
diff
changeset
|
1403 |
if e.errno == errno.ELOOP: |
1dbcb0bd5069
15786486 problem in UTILITY/ZONES
Kartik Gupta <kartik.k.gupta@oracle.com>
parents:
2962
diff
changeset
|
1404 |
raise api_errors.UnexpectedLinkError( |
1dbcb0bd5069
15786486 problem in UTILITY/ZONES
Kartik Gupta <kartik.k.gupta@oracle.com>
parents:
2962
diff
changeset
|
1405 |
os.path.dirname(lcfile), |
1dbcb0bd5069
15786486 problem in UTILITY/ZONES
Kartik Gupta <kartik.k.gupta@oracle.com>
parents:
2962
diff
changeset
|
1406 |
os.path.basename(lcfile), |
1dbcb0bd5069
15786486 problem in UTILITY/ZONES
Kartik Gupta <kartik.k.gupta@oracle.com>
parents:
2962
diff
changeset
|
1407 |
e.errno) |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1408 |
# If the file can't be written due to |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1409 |
# permissions or because the filesystem is |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1410 |
# read-only, continue on. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1411 |
if e.errno not in (errno.EACCES, errno.EROFS): |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1412 |
raise |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1413 |
try: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1414 |
# If a time was provided, write out a special file that |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1415 |
# can be used to track the information with the actual |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1416 |
# time (in UTC) contained within. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1417 |
create_tracker() |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
1418 |
except EnvironmentError as e: |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1419 |
if e.errno != errno.ENOENT: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1420 |
raise |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1421 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1422 |
# Assume meta_root doesn't exist and create it. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1423 |
try: |
1087
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1424 |
self.create_meta_root() |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1425 |
except api_errors.PermissionsException: |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1426 |
# If the directory can't be created due to |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1427 |
# permissions, move on. |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1428 |
pass |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
1429 |
except EnvironmentError as e: |
1087
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1430 |
# If the directory can't be created due to a |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1431 |
# read-only filesystem, move on. |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1432 |
if e.errno != errno.EROFS: |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1433 |
raise |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1434 |
else: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1435 |
# Try one last time. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1436 |
create_tracker() |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1437 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1438 |
def __set_meta_root(self, pathname): |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1439 |
if pathname: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1440 |
pathname = os.path.abspath(pathname) |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1441 |
self.__meta_root = pathname |
2808
05c6015a8c62
7195369 corrupt manifests can end up on disk when -g is used
Dan Price <daniel.price@oracle.com>
parents:
2768
diff
changeset
|
1442 |
if self._catalog: |
05c6015a8c62
7195369 corrupt manifests can end up on disk when -g is used
Dan Price <daniel.price@oracle.com>
parents:
2768
diff
changeset
|
1443 |
self._catalog.meta_root = self.catalog_root |
3318
864be9e4db61
15780631 problem in UTILITY/ZONES
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3304
diff
changeset
|
1444 |
self._catalog.file_root = self.__meta_root |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1445 |
if self.__meta_root: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1446 |
self.__origin_root = os.path.join(self.__meta_root, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1447 |
"origins") |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1448 |
self.cert_root = os.path.join(self.__meta_root, "certs") |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1449 |
self.__subj_root = os.path.join(self.cert_root, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1450 |
"subject_hashes") |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1451 |
self.__crl_root = os.path.join(self.cert_root, "crls") |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1452 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1453 |
def __set_prefix(self, prefix): |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1454 |
if not misc.valid_pub_prefix(prefix): |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1455 |
raise api_errors.BadPublisherPrefix(prefix) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1456 |
self.__prefix = prefix |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1457 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1458 |
def __set_repository(self, value): |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1459 |
if not isinstance(value, Repository): |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1460 |
raise api_errors.UnknownRepository(value) |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1461 |
self.__repository = value |
2808
05c6015a8c62
7195369 corrupt manifests can end up on disk when -g is used
Dan Price <daniel.price@oracle.com>
parents:
2768
diff
changeset
|
1462 |
self._catalog = None |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1463 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1464 |
def __set_client_uuid(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1465 |
self.__client_uuid = value |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1466 |
|
1505
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
1467 |
def __set_stickiness(self, value): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1468 |
if self.sys_pub: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1469 |
raise api_errors.ModifyingSyspubException(_("Cannot " |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1470 |
"change the stickiness of a system publisher")) |
1505
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
1471 |
self.__sticky = bool(value) |
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
1472 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1473 |
def __str__(self): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1474 |
return self.prefix |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1475 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1476 |
def __validate_metadata(self, croot, repo): |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1477 |
"""Private helper function to check the publisher's metadata |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1478 |
for configuration or other issues and log appropriate warnings |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1479 |
or errors. Currently only checks catalog metadata.""" |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1480 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1481 |
c = pkg.catalog.Catalog(meta_root=croot, read_only=True) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1482 |
if not c.exists: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1483 |
# Nothing to validate. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1484 |
return |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1485 |
if not c.version > 0: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1486 |
# Validation doesn't apply. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1487 |
return |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1488 |
if not c.package_count: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1489 |
# Nothing to do. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1490 |
return |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1491 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1492 |
# XXX For now, perform this check using the catalog data. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1493 |
# In the future, it should be done using the output of the |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1494 |
# publisher/0 operation. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1495 |
pubs = c.publishers() |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1496 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1497 |
if self.prefix not in pubs: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1498 |
origins = repo.origins |
1604
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1499 |
origin = origins[0] |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1500 |
logger.error(_(""" |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1501 |
Unable to retrieve package data for publisher '{prefix}' from one |
1604
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1502 |
of the following origin(s): |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1503 |
|
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1504 |
{origins} |
1604
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1505 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1506 |
The catalog retrieved from one of the origin(s) listed above only |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1507 |
contains package data for: {pubs}. |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1508 |
""").format(origins="\n".join(str(o) for o in origins), prefix=self.prefix, |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1509 |
pubs=", ".join(pubs))) |
1604
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1510 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1511 |
if global_settings.client_name != "pkg": |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1512 |
logger.error(_("""\ |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1513 |
This is either a result of invalid origin information being provided |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1514 |
for publisher '{0}', or because the wrong publisher name was |
1604
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1515 |
provided when this publisher was added. |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1516 |
""").format(self.prefix)) |
1604
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1517 |
# Remaining messages are for pkg client only. |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1518 |
return |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1519 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1520 |
logger.error(_("""\ |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1521 |
To resolve this issue, correct the origin information provided for |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1522 |
publisher '{prefix}' using the pkg set-publisher subcommand, or re-add |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1523 |
the publisher using the correct name and remove the '{prefix}' |
1604
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1524 |
publisher. |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1525 |
""").format(prefix=self.prefix)) |
1604
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1526 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1527 |
if len(pubs) == 1: |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1528 |
logger.warning(_("""\ |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1529 |
To re-add this publisher with the correct name, execute the following |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1530 |
commands as a privileged user: |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1531 |
|
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1532 |
pkg set-publisher -P -g {origin} {pub} |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1533 |
pkg unset-publisher {prefix} |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1534 |
""").format(origin=origin, prefix=self.prefix, pub=list(pubs)[0])) |
1604
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1535 |
return |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1536 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1537 |
logger.warning(_("""\ |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1538 |
The origin(s) listed above contain package data for more than one |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1539 |
publisher, but this issue can likely be resolved by executing one |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1540 |
of the following commands as a privileged user: |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1541 |
""")) |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1542 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1543 |
for pfx in pubs: |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1544 |
logger.warning(_("pkg set-publisher -P -g " |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1545 |
"{origin} {pub}\n").format( |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1546 |
origin=origin, pub=pfx)) |
1604
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1547 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1548 |
logger.warning(_("""\ |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1549 |
Afterwards, the old publisher should be removed by executing the |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1550 |
following command as a privileged user: |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1551 |
|
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1552 |
pkg unset-publisher {0} |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
1553 |
""").format(self.prefix)) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1554 |
|
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1555 |
@property |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1556 |
def catalog(self): |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1557 |
"""A reference to the Catalog object for the publisher's |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1558 |
selected repository, or None if available.""" |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1559 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1560 |
if not self.meta_root: |
2808
05c6015a8c62
7195369 corrupt manifests can end up on disk when -g is used
Dan Price <daniel.price@oracle.com>
parents:
2768
diff
changeset
|
1561 |
if self._catalog: |
05c6015a8c62
7195369 corrupt manifests can end up on disk when -g is used
Dan Price <daniel.price@oracle.com>
parents:
2768
diff
changeset
|
1562 |
return self._catalog |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1563 |
return None |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1564 |
|
2808
05c6015a8c62
7195369 corrupt manifests can end up on disk when -g is used
Dan Price <daniel.price@oracle.com>
parents:
2768
diff
changeset
|
1565 |
if not self._catalog: |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1566 |
croot = self.catalog_root |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1567 |
if not os.path.isdir(croot): |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1568 |
# Current meta_root structure is likely in |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1569 |
# a state of transition, so don't provide a |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1570 |
# meta_root. Assume that an empty catalog |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1571 |
# is desired instead. (This can happen during |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1572 |
# an image format upgrade.) |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1573 |
croot = None |
2808
05c6015a8c62
7195369 corrupt manifests can end up on disk when -g is used
Dan Price <daniel.price@oracle.com>
parents:
2768
diff
changeset
|
1574 |
self._catalog = pkg.catalog.Catalog( |
3318
864be9e4db61
15780631 problem in UTILITY/ZONES
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3304
diff
changeset
|
1575 |
meta_root=croot, file_root=self.meta_root) |
2808
05c6015a8c62
7195369 corrupt manifests can end up on disk when -g is used
Dan Price <daniel.price@oracle.com>
parents:
2768
diff
changeset
|
1576 |
return self._catalog |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1577 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1578 |
@property |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1579 |
def catalog_root(self): |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1580 |
"""The absolute pathname of the directory containing the |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1581 |
Catalog data for the publisher, or None if meta_root is |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1582 |
not defined.""" |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1583 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1584 |
if self.meta_root: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1585 |
return os.path.join(self.meta_root, "catalog") |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1586 |
|
1087
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1587 |
def create_meta_root(self): |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1588 |
"""Create the publisher's meta_root.""" |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1589 |
|
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1590 |
if not self.meta_root: |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1591 |
raise api_errors.BadPublisherMetaRoot(self.meta_root, |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1592 |
operation="create_meta_root") |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1593 |
|
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1594 |
for path in (self.meta_root, self.catalog_root): |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1595 |
try: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1596 |
os.makedirs(path) |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
1597 |
except EnvironmentError as e: |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1598 |
if e.errno == errno.EACCES: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1599 |
raise api_errors.PermissionsException( |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1600 |
e.filename) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1601 |
if e.errno == errno.EROFS: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1602 |
raise api_errors.ReadOnlyFileSystemException( |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1603 |
e.filename) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1604 |
elif e.errno != errno.EEXIST: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1605 |
# If the path already exists, move on. |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1606 |
# Otherwise, raise the exception. |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1607 |
raise |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1608 |
# Optional roots not needed for all operations. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1609 |
for path in (self.cert_root, self.__origin_root, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1610 |
self.__subj_root, self.__crl_root): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1611 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1612 |
os.makedirs(path) |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
1613 |
except EnvironmentError as e: |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1614 |
if e.errno in (errno.EACCES, errno.EROFS): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1615 |
pass |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1616 |
elif e.errno != errno.EEXIST: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1617 |
# If the path already exists, move on. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1618 |
# Otherwise, raise the exception. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1619 |
raise |
1087
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1620 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1621 |
def get_origin_sets(self): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1622 |
"""Returns a list of Repository objects representing the unique |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1623 |
groups of origins available. Each group is based on the origins |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1624 |
that share identical package catalog data.""" |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1625 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1626 |
if not self.repository or not self.repository.origins: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1627 |
# Guard against failure for publishers with no |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1628 |
# transport information. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1629 |
return [] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1630 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1631 |
if not self.meta_root or not os.path.exists(self.__origin_root): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1632 |
# No way to identify unique sets. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1633 |
return [self.repository] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1634 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1635 |
# Index origins by tuple of (catalog creation, catalog modified) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1636 |
osets = collections.defaultdict(list) |
2408
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
1637 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1638 |
for origin, opath in self.__gen_origin_paths(): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1639 |
cat = pkg.catalog.Catalog(meta_root=opath, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1640 |
read_only=True) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1641 |
if not cat.exists: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1642 |
key = None |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1643 |
else: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1644 |
key = (str(cat.created), str(cat.last_modified)) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1645 |
osets[key].append(origin) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1646 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1647 |
# Now return a list of Repository objects (copies of the |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1648 |
# currently selected one) assigning each set of origins. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1649 |
# Sort by index to ensure consistent ordering. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1650 |
rval = [] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1651 |
for k in sorted(osets): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1652 |
nrepo = copy.copy(self.repository) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1653 |
nrepo.origins = osets[k] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1654 |
rval.append(nrepo) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1655 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1656 |
return rval |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1657 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1658 |
def has_configuration(self): |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1659 |
"""Returns whether this publisher has any configuration which |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1660 |
should prevent its removal.""" |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1661 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1662 |
return bool(self.__repository.origins or |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1663 |
self.__repository.mirrors or self.__sig_policy or |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1664 |
self.approved_ca_certs or self.revoked_ca_certs) |
2408
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
1665 |
|
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1666 |
@property |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1667 |
def needs_refresh(self): |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1668 |
"""A boolean value indicating whether the publisher's |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1669 |
metadata for the currently selected repository needs to be |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1670 |
refreshed.""" |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1671 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1672 |
if not self.repository or not self.meta_root: |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1673 |
# Nowhere to obtain metadata from; this should rarely |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1674 |
# occur except during publisher initialization. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1675 |
return False |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1676 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1677 |
lc = self.last_refreshed |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1678 |
if not lc: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1679 |
# There is no record of when the publisher metadata was |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1680 |
# last refreshed, so assume it should be refreshed now. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1681 |
return True |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1682 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1683 |
ts_now = time.time() |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1684 |
ts_last = calendar.timegm(lc.utctimetuple()) |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1685 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1686 |
rs = self.repository.refresh_seconds |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1687 |
if not rs: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1688 |
# There is no indicator of how often often publisher |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1689 |
# metadata should be refreshed, so assume it should be |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1690 |
# now. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1691 |
return True |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1692 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1693 |
if (ts_now - ts_last) >= rs: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1694 |
# The number of seconds that has elapsed since the |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1695 |
# publisher metadata was last refreshed exceeds or |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1696 |
# equals the specified interval. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1697 |
return True |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1698 |
return False |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1699 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1700 |
def __get_origin_path(self, origin): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1701 |
if not os.path.exists(self.__origin_root): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1702 |
return |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1703 |
# A digest of the URI string is used here to attempt to avoid |
2962
ce8cd4c07986
15433013 content hash handling should handle different hash functions
Tim Foster <tim.s.foster@oracle.com>
parents:
2898
diff
changeset
|
1704 |
# path length problems. In order for this image to interoperate |
ce8cd4c07986
15433013 content hash handling should handle different hash functions
Tim Foster <tim.s.foster@oracle.com>
parents:
2898
diff
changeset
|
1705 |
# with older clients, we must use sha-1 here. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1706 |
return os.path.join(self.__origin_root, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1707 |
hashlib.sha1(origin.uri).hexdigest()) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1708 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1709 |
def __gen_origin_paths(self): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1710 |
if not os.path.exists(self.__origin_root): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1711 |
return |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1712 |
for origin in self.repository.origins: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1713 |
yield origin, self.__get_origin_path(origin) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1714 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1715 |
def __rebuild_catalog(self): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1716 |
"""Private helper function that builds publisher catalog based |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1717 |
on catalog from each origin.""" |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1718 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1719 |
# First, remove catalogs for any origins that no longer exist. |
2962
ce8cd4c07986
15433013 content hash handling should handle different hash functions
Tim Foster <tim.s.foster@oracle.com>
parents:
2898
diff
changeset
|
1720 |
# We must interoperate with older clients, so force the use of |
ce8cd4c07986
15433013 content hash handling should handle different hash functions
Tim Foster <tim.s.foster@oracle.com>
parents:
2898
diff
changeset
|
1721 |
# sha-1 here. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1722 |
ohashes = [ |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1723 |
hashlib.sha1(o.uri).hexdigest() |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1724 |
for o in self.repository.origins |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1725 |
] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1726 |
|
2749
9d664b5d7896
7175436 removal-only of origins with set-publisher can result in stale image catalog
Shawn Walker <shawn.walker@oracle.com>
parents:
2701
diff
changeset
|
1727 |
removals = False |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1728 |
for entry in os.listdir(self.__origin_root): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1729 |
opath = os.path.join(self.__origin_root, entry) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1730 |
try: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1731 |
if entry in ohashes: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1732 |
continue |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1733 |
except Exception: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1734 |
# Discard anything that isn't an origin. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1735 |
pass |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1736 |
|
2749
9d664b5d7896
7175436 removal-only of origins with set-publisher can result in stale image catalog
Shawn Walker <shawn.walker@oracle.com>
parents:
2701
diff
changeset
|
1737 |
# An origin was removed, so publisher should inform |
9d664b5d7896
7175436 removal-only of origins with set-publisher can result in stale image catalog
Shawn Walker <shawn.walker@oracle.com>
parents:
2701
diff
changeset
|
1738 |
# image to force image catalog rebuild. |
9d664b5d7896
7175436 removal-only of origins with set-publisher can result in stale image catalog
Shawn Walker <shawn.walker@oracle.com>
parents:
2701
diff
changeset
|
1739 |
removals = True |
9d664b5d7896
7175436 removal-only of origins with set-publisher can result in stale image catalog
Shawn Walker <shawn.walker@oracle.com>
parents:
2701
diff
changeset
|
1740 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1741 |
# Not an origin or origin no longer exists; either way, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1742 |
# it shouldn't exist here. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1743 |
try: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1744 |
if os.path.isdir(opath): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1745 |
shutil.rmtree(opath) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1746 |
else: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1747 |
portable.remove(opath) |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
1748 |
except EnvironmentError as e: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1749 |
raise api_errors._convert_error(e) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1750 |
|
2768
e6d766b946a7
7120901 recursive pkg op fails: Parent image has a incompatible newer version
Edward Pilatowicz <edward.pilatowicz@oracle.com>
parents:
2764
diff
changeset
|
1751 |
# if the catalog already exists on disk, is empty, and if |
e6d766b946a7
7120901 recursive pkg op fails: Parent image has a incompatible newer version
Edward Pilatowicz <edward.pilatowicz@oracle.com>
parents:
2764
diff
changeset
|
1752 |
# no origins are configured, we're done. |
e6d766b946a7
7120901 recursive pkg op fails: Parent image has a incompatible newer version
Edward Pilatowicz <edward.pilatowicz@oracle.com>
parents:
2764
diff
changeset
|
1753 |
if self.catalog.exists and \ |
e6d766b946a7
7120901 recursive pkg op fails: Parent image has a incompatible newer version
Edward Pilatowicz <edward.pilatowicz@oracle.com>
parents:
2764
diff
changeset
|
1754 |
self.catalog.package_count == 0 and \ |
e6d766b946a7
7120901 recursive pkg op fails: Parent image has a incompatible newer version
Edward Pilatowicz <edward.pilatowicz@oracle.com>
parents:
2764
diff
changeset
|
1755 |
len(self.repository.origins) == 0: |
e6d766b946a7
7120901 recursive pkg op fails: Parent image has a incompatible newer version
Edward Pilatowicz <edward.pilatowicz@oracle.com>
parents:
2764
diff
changeset
|
1756 |
return removals |
e6d766b946a7
7120901 recursive pkg op fails: Parent image has a incompatible newer version
Edward Pilatowicz <edward.pilatowicz@oracle.com>
parents:
2764
diff
changeset
|
1757 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1758 |
# Discard existing catalog. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1759 |
self.catalog.destroy() |
2808
05c6015a8c62
7195369 corrupt manifests can end up on disk when -g is used
Dan Price <daniel.price@oracle.com>
parents:
2768
diff
changeset
|
1760 |
self._catalog = None |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1761 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1762 |
# Ensure all old catalog files are removed. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1763 |
for entry in os.listdir(self.catalog_root): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1764 |
if entry == "attrs" or entry == "catalog" or \ |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1765 |
entry.startswith("catalog."): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1766 |
try: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1767 |
portable.remove(os.path.join( |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1768 |
self.catalog_root, entry)) |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
1769 |
except EnvironmentError as e: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1770 |
raise apx._convert_error(e) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1771 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1772 |
# If there's only one origin, then just symlink its catalog |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1773 |
# files into place. |
2898
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
1774 |
# Symlinking includes updates for publication tools. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1775 |
opaths = [entry for entry in self.__gen_origin_paths()] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1776 |
if len(opaths) == 1: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1777 |
opath = opaths[0][1] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1778 |
for fname in os.listdir(opath): |
2898
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
1779 |
if fname.startswith("catalog.") or \ |
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
1780 |
fname.startswith("update."): |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1781 |
src = os.path.join(opath, fname) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1782 |
dest = os.path.join(self.catalog_root, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1783 |
fname) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1784 |
os.symlink(misc.relpath(src, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1785 |
self.catalog_root), dest) |
2749
9d664b5d7896
7175436 removal-only of origins with set-publisher can result in stale image catalog
Shawn Walker <shawn.walker@oracle.com>
parents:
2701
diff
changeset
|
1786 |
return removals |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1787 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1788 |
# If there's more than one origin, then create a new catalog |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1789 |
# based on a composite of the catalogs for all origins. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1790 |
ncat = pkg.catalog.Catalog(batch_mode=True, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1791 |
meta_root=self.catalog_root, sign=False) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1792 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1793 |
# Mark all operations as occurring at this time. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1794 |
op_time = dt.datetime.utcnow() |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1795 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1796 |
for origin, opath in opaths: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1797 |
src_cat = pkg.catalog.Catalog(meta_root=opath, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1798 |
read_only=True) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1799 |
for name in src_cat.parts: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1800 |
spart = src_cat.get_part(name, must_exist=True) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1801 |
if spart is None: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1802 |
# Client hasn't retrieved this part. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1803 |
continue |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1804 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1805 |
npart = ncat.get_part(name) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1806 |
base = name.startswith("catalog.base.") |
2408
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
1807 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1808 |
# Avoid accessor overhead since these will be |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1809 |
# used for every entry. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1810 |
cat_ver = src_cat.version |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1811 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1812 |
for t, sentry in spart.tuple_entries( |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1813 |
pubs=[self.prefix]): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1814 |
pub, stem, ver = t |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1815 |
|
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
1816 |
entry = dict(six.iteritems(sentry)) |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1817 |
try: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1818 |
npart.add(metadata=entry, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1819 |
op_time=op_time, pub=pub, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1820 |
stem=stem, ver=ver) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1821 |
except api_errors.DuplicateCatalogEntry: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1822 |
if not base: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1823 |
# Don't care. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1824 |
continue |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1825 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1826 |
# Destination entry is in |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1827 |
# catalog already. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1828 |
entry = npart.get_entry( |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1829 |
pub=pub, stem=stem, ver=ver) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1830 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1831 |
src_sigs = set( |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1832 |
s |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1833 |
for s in sentry |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1834 |
if s.startswith("signature-") |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1835 |
) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1836 |
dest_sigs = set( |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1837 |
s |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1838 |
for s in entry |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1839 |
if s.startswith("signature-") |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1840 |
) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1841 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1842 |
if src_sigs != dest_sigs: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1843 |
# Ignore any packages |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1844 |
# that are different |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1845 |
# from the first |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1846 |
# encountered for this |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1847 |
# package version. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1848 |
# The client expects |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1849 |
# these to always be |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1850 |
# the same. This seems |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1851 |
# saner than failing. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1852 |
continue |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1853 |
else: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1854 |
if not base: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1855 |
# Nothing to do. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1856 |
continue |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1857 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1858 |
# Destination entry is one just |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1859 |
# added. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1860 |
entry["metadata"] = { |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1861 |
"sources": [], |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1862 |
"states": [], |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1863 |
} |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1864 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1865 |
entry["metadata"]["sources"].append( |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1866 |
origin.uri) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1867 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1868 |
states = entry["metadata"]["states"] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1869 |
if src_cat.version == 0: |
2616
3c00fe4465d3
19148 PKG_STATE_* defines need a new home
Edward Pilatowicz <edward.pilatowicz@oracle.com>
parents:
2558
diff
changeset
|
1870 |
states.append( |
3c00fe4465d3
19148 PKG_STATE_* defines need a new home
Edward Pilatowicz <edward.pilatowicz@oracle.com>
parents:
2558
diff
changeset
|
1871 |
pkgdefs.PKG_STATE_V0) |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1872 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1873 |
# Now go back and trim each entry to minimize footprint. This |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1874 |
# ensures each package entry only has state and source info |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1875 |
# recorded when needed. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1876 |
for t, entry in ncat.tuple_entries(): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1877 |
pub, stem, ver = t |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1878 |
mdata = entry["metadata"] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1879 |
if len(mdata["sources"]) == len(opaths): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1880 |
# Package is available from all origins, so |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1881 |
# there's no need to require which ones |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1882 |
# have it. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1883 |
del mdata["sources"] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1884 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1885 |
if len(mdata["states"]) < len(opaths): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1886 |
# At least one source is not V0, so the lazy- |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1887 |
# load fallback for the package metadata isn't |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1888 |
# needed. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1889 |
del mdata["states"] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1890 |
elif len(mdata["states"]) > 1: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1891 |
# Ensure only one instance of state value. |
2616
3c00fe4465d3
19148 PKG_STATE_* defines need a new home
Edward Pilatowicz <edward.pilatowicz@oracle.com>
parents:
2558
diff
changeset
|
1892 |
mdata["states"] = [pkgdefs.PKG_STATE_V0] |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1893 |
if not mdata: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1894 |
mdata = None |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1895 |
ncat.update_entry(mdata, pub=pub, stem=stem, ver=ver) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1896 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1897 |
# Finally, write out publisher catalog. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1898 |
ncat.batch_mode = False |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1899 |
ncat.finalize() |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1900 |
ncat.save() |
2749
9d664b5d7896
7175436 removal-only of origins with set-publisher can result in stale image catalog
Shawn Walker <shawn.walker@oracle.com>
parents:
2701
diff
changeset
|
1901 |
return removals |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1902 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1903 |
def __convert_v0_catalog(self, v0_cat, v1_root): |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1904 |
"""Transforms the contents of the provided version 0 Catalog |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1905 |
into a version 1 Catalog, replacing the current Catalog.""" |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1906 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1907 |
v0_lm = v0_cat.last_modified() |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1908 |
if v0_lm: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1909 |
# last_modified can be none if the catalog is empty. |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1910 |
v0_lm = pkg.catalog.ts_to_datetime(v0_lm) |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1911 |
|
1358
6fec8fbc15a6
11324 package state written to parent boot environment during image-update
Shawn Walker <srw@sun.com>
parents:
1352
diff
changeset
|
1912 |
# There's no point in signing this catalog since it's simply |
6fec8fbc15a6
11324 package state written to parent boot environment during image-update
Shawn Walker <srw@sun.com>
parents:
1352
diff
changeset
|
1913 |
# a transformation of a v0 catalog. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1914 |
v1_cat = pkg.catalog.Catalog(batch_mode=True, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1915 |
meta_root=v1_root, sign=False) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1916 |
|
1358
6fec8fbc15a6
11324 package state written to parent boot environment during image-update
Shawn Walker <srw@sun.com>
parents:
1352
diff
changeset
|
1917 |
# A check for a previous non-zero package count is made to |
6fec8fbc15a6
11324 package state written to parent boot environment during image-update
Shawn Walker <srw@sun.com>
parents:
1352
diff
changeset
|
1918 |
# determine whether the last_modified date alone can be |
6fec8fbc15a6
11324 package state written to parent boot environment during image-update
Shawn Walker <srw@sun.com>
parents:
1352
diff
changeset
|
1919 |
# relied on. This works around some oddities with empty |
6fec8fbc15a6
11324 package state written to parent boot environment during image-update
Shawn Walker <srw@sun.com>
parents:
1352
diff
changeset
|
1920 |
# v0 catalogs. |
1606
7966bbfe38b7
13457 pkg refresh can fail for v0 repository with duplicate entry error
Shawn Walker <srw@sun.com>
parents:
1604
diff
changeset
|
1921 |
try: |
7966bbfe38b7
13457 pkg refresh can fail for v0 repository with duplicate entry error
Shawn Walker <srw@sun.com>
parents:
1604
diff
changeset
|
1922 |
# Could be 'None' |
7966bbfe38b7
13457 pkg refresh can fail for v0 repository with duplicate entry error
Shawn Walker <srw@sun.com>
parents:
1604
diff
changeset
|
1923 |
n0_pkgs = int(v0_cat.npkgs()) |
7966bbfe38b7
13457 pkg refresh can fail for v0 repository with duplicate entry error
Shawn Walker <srw@sun.com>
parents:
1604
diff
changeset
|
1924 |
except (TypeError, ValueError): |
7966bbfe38b7
13457 pkg refresh can fail for v0 repository with duplicate entry error
Shawn Walker <srw@sun.com>
parents:
1604
diff
changeset
|
1925 |
n0_pkgs = 0 |
7966bbfe38b7
13457 pkg refresh can fail for v0 repository with duplicate entry error
Shawn Walker <srw@sun.com>
parents:
1604
diff
changeset
|
1926 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1927 |
if v1_cat.exists and n0_pkgs != v1_cat.package_version_count: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1928 |
if v0_lm == v1_cat.last_modified: |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1929 |
# Already converted. |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1930 |
return |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1931 |
# Simply rebuild the entire v1 catalog every time, this |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1932 |
# avoids many of the problems that could happen due to |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1933 |
# deficiencies in the v0 implementation. |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1934 |
v1_cat.destroy() |
2808
05c6015a8c62
7195369 corrupt manifests can end up on disk when -g is used
Dan Price <daniel.price@oracle.com>
parents:
2768
diff
changeset
|
1935 |
self._catalog = None |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1936 |
v1_cat = pkg.catalog.Catalog(meta_root=v1_root, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1937 |
sign=False) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1938 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1939 |
# Now populate the v1 Catalog with the v0 Catalog's data. |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1940 |
for f in v0_cat.fmris(): |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1941 |
v1_cat.add_package(f) |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1942 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1943 |
# Normally, the Catalog's attributes are automatically |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1944 |
# populated as a result of catalog operations. But in |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1945 |
# this case, we want the v1 Catalog's attributes to |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1946 |
# match those of the v0 catalog. |
1369
e86145680c34
11359 catalog should offer lazy-load mechanism for action metadata
Shawn Walker <srw@sun.com>
parents:
1358
diff
changeset
|
1947 |
v1_cat.last_modified = v0_lm |
e86145680c34
11359 catalog should offer lazy-load mechanism for action metadata
Shawn Walker <srw@sun.com>
parents:
1358
diff
changeset
|
1948 |
|
e86145680c34
11359 catalog should offer lazy-load mechanism for action metadata
Shawn Walker <srw@sun.com>
parents:
1358
diff
changeset
|
1949 |
# While this is a v1 catalog format-wise, v0 data is stored. |
e86145680c34
11359 catalog should offer lazy-load mechanism for action metadata
Shawn Walker <srw@sun.com>
parents:
1358
diff
changeset
|
1950 |
# This allows consumers to be aware that certain data won't be |
e86145680c34
11359 catalog should offer lazy-load mechanism for action metadata
Shawn Walker <srw@sun.com>
parents:
1358
diff
changeset
|
1951 |
# available in this catalog (such as dependencies, etc.). |
e86145680c34
11359 catalog should offer lazy-load mechanism for action metadata
Shawn Walker <srw@sun.com>
parents:
1358
diff
changeset
|
1952 |
v1_cat.version = 0 |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1953 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1954 |
# Finally, save the new Catalog, and replace the old in-memory |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1955 |
# catalog. |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1956 |
v1_cat.batch_mode = False |
1549
cc81f5023603
13110 image catalog rebuild could be faster
Shawn Walker <srw@sun.com>
parents:
1516
diff
changeset
|
1957 |
v1_cat.finalize() |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1958 |
v1_cat.save() |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1959 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1960 |
def __refresh_v0(self, croot, full_refresh, immediate, repo): |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1961 |
"""The method to refresh the publisher's metadata against |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1962 |
a catalog/0 source. If the more recent catalog/1 version |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1963 |
isn't supported, this routine gets invoked as a fallback. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1964 |
Returns a tuple of (changed, refreshed) where 'changed' |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1965 |
indicates whether new catalog data was found and 'refreshed' |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1966 |
indicates that catalog data was actually retrieved to determine |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1967 |
if there were any updates.""" |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1968 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1969 |
if full_refresh: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1970 |
immediate = True |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1971 |
|
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1972 |
# Catalog needs v0 -> v1 transformation if repository only |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1973 |
# offers v0 catalog. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1974 |
v0_cat = old_catalog.ServerCatalog(croot, read_only=True, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1975 |
publisher=self.prefix) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1976 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1977 |
new_cat = True |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1978 |
v0_lm = None |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1979 |
if v0_cat.exists: |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1980 |
repo = self.repository |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1981 |
if full_refresh or v0_cat.origin() not in repo.origins: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1982 |
try: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1983 |
v0_cat.destroy(root=croot) |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
1984 |
except EnvironmentError as e: |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1985 |
if e.errno == errno.EACCES: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1986 |
raise api_errors.PermissionsException( |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1987 |
e.filename) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1988 |
if e.errno == errno.EROFS: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1989 |
raise api_errors.ReadOnlyFileSystemException( |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1990 |
e.filename) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1991 |
raise |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1992 |
immediate = True |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1993 |
else: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1994 |
new_cat = False |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1995 |
v0_lm = v0_cat.last_modified() |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1996 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1997 |
if not immediate and not self.needs_refresh: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1998 |
# No refresh needed. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1999 |
return False, False |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2000 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2001 |
import pkg.updatelog as old_ulog |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2002 |
try: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2003 |
# Note that this currently retrieves a v0 catalog that |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2004 |
# has to be converted to v1 format. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2005 |
self.transport.get_catalog(self, v0_lm, path=croot, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2006 |
alt_repo=repo) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2007 |
except old_ulog.UpdateLogException: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2008 |
# If an incremental update fails, attempt a full |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2009 |
# catalog retrieval instead. |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2010 |
try: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2011 |
v0_cat.destroy(root=croot) |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
2012 |
except EnvironmentError as e: |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2013 |
if e.errno == errno.EACCES: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2014 |
raise api_errors.PermissionsException( |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2015 |
e.filename) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2016 |
if e.errno == errno.EROFS: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2017 |
raise api_errors.ReadOnlyFileSystemException( |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2018 |
e.filename) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2019 |
raise |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2020 |
self.transport.get_catalog(self, path=croot, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2021 |
alt_repo=repo) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2022 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2023 |
v0_cat = pkg.server.catalog.ServerCatalog(croot, read_only=True, |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2024 |
publisher=self.prefix) |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2025 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2026 |
self.__convert_v0_catalog(v0_cat, croot) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2027 |
if new_cat or v0_lm != v0_cat.last_modified(): |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2028 |
# If the catalog was rebuilt, or the timestamp of the |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
2029 |
# catalog changed, then an update has occurred. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2030 |
return True, True |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2031 |
return False, True |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2032 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2033 |
def __refresh_v1(self, croot, tempdir, full_refresh, immediate, |
2898
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
2034 |
mismatched, repo, progtrack=None, include_updates=False): |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2035 |
"""The method to refresh the publisher's metadata against |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2036 |
a catalog/1 source. If the more recent catalog/1 version |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2037 |
isn't supported, __refresh_v0 is invoked as a fallback. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2038 |
Returns a tuple of (changed, refreshed) where 'changed' |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2039 |
indicates whether new catalog data was found and 'refreshed' |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2040 |
indicates that catalog data was actually retrieved to determine |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2041 |
if there were any updates.""" |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2042 |
|
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2043 |
# If full_refresh is True, then redownload should be True to |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2044 |
# ensure a non-cached version of the catalog is retrieved. |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2045 |
# If full_refresh is False, but mismatched is True, then |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2046 |
# the retrieval requests should indicate that content should |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2047 |
# be revalidated before being returned. Note that this |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2048 |
# only applies to the catalog v1 case. |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2049 |
redownload = full_refresh |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2050 |
revalidate = not redownload and mismatched |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2051 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2052 |
v1_cat = pkg.catalog.Catalog(meta_root=croot) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2053 |
try: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2054 |
self.transport.get_catalog1(self, ["catalog.attrs"], |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2055 |
path=tempdir, redownload=redownload, |
2693
cfee571ea6d5
7154388 Progress tracking API and functionality improvements
Dan Price <daniel.price@oracle.com>
parents:
2616
diff
changeset
|
2056 |
revalidate=revalidate, alt_repo=repo, |
cfee571ea6d5
7154388 Progress tracking API and functionality improvements
Dan Price <daniel.price@oracle.com>
parents:
2616
diff
changeset
|
2057 |
progtrack=progtrack) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2058 |
except api_errors.UnsupportedRepositoryOperation: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2059 |
# No v1 catalogs available. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2060 |
if v1_cat.exists: |
1449
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
2061 |
# Ensure v1 -> v0 transition works right. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2062 |
v1_cat.destroy() |
2808
05c6015a8c62
7195369 corrupt manifests can end up on disk when -g is used
Dan Price <daniel.price@oracle.com>
parents:
2768
diff
changeset
|
2063 |
self._catalog = None |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2064 |
return self.__refresh_v0(croot, full_refresh, immediate, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2065 |
repo) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2066 |
|
1449
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
2067 |
# If a v0 catalog is present, remove it before proceeding to |
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
2068 |
# ensure transitions between catalog versions work correctly. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2069 |
v0_cat = old_catalog.ServerCatalog(croot, read_only=True, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2070 |
publisher=self.prefix) |
1449
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
2071 |
if v0_cat.exists: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2072 |
v0_cat.destroy(root=croot) |
1449
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
2073 |
|
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
2074 |
# If above succeeded, we now have a catalog.attrs file. Parse |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2075 |
# this to determine what other constituent parts need to be |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2076 |
# downloaded. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2077 |
flist = [] |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2078 |
if not full_refresh and v1_cat.exists: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2079 |
flist = v1_cat.get_updates_needed(tempdir) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2080 |
if flist == None: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2081 |
return False, True |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2082 |
else: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2083 |
attrs = pkg.catalog.CatalogAttrs(meta_root=tempdir) |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2084 |
for name in attrs.parts: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2085 |
locale = name.split(".", 2)[2] |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2086 |
# XXX Skip parts that aren't in the C locale for |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2087 |
# now. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2088 |
if locale != "C": |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2089 |
continue |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2090 |
flist.append(name) |
2898
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
2091 |
if include_updates: |
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
2092 |
for update in attrs.updates: |
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
2093 |
flist.append(update) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2094 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2095 |
if flist: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2096 |
# More catalog files to retrieve. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2097 |
try: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2098 |
self.transport.get_catalog1(self, flist, |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2099 |
path=tempdir, redownload=redownload, |
2693
cfee571ea6d5
7154388 Progress tracking API and functionality improvements
Dan Price <daniel.price@oracle.com>
parents:
2616
diff
changeset
|
2100 |
revalidate=revalidate, alt_repo=repo, |
cfee571ea6d5
7154388 Progress tracking API and functionality improvements
Dan Price <daniel.price@oracle.com>
parents:
2616
diff
changeset
|
2101 |
progtrack=progtrack) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2102 |
except api_errors.UnsupportedRepositoryOperation: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2103 |
# Couldn't find a v1 catalog after getting one |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2104 |
# before. This would be a bizzare error, but we |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2105 |
# can try for a v0 catalog anyway. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2106 |
return self.__refresh_v0(croot, full_refresh, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2107 |
immediate, repo) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2108 |
|
2808
05c6015a8c62
7195369 corrupt manifests can end up on disk when -g is used
Dan Price <daniel.price@oracle.com>
parents:
2768
diff
changeset
|
2109 |
# Clear _catalog, so we'll read in the new catalog. |
05c6015a8c62
7195369 corrupt manifests can end up on disk when -g is used
Dan Price <daniel.price@oracle.com>
parents:
2768
diff
changeset
|
2110 |
self._catalog = None |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2111 |
v1_cat = pkg.catalog.Catalog(meta_root=croot) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2112 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2113 |
# At this point the client should have a set of the constituent |
1449
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
2114 |
# pieces that are necessary to construct a catalog. If a |
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
2115 |
# catalog already exists, call apply_updates. Otherwise, |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2116 |
# move the files to the appropriate location. |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2117 |
validate = False |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2118 |
if not full_refresh and v1_cat.exists: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2119 |
v1_cat.apply_updates(tempdir) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2120 |
else: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2121 |
if v1_cat.exists: |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2122 |
# This is a full refresh. Destroy |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2123 |
# the existing catalog. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2124 |
v1_cat.destroy() |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2125 |
|
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2126 |
for fn in os.listdir(tempdir): |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2127 |
srcpath = os.path.join(tempdir, fn) |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2128 |
dstpath = os.path.join(croot, fn) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2129 |
pkg.portable.rename(srcpath, dstpath) |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2130 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2131 |
# Apply_updates validates the newly constructed catalog. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2132 |
# If refresh didn't call apply_updates, arrange to |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2133 |
# have the new catalog validated. |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2134 |
validate = True |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2135 |
|
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2136 |
if validate: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2137 |
try: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2138 |
v1_cat = pkg.catalog.Catalog(meta_root=croot) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2139 |
v1_cat.validate() |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2140 |
except api_errors.BadCatalogSignatures: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2141 |
# If signature validation fails here, that means |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2142 |
# that the attributes and individual parts were |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2143 |
# self-consistent and not corrupt, but that the |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2144 |
# attributes and parts didn't match. This could |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2145 |
# be the result of a broken source providing |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2146 |
# an attributes file that is much older or newer |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2147 |
# than the catalog parts being provided. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2148 |
v1_cat.destroy() |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2149 |
raise api_errors.MismatchedCatalog(self.prefix) |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2150 |
return True, True |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2151 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2152 |
def __refresh_origin(self, croot, full_refresh, immediate, mismatched, |
2898
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
2153 |
origin, progtrack=None, include_updates=False): |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2154 |
"""Private helper method used to refresh catalog data for each |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2155 |
origin. Returns a tuple of (changed, refreshed) where 'changed' |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2156 |
indicates whether new catalog data was found and 'refreshed' |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2157 |
indicates that catalog data was actually retrieved to determine |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2158 |
if there were any updates.""" |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2159 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2160 |
# Create a copy of the current repository object that only |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2161 |
# contains the origin specified. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2162 |
repo = copy.copy(self.repository) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2163 |
repo.origins = [origin] |
2219
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
2164 |
|
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2165 |
# Create temporary directory for assembly of catalog pieces. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2166 |
try: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2167 |
misc.makedirs(croot) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2168 |
tempdir = tempfile.mkdtemp(dir=croot) |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
2169 |
except EnvironmentError as e: |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2170 |
if e.errno == errno.EACCES: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2171 |
raise api_errors.PermissionsException( |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2172 |
e.filename) |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2173 |
if e.errno == errno.EROFS: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2174 |
raise api_errors.ReadOnlyFileSystemException( |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2175 |
e.filename) |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2176 |
raise |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2177 |
|
3293
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2178 |
# Make a test contact to the repo to see if it is responding. |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2179 |
# We need to pass in a publisher object which only has one |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2180 |
# origin so create one from our current publisher. |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2181 |
test_pub = copy.copy(self) |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2182 |
test_pub.repository = repo |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2183 |
self.transport.version_check(test_pub) |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2184 |
|
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2185 |
# Ensure that the temporary directory gets removed regardless |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2186 |
# of success or failure. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2187 |
try: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2188 |
rval = self.__refresh_v1(croot, tempdir, |
2693
cfee571ea6d5
7154388 Progress tracking API and functionality improvements
Dan Price <daniel.price@oracle.com>
parents:
2616
diff
changeset
|
2189 |
full_refresh, immediate, mismatched, repo, |
2898
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
2190 |
progtrack=progtrack, |
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
2191 |
include_updates=include_updates) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2192 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2193 |
# Perform publisher metadata sanity checks. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2194 |
self.__validate_metadata(croot, repo) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2195 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2196 |
return rval |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2197 |
finally: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2198 |
# Cleanup tempdir. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2199 |
shutil.rmtree(tempdir, True) |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2200 |
|
2693
cfee571ea6d5
7154388 Progress tracking API and functionality improvements
Dan Price <daniel.price@oracle.com>
parents:
2616
diff
changeset
|
2201 |
def __refresh(self, full_refresh, immediate, mismatched=False, |
3293
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2202 |
progtrack=None, include_updates=False, ignore_errors=False): |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2203 |
"""The method to handle the overall refresh process. It |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2204 |
determines if a refresh is actually needed, and then calls |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2205 |
the first version-specific refresh method in the chain.""" |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2206 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2207 |
assert self.transport |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2208 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2209 |
if full_refresh: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2210 |
immediate = True |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2211 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2212 |
for origin, opath in self.__gen_origin_paths(): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2213 |
misc.makedirs(opath) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2214 |
cat = pkg.catalog.Catalog(meta_root=opath, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2215 |
read_only=True) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2216 |
if not cat.exists: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2217 |
# If a catalog hasn't been retrieved for |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2218 |
# any of the origins, then a refresh is |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2219 |
# needed now. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2220 |
immediate = True |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2221 |
break |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2222 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2223 |
# Ensure consistent directory structure. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2224 |
self.create_meta_root() |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2225 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2226 |
# Check if we already have a v1 catalog on disk. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2227 |
if not full_refresh and self.catalog.exists: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2228 |
# If catalog is on disk, check if refresh is necessary. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2229 |
if not immediate and not self.needs_refresh: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2230 |
# No refresh needed. |
3293
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2231 |
return False, None |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2232 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2233 |
any_changed = False |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2234 |
any_refreshed = False |
3293
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2235 |
failed = [] |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2236 |
total = 0 |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2237 |
for origin, opath in self.__gen_origin_paths(): |
3293
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2238 |
total += 1 |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2239 |
try: |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2240 |
changed, refreshed = self.__refresh_origin( |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2241 |
opath, full_refresh, immediate, mismatched, |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2242 |
origin, progtrack=progtrack, |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2243 |
include_updates=include_updates) |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2244 |
except api_errors.InvalidDepotResponseException as e: |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2245 |
failed.append((origin, e)) |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2246 |
else: |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2247 |
if changed: |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2248 |
any_changed = True |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2249 |
if refreshed: |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2250 |
any_refreshed = True |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2251 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2252 |
if any_refreshed: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2253 |
# Update refresh time. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2254 |
self.last_refreshed = dt.datetime.utcnow() |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2255 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2256 |
# Finally, build a new catalog for this publisher based on a |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2257 |
# composite of the catalogs from all origins. |
2749
9d664b5d7896
7175436 removal-only of origins with set-publisher can result in stale image catalog
Shawn Walker <shawn.walker@oracle.com>
parents:
2701
diff
changeset
|
2258 |
if self.__rebuild_catalog(): |
9d664b5d7896
7175436 removal-only of origins with set-publisher can result in stale image catalog
Shawn Walker <shawn.walker@oracle.com>
parents:
2701
diff
changeset
|
2259 |
any_changed = True |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2260 |
|
3293
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2261 |
errors = None |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2262 |
if failed: |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2263 |
errors = api_errors.CatalogOriginRefreshException( |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2264 |
failed, total) |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2265 |
|
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2266 |
return any_changed, errors |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
2267 |
|
2898
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
2268 |
def refresh(self, full_refresh=False, immediate=False, progtrack=None, |
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
2269 |
include_updates=False): |
3293
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2270 |
"""Refreshes the publisher's metadata, returning a tuple |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2271 |
containing a boolean value indicating whether any updates to the |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2272 |
publisher's metadata occurred and an error object, which is |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2273 |
either a CatalogOriginRefreshException containing all the failed |
a3347e4614da
15715250 implicit catalog refreshes shouldn't fail if publishers are unreachable
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3245
diff
changeset
|
2274 |
origins for this publisher or None. |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2275 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2276 |
'full_refresh' is an optional boolean value indicating whether |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2277 |
a full retrieval of publisher metadata (e.g. catalogs) or only |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2278 |
an update to the existing metadata should be performed. When |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2279 |
True, 'immediate' is also set to True. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2280 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2281 |
'immediate' is an optional boolean value indicating whether |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2282 |
a refresh should occur now. If False, a publisher's selected |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2283 |
repository will be checked for updates only if needs_refresh |
2898
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
2284 |
is True. |
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
2285 |
|
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
2286 |
'include_updates' is an optional boolean value indicating |
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
2287 |
whether all catalog updates should be retrieved additionally to |
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
2288 |
the catalog.""" |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2289 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2290 |
try: |
2693
cfee571ea6d5
7154388 Progress tracking API and functionality improvements
Dan Price <daniel.price@oracle.com>
parents:
2616
diff
changeset
|
2291 |
return self.__refresh(full_refresh, immediate, |
2898
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
2292 |
progtrack=progtrack, |
723ece284e97
16595528 pkgrecv should have a clone mode to exactly replicate repositories
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
2808
diff
changeset
|
2293 |
include_updates=include_updates) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2294 |
except (api_errors.BadCatalogUpdateIdentity, |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2295 |
api_errors.DuplicateCatalogEntry, |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2296 |
api_errors.ObsoleteCatalogUpdate, |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2297 |
api_errors.UnknownUpdateType): |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2298 |
if full_refresh: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2299 |
# Completely unexpected failure. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2300 |
# These exceptions should never |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2301 |
# be raised for a full refresh |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2302 |
# case anyway, so the error should |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2303 |
# definitely be raised. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2304 |
raise |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2305 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2306 |
# The incremental update likely failed for one or |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2307 |
# more of the following reasons: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2308 |
# |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2309 |
# * The origin for the publisher has changed. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2310 |
# |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2311 |
# * The catalog that the publisher is offering |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2312 |
# is now completely different (due to a restore |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2313 |
# from backup or --rebuild possibly). |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2314 |
# |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2315 |
# * The catalog that the publisher is offering |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2316 |
# has been restored to an older version, and |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2317 |
# packages that already exist in this client's |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2318 |
# copy of the catalog have been re-addded. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2319 |
# |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2320 |
# * The type of incremental update operation that |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2321 |
# that was performed on the catalog isn't supported |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2322 |
# by this version of the client, so a full retrieval |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2323 |
# is required. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2324 |
# |
2693
cfee571ea6d5
7154388 Progress tracking API and functionality improvements
Dan Price <daniel.price@oracle.com>
parents:
2616
diff
changeset
|
2325 |
return self.__refresh(True, True, progtrack=progtrack) |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2326 |
except api_errors.MismatchedCatalog: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2327 |
if full_refresh: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2328 |
# If this was a full refresh, don't bother |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2329 |
# retrying as it implies that the content |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2330 |
# retrieved wasn't cached. |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2331 |
raise |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2332 |
|
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2333 |
# Retrieval of the catalog attributes and/or parts was |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2334 |
# successful, but the identity (digest or other |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2335 |
# information) didn't match the catalog attributes. |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2336 |
# This could be the result of a misbehaving or stale |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2337 |
# cache. |
2693
cfee571ea6d5
7154388 Progress tracking API and functionality improvements
Dan Price <daniel.price@oracle.com>
parents:
2616
diff
changeset
|
2338 |
return self.__refresh(False, True, mismatched=True, |
cfee571ea6d5
7154388 Progress tracking API and functionality improvements
Dan Price <daniel.price@oracle.com>
parents:
2616
diff
changeset
|
2339 |
progtrack=progtrack) |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2340 |
except (api_errors.BadCatalogSignatures, |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2341 |
api_errors.InvalidCatalogFile): |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2342 |
# Assembly of the catalog failed, but this could be due |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2343 |
# to a transient error. So, retry at least once more. |
2693
cfee571ea6d5
7154388 Progress tracking API and functionality improvements
Dan Price <daniel.price@oracle.com>
parents:
2616
diff
changeset
|
2344 |
return self.__refresh(True, True, progtrack=progtrack) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2345 |
except (api_errors.BadCatalogSignatures, |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2346 |
api_errors.InvalidCatalogFile): |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2347 |
# Assembly of the catalog failed, but this could be due |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2348 |
# to a transient error. So, retry at least once more. |
2693
cfee571ea6d5
7154388 Progress tracking API and functionality improvements
Dan Price <daniel.price@oracle.com>
parents:
2616
diff
changeset
|
2349 |
return self.__refresh(True, True, progtrack=progtrack) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2350 |
|
1087
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
2351 |
def remove_meta_root(self): |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
2352 |
"""Removes the publisher's meta_root.""" |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
2353 |
|
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
2354 |
if not self.meta_root: |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
2355 |
raise api_errors.BadPublisherMetaRoot(self.meta_root, |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
2356 |
operation="remove_meta_root") |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
2357 |
|
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
2358 |
try: |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
2359 |
shutil.rmtree(self.meta_root) |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
2360 |
except EnvironmentError as e: |
1087
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
2361 |
if e.errno == errno.EACCES: |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
2362 |
raise api_errors.PermissionsException( |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
2363 |
e.filename) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2364 |
if e.errno == errno.EROFS: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2365 |
raise api_errors.ReadOnlyFileSystemException( |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
2366 |
e.filename) |
1087
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
2367 |
if e.errno not in (errno.ENOENT, errno.ESRCH): |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
2368 |
raise |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
2369 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2370 |
def reset_client_uuid(self): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2371 |
"""Replaces the current client_uuid with a new UUID.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2372 |
|
1516
8c950a3b4171
10485 move pkg(5) to Python 2.6
Rich Burridge <rich.burridge@sun.com>
parents:
1505
diff
changeset
|
2373 |
self.__client_uuid = str(uuid.uuid1()) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2374 |
|
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2375 |
def validate_config(self, repo_uri=None): |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2376 |
"""Verify that the publisher's configuration (such as prefix) |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2377 |
matches that provided by the repository. If the configuration |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2378 |
does not match as expected, an UnknownRepositoryPublishers |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2379 |
exception will be raised. |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2380 |
|
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2381 |
'repo_uri' is an optional RepositoryURI object or URI string |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2382 |
containing the location of the repository. If not provided, |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2383 |
the publisher's repository will be used instead.""" |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2384 |
|
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2385 |
if repo_uri and not isinstance(repo_uri, RepositoryURI): |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2386 |
repo = RepositoryURI(repo_uri) |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2387 |
elif not repo_uri: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2388 |
# Transport actually allows both type of objects. |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2389 |
repo = self |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2390 |
else: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2391 |
repo = repo_uri |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2392 |
|
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2393 |
pubs = None |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2394 |
try: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2395 |
pubs = self.transport.get_publisherdata(repo) |
2028
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
2396 |
except (api_errors.TransportError, |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
2397 |
api_errors.UnsupportedRepositoryOperation): |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
2398 |
# Nothing more can be done (because the target origin |
2701
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
2399 |
# can't be contacted, or because it doesn't support |
55bf0cb749ae
7136244 granular configuration of http_proxy option
Tim Foster <tim.s.foster@oracle.com>
parents:
2693
diff
changeset
|
2400 |
# retrieval of publisher configuration data). |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2401 |
return |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2402 |
|
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2403 |
if not pubs: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2404 |
raise api_errors.RepoPubConfigUnavailable( |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2405 |
location=repo_uri, pub=self) |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2406 |
|
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2407 |
if self.prefix not in pubs: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2408 |
known = [p.prefix for p in pubs] |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2409 |
if repo_uri: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2410 |
raise api_errors.UnknownRepositoryPublishers( |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2411 |
known=known, unknown=[self.prefix], |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2412 |
location=repo_uri) |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2413 |
raise api_errors.UnknownRepositoryPublishers( |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2414 |
known=known, unknown=[self.prefix], |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2415 |
origins=self.repository.origins) |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
2416 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2417 |
def approve_ca_cert(self, cert): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2418 |
"""Add the cert as a CA for manifest signing for this publisher. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2419 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2420 |
The 'cert' parameter is a string of the certificate to add. |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2421 |
""" |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2422 |
|
2467
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2423 |
cert = self.__string_to_cert(cert) |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2424 |
hsh = self.__add_cert(cert) |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2425 |
# If the user had previously revoked this certificate, remove |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2426 |
# the certificate from that list. |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2427 |
if hsh in self.revoked_ca_certs: |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2428 |
t = set(self.revoked_ca_certs) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2429 |
t.remove(hsh) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2430 |
self.revoked_ca_certs = list(t) |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2431 |
self.approved_ca_certs.append(hsh) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2432 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2433 |
def revoke_ca_cert(self, s): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2434 |
"""Record that the cert with hash 's' is no longer trusted |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2435 |
as a CA. This method currently assumes it's only invoked as |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2436 |
a result of user action.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2437 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2438 |
self.revoked_ca_certs.append(s) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2439 |
self.revoked_ca_certs = list(set( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2440 |
self.revoked_ca_certs)) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2441 |
if s in self.approved_ca_certs: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2442 |
t = set(self.approved_ca_certs) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2443 |
t.remove(s) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2444 |
self.approved_ca_certs = list(t) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2445 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2446 |
def unset_ca_cert(self, s): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2447 |
"""If the cert with hash 's' has been added or removed by the |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2448 |
user, undo the add or removal.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2449 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2450 |
if s in self.approved_ca_certs: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2451 |
t = set(self.approved_ca_certs) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2452 |
t.remove(s) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2453 |
self.approved_ca_certs = list(t) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2454 |
if s in self.revoked_ca_certs: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2455 |
t = set(self.revoked_ca_certs) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2456 |
t.remove(s) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2457 |
self.revoked_ca_certs = list(t) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2458 |
|
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2459 |
@staticmethod |
2414
ce704b29a50c
18464 revoka-ca-cert needs a rethink
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2408
diff
changeset
|
2460 |
def __hash_cert(c): |
2962
ce8cd4c07986
15433013 content hash handling should handle different hash functions
Tim Foster <tim.s.foster@oracle.com>
parents:
2898
diff
changeset
|
2461 |
# In order to interoperate with older images, we must use SHA-1 |
ce8cd4c07986
15433013 content hash handling should handle different hash functions
Tim Foster <tim.s.foster@oracle.com>
parents:
2898
diff
changeset
|
2462 |
# here. |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2463 |
return hashlib.sha1( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2464 |
c.public_bytes(serialization.Encoding.PEM)).hexdigest() |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2465 |
|
2467
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2466 |
@staticmethod |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2467 |
def __string_to_cert(s, pkg_hash=None): |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2468 |
"""Convert a string to a X509 cert.""" |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2469 |
|
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2470 |
try: |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2471 |
return x509.load_pem_x509_certificate( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2472 |
misc.force_bytes(s), default_backend()) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2473 |
except ValueError: |
2467
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2474 |
if pkg_hash is not None: |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2475 |
raise api_errors.BadFileFormat(_("The file " |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
2476 |
"with hash {0} was expected to be a PEM " |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
2477 |
"certificate but it could not be " |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
2478 |
"read.").format(pkg_hash)) |
2467
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2479 |
raise api_errors.BadFileFormat(_("The following string " |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2480 |
"was expected to be a PEM certificate, but it " |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
2481 |
"could not be parsed as such:\n{0}".format(s))) |
2467
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2482 |
|
3304
4e3ad216d1e2
17424143 publisher get_cert_by_hash always downloads some certs
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3293
diff
changeset
|
2483 |
def __add_cert(self, cert, pkg_hash=None): |
2467
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2484 |
"""Add the pem representation of the certificate 'cert' to the |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2485 |
certificates this publisher knows about.""" |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2486 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2487 |
self.create_meta_root() |
3304
4e3ad216d1e2
17424143 publisher get_cert_by_hash always downloads some certs
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3293
diff
changeset
|
2488 |
if not pkg_hash: |
4e3ad216d1e2
17424143 publisher get_cert_by_hash always downloads some certs
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3293
diff
changeset
|
2489 |
pkg_hash = self.__hash_cert(cert) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2490 |
pkg_hash_pth = os.path.join(self.cert_root, pkg_hash) |
2467
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2491 |
file_problem = False |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2492 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2493 |
with open(pkg_hash_pth, "wb") as fh: |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2494 |
fh.write(cert.public_bytes( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2495 |
serialization.Encoding.PEM)) |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
2496 |
except EnvironmentError as e: |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2497 |
if e.errno == errno.EACCES: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2498 |
raise api_errors.PermissionsException( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2499 |
e.filename) |
2467
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2500 |
file_problem = True |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2501 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2502 |
# Note that while we store certs by their subject hashes, |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2503 |
# we use our own hashing since cryptography has no interface |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2504 |
# for the subject hash and other crypto frameworks have been |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2505 |
# inconsistent with OpenSSL. |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2506 |
subj_hsh = hashlib.sha1(misc.force_bytes( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2507 |
cert.subject)).hexdigest() |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2508 |
c = 0 |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2509 |
made_link = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2510 |
while not made_link: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2511 |
fn = os.path.join(self.__subj_root, |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
2512 |
"{0}.{1}".format(subj_hsh, c)) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2513 |
if os.path.exists(fn): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2514 |
c += 1 |
2467
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2515 |
continue |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2516 |
if not file_problem: |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2517 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2518 |
portable.link(pkg_hash_pth, fn) |
2467
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2519 |
made_link = True |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
2520 |
except EnvironmentError as e: |
2467
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2521 |
pass |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2522 |
if not made_link: |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2523 |
self.__issuers.setdefault(subj_hsh, []).append( |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2524 |
c) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2525 |
made_link = True |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2526 |
return pkg_hash |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2527 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2528 |
def get_cert_by_hash(self, pkg_hash, verify_hash=False, |
2962
ce8cd4c07986
15433013 content hash handling should handle different hash functions
Tim Foster <tim.s.foster@oracle.com>
parents:
2898
diff
changeset
|
2529 |
only_retrieve=False, hash_func=digest.DEFAULT_HASH_FUNC): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2530 |
"""Given a pkg5 hash, retrieve the cert that's associated with |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2531 |
it. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2532 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2533 |
The 'pkg_hash' parameter contains the file hash of the |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2534 |
certificate to retrieve. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2535 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2536 |
The 'verify_hash' parameter determines the file that's read |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2537 |
from disk matches the expected hash. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2538 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2539 |
The 'only_retrieve' parameter determines whether a X509 object |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2540 |
is built from the certificate retrieved or if the certificate |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2541 |
is only stored on disk. """ |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2542 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2543 |
assert not (verify_hash and only_retrieve) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2544 |
pth = os.path.join(self.cert_root, pkg_hash) |
2467
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2545 |
pth_exists = os.path.exists(pth) |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2546 |
if pth_exists and only_retrieve: |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2547 |
return None |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2548 |
if pth_exists: |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2549 |
with open(pth, "rb") as fh: |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2550 |
s = fh.read() |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2551 |
else: |
2962
ce8cd4c07986
15433013 content hash handling should handle different hash functions
Tim Foster <tim.s.foster@oracle.com>
parents:
2898
diff
changeset
|
2552 |
s = self.transport.get_content(self, pkg_hash, |
ce8cd4c07986
15433013 content hash handling should handle different hash functions
Tim Foster <tim.s.foster@oracle.com>
parents:
2898
diff
changeset
|
2553 |
hash_func=hash_func) |
2467
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2554 |
c = self.__string_to_cert(s, pkg_hash) |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2555 |
if not pth_exists: |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2556 |
try: |
3304
4e3ad216d1e2
17424143 publisher get_cert_by_hash always downloads some certs
Erik Trauschke <Erik.Trauschke@oracle.com>
parents:
3293
diff
changeset
|
2557 |
self.__add_cert(c, pkg_hash=pkg_hash) |
2467
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2558 |
except api_errors.PermissionsException: |
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2559 |
pass |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2560 |
if only_retrieve: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2561 |
return None |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2562 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2563 |
if verify_hash: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2564 |
h = misc.get_data_digest(cStringIO.StringIO(s), |
2962
ce8cd4c07986
15433013 content hash handling should handle different hash functions
Tim Foster <tim.s.foster@oracle.com>
parents:
2898
diff
changeset
|
2565 |
length=len(s), hash_func=hash_func)[0] |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2566 |
if h != pkg_hash: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2567 |
raise api_errors.ModifiedCertificateException(c, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2568 |
pth) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2569 |
return c |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2570 |
|
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2571 |
def __rebuild_subj_root(self): |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2572 |
"""Rebuild subject hash metadata.""" |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2573 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2574 |
# clean up the old subject hash files to prevent |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2575 |
# junk files residing in the directory |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2576 |
try: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2577 |
shutil.rmtree(self.__subj_root) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2578 |
except EnvironmentError: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2579 |
# if unprivileged user, we can't add |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2580 |
# certs to it |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2581 |
pass |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2582 |
else: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2583 |
for p in os.listdir(self.cert_root): |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2584 |
path = os.path.join(self.cert_root, p) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2585 |
if not os.path.isfile(path): |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2586 |
continue |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2587 |
with open(path, "rb") as fh: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2588 |
s = fh.read() |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2589 |
cert = self.__string_to_cert(s) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2590 |
self.__add_cert(cert) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2591 |
|
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2592 |
def __get_certs_by_name(self, name): |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2593 |
"""Given 'name', a Cryptograhy 'Name' object, return the certs |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2594 |
with that name as a subject.""" |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2595 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2596 |
res = [] |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2597 |
count = 0 |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2598 |
name_hsh = hashlib.sha1(misc.force_bytes(name)).hexdigest() |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2599 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2600 |
def load_cert(pth): |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2601 |
with open(pth, "rb") as f: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2602 |
return x509.load_pem_x509_certificate( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2603 |
f.read(), default_backend()) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2604 |
|
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2605 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2606 |
while True: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2607 |
pth = os.path.join(self.__subj_root, |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2608 |
"{0}.{1}".format(name_hsh, count)) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2609 |
res.append(load_cert(pth)) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2610 |
count += 1 |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
2611 |
except EnvironmentError as e: |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2612 |
# When switching to a different hash algorithm, the hash |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2613 |
# name of file changes so that we couldn't find the |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2614 |
# file. We try harder to rebuild the subject's metadata |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2615 |
# if it's the first time we fail (count == 0). |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2616 |
if count == 0 and e.errno == errno.ENOENT: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2617 |
self.__rebuild_subj_root() |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2618 |
try: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2619 |
res.append(load_cert(pth)) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2620 |
except EnvironmentError as e: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2621 |
if e.errno != errno.ENOENT: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2622 |
raise |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2623 |
|
2073
9fcacc9e5eaa
16998 transport should support publisher-specific write and read caches
Shawn Walker <shawn.walker@oracle.com>
parents:
2028
diff
changeset
|
2624 |
t = api_errors._convert_error(e, |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2625 |
[errno.ENOENT]) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2626 |
if t: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2627 |
raise t |
2467
619206169257
18620 pkg verify needs administrative privs when 'require-signatures'
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2458
diff
changeset
|
2628 |
res.extend(self.__issuers.get(name_hsh, [])) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2629 |
return res |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2630 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2631 |
def get_ca_certs(self): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2632 |
"""Return a dictionary of the CA certificates for this |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2633 |
publisher.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2634 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2635 |
if self.ca_dict is not None: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2636 |
return self.ca_dict |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2637 |
self.ca_dict = {} |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2638 |
# CA certs approved for this publisher are stored by hash to |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2639 |
# prevent the later substitution or confusion over what certs |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2640 |
# have or have not been approved. |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2641 |
for h in set(self.approved_ca_certs): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2642 |
c = self.get_cert_by_hash(h, verify_hash=True) |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2643 |
s = hashlib.sha1(misc.force_bytes( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2644 |
c.subject)).hexdigest() |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2645 |
self.ca_dict.setdefault(s, []) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2646 |
self.ca_dict[s].append(c) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2647 |
return self.ca_dict |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2648 |
|
2073
9fcacc9e5eaa
16998 transport should support publisher-specific write and read caches
Shawn Walker <shawn.walker@oracle.com>
parents:
2028
diff
changeset
|
2649 |
def update_props(self, set_props=EmptyI, add_prop_values=EmptyDict, |
9fcacc9e5eaa
16998 transport should support publisher-specific write and read caches
Shawn Walker <shawn.walker@oracle.com>
parents:
2028
diff
changeset
|
2650 |
remove_prop_values=EmptyDict, unset_props=EmptyI): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2651 |
"""Update the properties set for this publisher with the ones |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2652 |
provided as arguments. The order of application is that any |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2653 |
existing properties are unset, then properties are set to their |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2654 |
new values, then values are added to properties, and finally |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2655 |
values are removed from properties.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2656 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2657 |
# Delay validation so that any intermittent inconsistent state |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2658 |
# doesn't cause problems. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2659 |
self.__delay_validation = True |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2660 |
# Remove existing properties. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2661 |
for n in unset_props: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2662 |
self.properties.pop(n, None) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2663 |
# Add or reset new properties. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2664 |
self.properties.update(set_props) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2665 |
# Add new values to properties. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2666 |
for n in add_prop_values.keys(): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2667 |
self.properties.setdefault(n, []) |
3185
2e55bdb918e4
20283125 pkg set-publisher traceback for --add-property-value after --set-property
Xiaobo Shen <xiaobo.shen@oracle.com>
parents:
3171
diff
changeset
|
2668 |
if not isinstance(self.properties[n], list): |
2e55bdb918e4
20283125 pkg set-publisher traceback for --add-property-value after --set-property
Xiaobo Shen <xiaobo.shen@oracle.com>
parents:
3171
diff
changeset
|
2669 |
raise api_errors.InvalidPropertyValue(_( |
2e55bdb918e4
20283125 pkg set-publisher traceback for --add-property-value after --set-property
Xiaobo Shen <xiaobo.shen@oracle.com>
parents:
3171
diff
changeset
|
2670 |
"Cannot add a value to a single valued " |
2e55bdb918e4
20283125 pkg set-publisher traceback for --add-property-value after --set-property
Xiaobo Shen <xiaobo.shen@oracle.com>
parents:
3171
diff
changeset
|
2671 |
"property, The property name is '{name}' " |
2e55bdb918e4
20283125 pkg set-publisher traceback for --add-property-value after --set-property
Xiaobo Shen <xiaobo.shen@oracle.com>
parents:
3171
diff
changeset
|
2672 |
"and the current value is '{value}'" |
2e55bdb918e4
20283125 pkg set-publisher traceback for --add-property-value after --set-property
Xiaobo Shen <xiaobo.shen@oracle.com>
parents:
3171
diff
changeset
|
2673 |
).format(name=n, value=self.properties[n])) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2674 |
self.properties[n].extend(add_prop_values[n]) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2675 |
# Remove values from properties. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2676 |
for n in remove_prop_values.keys(): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2677 |
if n not in self.properties: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2678 |
raise api_errors.InvalidPropertyValue(_( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2679 |
"Cannot remove a value from the property " |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
2680 |
"{name} because the property does not " |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
2681 |
"exist.").format(name=n)) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2682 |
if not isinstance(self.properties[n], list): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2683 |
raise api_errors.InvalidPropertyValue(_( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2684 |
"Cannot remove a value from a single " |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2685 |
"valued property, unset must be used. The " |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
2686 |
"property name is '{name}' and the " |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
2687 |
"current value is '{value}'").format( |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
2688 |
name=n, value=self.properties[n])) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2689 |
for v in remove_prop_values[n]: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2690 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2691 |
self.properties[n].remove(v) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2692 |
except ValueError: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2693 |
raise api_errors.InvalidPropertyValue(_( |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
2694 |
"Cannot remove the value {value} " |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
2695 |
"from the property {name} " |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2696 |
"because the value is not in the " |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
2697 |
"property's list.").format( |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
2698 |
value=v, name=n)) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2699 |
self.__delay_validation = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2700 |
self.__validate_properties() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2701 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2702 |
def __validate_properties(self): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2703 |
"""Check that the properties set for this publisher are |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2704 |
consistent with each other.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2705 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2706 |
if self.__properties.get(SIGNATURE_POLICY, "") == \ |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2707 |
"require-names": |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2708 |
if not self.__properties.get("signature-required-names", |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2709 |
None): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2710 |
raise api_errors.InvalidPropertyValue(_( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2711 |
"At least one name must be provided for " |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2712 |
"the signature-required-names policy.")) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2713 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2714 |
def __format_safe_read_crl(self, pth): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2715 |
"""CRLs seem to frequently come in DER format, so try reading |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2716 |
the CRL using both of the formats before giving up.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2717 |
|
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2718 |
with open(pth, "rb") as f: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2719 |
raw = f.read() |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2720 |
|
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2721 |
try: |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2722 |
return x509.load_pem_x509_crl(raw, default_backend()) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2723 |
except ValueError: |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2724 |
try: |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2725 |
return x509.load_der_x509_crl(raw, |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2726 |
default_backend()) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2727 |
except ValueError: |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2728 |
raise api_errors.BadFileFormat(_("The CRL file " |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
2729 |
"{0} is not in a recognized " |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
2730 |
"format.").format(pth)) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2731 |
|
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2732 |
def __get_crl(self, uri): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2733 |
"""Given a URI (for now only http URIs are supported), return |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2734 |
the CRL object created from the file stored at that uri.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2735 |
|
2263
42b8af0a12a1
17776 Need to update m2crypto to version 0.21.1
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2219
diff
changeset
|
2736 |
uri = uri.strip() |
42b8af0a12a1
17776 Need to update m2crypto to version 0.21.1
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2219
diff
changeset
|
2737 |
if uri.startswith("Full Name:"): |
42b8af0a12a1
17776 Need to update m2crypto to version 0.21.1
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2219
diff
changeset
|
2738 |
uri = uri[len("Full Name:"):] |
42b8af0a12a1
17776 Need to update m2crypto to version 0.21.1
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2219
diff
changeset
|
2739 |
uri = uri.strip() |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2740 |
if uri.startswith("URI:"): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2741 |
uri = uri[4:] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2742 |
if not uri.startswith("http://") and \ |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2743 |
not uri.startswith("file://"): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2744 |
raise api_errors.InvalidResourceLocation(uri.strip()) |
2272
d81ea073d050
3617 Testsuite should allow choice for base port to use
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2263
diff
changeset
|
2745 |
crl_host = DebugValues.get_value("crl_host") |
d81ea073d050
3617 Testsuite should allow choice for base port to use
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2263
diff
changeset
|
2746 |
if crl_host: |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
2747 |
orig = urlparse(uri) |
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
2748 |
crl = urlparse(crl_host) |
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
2749 |
uri = urlunparse(ParseResult( |
2272
d81ea073d050
3617 Testsuite should allow choice for base port to use
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2263
diff
changeset
|
2750 |
scheme=crl.scheme, netloc=crl.netloc, |
d81ea073d050
3617 Testsuite should allow choice for base port to use
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2263
diff
changeset
|
2751 |
path=orig.path, |
d81ea073d050
3617 Testsuite should allow choice for base port to use
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2263
diff
changeset
|
2752 |
params=orig.params, query=orig.params, |
d81ea073d050
3617 Testsuite should allow choice for base port to use
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2263
diff
changeset
|
2753 |
fragment=orig.fragment)) |
2529
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2754 |
# If we've already read the CRL, use the previously created |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2755 |
# object. |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2756 |
if uri in self.__tmp_crls: |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2757 |
return self.__tmp_crls[uri] |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
2758 |
fn = quote(uri, "") |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2759 |
assert os.path.isdir(self.__crl_root) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2760 |
fpath = os.path.join(self.__crl_root, fn) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2761 |
crl = None |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2762 |
# Check if we already have a CRL for this URI. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2763 |
if os.path.exists(fpath): |
2529
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2764 |
# If we already have a CRL that we can read, check |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2765 |
# whether it's time to retrieve a new one from the |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2766 |
# location. |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2767 |
try: |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2768 |
crl = self.__format_safe_read_crl(fpath) |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2769 |
except EnvironmentError: |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2770 |
pass |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2771 |
else: |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2772 |
nu = crl.next_update |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2773 |
cur_time = dt.datetime.utcnow() |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2774 |
|
2529
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2775 |
if cur_time < nu: |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2776 |
self.__tmp_crls[uri] = crl |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2777 |
return crl |
2408
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2778 |
# If the CRL is already known to be unavailable, don't try |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2779 |
# connecting to it again. |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2780 |
if uri in Publisher.__bad_crls: |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2781 |
return crl |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2782 |
# If no CRL already exists or it's time to try to get a new one, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2783 |
# try to retrieve it from the server. |
2529
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2784 |
try: |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2785 |
tmp_fd, tmp_pth = tempfile.mkstemp(dir=self.__crl_root) |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
2786 |
except EnvironmentError as e: |
2529
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2787 |
if e.errno in (errno.EACCES, errno.EPERM): |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2788 |
tmp_fd, tmp_pth = tempfile.mkstemp() |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2789 |
else: |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2790 |
raise apx._convert_error(e) |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2791 |
with os.fdopen(tmp_fd, "wb") as fh: |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2792 |
hdl = pycurl.Curl() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2793 |
hdl.setopt(pycurl.URL, uri) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2794 |
hdl.setopt(pycurl.WRITEDATA, fh) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2795 |
hdl.setopt(pycurl.FAILONERROR, 1) |
2408
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2796 |
hdl.setopt(pycurl.CONNECTTIMEOUT, |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2797 |
global_settings.PKG_CLIENT_CONNECT_TIMEOUT) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2798 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2799 |
hdl.perform() |
2073
9fcacc9e5eaa
16998 transport should support publisher-specific write and read caches
Shawn Walker <shawn.walker@oracle.com>
parents:
2028
diff
changeset
|
2800 |
except pycurl.error: |
2408
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2801 |
# If the CRL is unavailable, add it to the list |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2802 |
# of bad crls. |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2803 |
Publisher.__bad_crls.add(uri) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2804 |
# If we should treat failure to get a new CRL |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2805 |
# as a failure, raise an exception here. If not, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2806 |
# if we should use an old CRL if it exists, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2807 |
# return that here. If none is available and |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2808 |
# that means the cert should not be treated as |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2809 |
# revoked, return None here. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2810 |
return crl |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2811 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2812 |
ncrl = self.__format_safe_read_crl(tmp_pth) |
2073
9fcacc9e5eaa
16998 transport should support publisher-specific write and read caches
Shawn Walker <shawn.walker@oracle.com>
parents:
2028
diff
changeset
|
2813 |
except api_errors.BadFileFormat: |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2814 |
portable.remove(tmp_pth) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2815 |
return crl |
2529
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2816 |
try: |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2817 |
portable.rename(tmp_pth, fpath) |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2818 |
# Because the file was made using mkstemp, we need to |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2819 |
# chmod it to match the other files in var/pkg. |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2820 |
os.chmod(fpath, PKG_RO_FILE_MODE) |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2821 |
except EnvironmentError: |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2822 |
self.__tmp_crls[uri] = ncrl |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2823 |
try: |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2824 |
portable.remove(tmp_pth) |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2825 |
except EnvironmentError: |
de3a83014795
18872 traceback in __get_crl running pkg verify as non-root
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2467
diff
changeset
|
2826 |
pass |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2827 |
return ncrl |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2828 |
|
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2829 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2830 |
def __verify_x509_signature(self, c, key): |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2831 |
"""Verify the signature of a certificate or CRL 'c' against a |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2832 |
provided public key 'key'.""" |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2833 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2834 |
verifier = key.verifier( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2835 |
c.signature, padding.PKCS1v15(), |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2836 |
c.signature_hash_algorithm) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2837 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2838 |
if isinstance(c, x509.Certificate): |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2839 |
data = c.tbs_certificate_bytes |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2840 |
elif isinstance(c, x509.CertificateRevocationList): |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2841 |
data = c.tbs_certlist_bytes |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2842 |
else: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2843 |
raise AssertionError("Invalid x509 object for " |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2844 |
"signature verification: {0}".format(type(c))) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2845 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2846 |
verifier.update(data) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2847 |
try: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2848 |
verifier.verify() |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2849 |
return True |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2850 |
except Exception: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2851 |
return False |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2852 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2853 |
def __check_crl(self, cert, ca_dict, crl_uri): |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2854 |
"""Determines whether the certificate has been revoked by the |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2855 |
CRL located at 'crl_uri'. |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2856 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2857 |
The 'cert' parameter is the certificate to check for revocation. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2858 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2859 |
The 'ca_dict' is a dictionary which maps subject hashes to |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2860 |
certs treated as trust anchors.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2861 |
|
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2862 |
crl = self.__get_crl(crl_uri) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2863 |
|
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2864 |
# If we couldn't retrieve a CRL from the distribution point |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2865 |
# and no CRL is cached on disk, assume the cert has not been |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2866 |
# revoked. It's possible that this should be an image or |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2867 |
# publisher setting in the future. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2868 |
if not crl: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2869 |
return True |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2870 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2871 |
# A CRL has been found, now it needs to be validated like |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2872 |
# a certificate is. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2873 |
verified_crl = False |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2874 |
crl_issuer = crl.issuer |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2875 |
tas = ca_dict.get(hashlib.sha1(misc.force_bytes( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2876 |
crl_issuer)).hexdigest(), []) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2877 |
for t in tas: |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2878 |
try: |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2879 |
if self.__verify_x509_signature(crl, |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2880 |
t.public_key()): |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2881 |
# If t isn't approved for signing crls, |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2882 |
# the exception __check_extensions |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2883 |
# raises will take the code to the |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2884 |
# except below. |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2885 |
self.__check_extensions(t, |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2886 |
CRL_SIGNING_USE, 0) |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2887 |
verified_crl = True |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2888 |
except api_errors.SigningException: |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2889 |
pass |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2890 |
if not verified_crl: |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2891 |
crl_cas = self.__get_certs_by_name(crl_issuer) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2892 |
for c in crl_cas: |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2893 |
if self.__verify_x509_signature(crl, |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2894 |
c.public_key()): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2895 |
try: |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2896 |
self.verify_chain(c, ca_dict, 0, |
2458
7c1227ad555e
18466 pkg needs an option to skip crl verification
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2433
diff
changeset
|
2897 |
True, |
7c1227ad555e
18466 pkg needs an option to skip crl verification
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2433
diff
changeset
|
2898 |
usages=CRL_SIGNING_USE) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2899 |
except api_errors.SigningException: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2900 |
pass |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2901 |
else: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2902 |
verified_crl = True |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2903 |
break |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2904 |
if not verified_crl: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2905 |
return True |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2906 |
|
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2907 |
# For a certificate to be revoked, its CRL must be validated |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2908 |
# and revoked the certificate. |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2909 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2910 |
assert crl.issuer == cert.issuer |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2911 |
for rev in crl: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2912 |
if rev.serial_number != cert.serial: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2913 |
continue |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2914 |
try: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2915 |
reason = rev.extensions.get_extension_for_oid( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2916 |
x509.OID_CRL_REASON).value |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2917 |
except x509.ExtensionNotFound: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2918 |
reason = None |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2919 |
raise api_errors.RevokedCertificate(cert, reason) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2920 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2921 |
def __check_crls(self, cert, ca_dict): |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2922 |
"""Determines whether the certificate has been revoked by one of |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2923 |
its CRLs. |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2924 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2925 |
The 'cert' parameter is the certificate to check for revocation. |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2926 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2927 |
The 'ca_dict' is a dictionary which maps subject hashes to |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2928 |
certs treated as trust anchors.""" |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2929 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2930 |
# If the certificate doesn't have a CRL location listed, treat |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2931 |
# it as valid. |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2932 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2933 |
# The CRLs to be retrieved are stored in the |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2934 |
# CRLDistributionPoints extensions which is structured like |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2935 |
# this: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2936 |
# |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2937 |
# CRLDitsributionPoints = [ |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2938 |
# CRLDistributionPoint = [ |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2939 |
# union { |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2940 |
# full_name = [ GeneralName, ... ] |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2941 |
# relative_name = [ GeneralName, ... ] |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2942 |
# }, ... ] |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2943 |
# , ... ] |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2944 |
# |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2945 |
# Relative names are a feature in X509 certs which allow to |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2946 |
# specify a location relative to another certificate. We are not |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2947 |
# supporting this and I'm not sure anybody is using this for |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2948 |
# CRLs. |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2949 |
# Full names are absolute locations but can be in different |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2950 |
# formats (refer to RFC5280) but in general only the URI type is |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2951 |
# used for CRLs. So this is the only thing we support here. |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2952 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2953 |
try: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2954 |
dps = cert.extensions.get_extension_for_oid( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2955 |
x509.oid.ExtensionOID.CRL_DISTRIBUTION_POINTS).value |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2956 |
except x509.ExtensionNotFound: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2957 |
return |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2958 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2959 |
for dp in dps: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2960 |
if not dp.full_name: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2961 |
# we don't support relative names |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2962 |
continue |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2963 |
for uri in dp.full_name: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2964 |
if not isinstance(uri, |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2965 |
x509.UniformResourceIdentifier): |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2966 |
# we only support URIs |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2967 |
continue |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2968 |
self.__check_crl(cert, ca_dict, str(uri.value)) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2969 |
|
2558
5903fa459c85
18937 check-certificate-revocation is ignored in some cases
Shawn Walker <shawn.walker@oracle.com>
parents:
2529
diff
changeset
|
2970 |
def __check_revocation(self, cert, ca_dict, use_crls): |
2414
ce704b29a50c
18464 revoka-ca-cert needs a rethink
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2408
diff
changeset
|
2971 |
hsh = self.__hash_cert(cert) |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2972 |
if hsh in self.revoked_ca_certs: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2973 |
raise api_errors.RevokedCertificate(cert, |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2974 |
"User manually revoked certificate.") |
2558
5903fa459c85
18937 check-certificate-revocation is ignored in some cases
Shawn Walker <shawn.walker@oracle.com>
parents:
2529
diff
changeset
|
2975 |
if use_crls: |
5903fa459c85
18937 check-certificate-revocation is ignored in some cases
Shawn Walker <shawn.walker@oracle.com>
parents:
2529
diff
changeset
|
2976 |
self.__check_crls(cert, ca_dict) |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2977 |
|
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2978 |
def __check_extensions(self, cert, usages, cur_pathlen): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2979 |
"""Check whether the critical extensions in this certificate |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2980 |
are supported and allow the provided use(s).""" |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2981 |
|
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2982 |
try: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2983 |
exts = cert.extensions |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2984 |
except (ValueError, x509.UnsupportedExtension) as e: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2985 |
raise api_errors.InvalidCertificateExtensions( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2986 |
cert, e) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2987 |
|
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2988 |
def check_values(vs): |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2989 |
for v in vs: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2990 |
if v in supported_vs: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2991 |
continue |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2992 |
# If there is only one extension value, it must |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2993 |
# be the problematic one. Otherwise, we also |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2994 |
# output the first unsupported value as the |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2995 |
# problematic value following extension value. |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2996 |
if len(vs) < 2: |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2997 |
raise api_errors.UnsupportedExtensionValue( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2998 |
cert, ext, ", ".join(vs)) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
2999 |
raise api_errors.UnsupportedExtensionValue( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3000 |
cert, ext, ", ".join(vs), v) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3001 |
|
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3002 |
for ext in exts: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3003 |
etype = type(ext.value) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3004 |
if etype in SUPPORTED_EXTENSION_VALUES: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3005 |
supported_vs = SUPPORTED_EXTENSION_VALUES[etype] |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3006 |
keys = EXTENSIONS_VALUES[etype] |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3007 |
if etype == x509.BasicConstraints: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3008 |
pathlen = ext.value.path_length |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3009 |
if pathlen is not None and \ |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3010 |
cur_pathlen > pathlen: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3011 |
raise api_errors.PathlenTooShort(cert, |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3012 |
cur_pathlen, pathlen) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3013 |
elif etype == x509.KeyUsage: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3014 |
keys = list(EXTENSIONS_VALUES[etype]) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3015 |
if not getattr(ext.value, |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3016 |
"key_agreement"): |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3017 |
# Cryptography error: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3018 |
# encipher_only/decipher_only is |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3019 |
# undefined unless key_agreement |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3020 |
# is true |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3021 |
keys.remove("encipher_only") |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3022 |
keys.remove("decipher_only") |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3023 |
vs = [ |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3024 |
key |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3025 |
for key in keys |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3026 |
if getattr(ext.value, key) |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3027 |
] |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3028 |
# Check whether the values for the extension are |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3029 |
# recognized. |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3030 |
check_values(vs) |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3031 |
# For each use, check to see whether it's |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3032 |
# permitted by the certificate's extension |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3033 |
# values. |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3034 |
if etype not in usages: |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3035 |
continue |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3036 |
for u in usages[etype]: |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3037 |
if u not in vs: |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3038 |
raise api_errors.InappropriateCertificateUse( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3039 |
cert, ext, u, ", ".join(vs)) |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3040 |
# If the extension name is unrecognized and critical, |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3041 |
# then the chain cannot be verified. |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3042 |
elif ext.critical: |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3043 |
raise api_errors.UnsupportedCriticalExtension( |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3044 |
cert, ext) |
2408
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
3045 |
|
2458
7c1227ad555e
18466 pkg needs an option to skip crl verification
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2433
diff
changeset
|
3046 |
def verify_chain(self, cert, ca_dict, cur_pathlen, use_crls, |
7c1227ad555e
18466 pkg needs an option to skip crl verification
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2433
diff
changeset
|
3047 |
required_names=None, usages=None): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3048 |
"""Validates the certificate against the given trust anchors. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3049 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3050 |
The 'cert' parameter is the certificate to validate. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3051 |
|
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3052 |
The 'ca_dict' parameter is a dictionary which maps subject |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3053 |
hashes to certs treated as trust anchors. |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3054 |
|
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3055 |
The 'cur_pathlen' parameter is an integer indicating how many |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3056 |
certificates have been found between cert and the leaf cert. |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3057 |
|
2458
7c1227ad555e
18466 pkg needs an option to skip crl verification
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2433
diff
changeset
|
3058 |
The 'use_crls' parameter is a boolean indicating whether |
7c1227ad555e
18466 pkg needs an option to skip crl verification
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2433
diff
changeset
|
3059 |
certificates should be checked to see if they've been revoked. |
7c1227ad555e
18466 pkg needs an option to skip crl verification
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2433
diff
changeset
|
3060 |
|
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3061 |
The 'required_names' parameter is a set of strings that must |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3062 |
be seen as a CN in the chain of trust for the certificate.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3063 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3064 |
if required_names is None: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3065 |
required_names = set() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3066 |
verified = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3067 |
continue_loop = True |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3068 |
certs_with_problems = [] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3069 |
|
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3070 |
ca_dict = copy.copy(ca_dict) |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
3071 |
for k, v in six.iteritems(self.get_ca_certs()): |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3072 |
if k in ca_dict: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3073 |
ca_dict[k].extend(v) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3074 |
else: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3075 |
ca_dict[k] = v |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3076 |
|
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3077 |
def merge_dicts(d1, d2): |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3078 |
"""Function for merging usage dictionaries.""" |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3079 |
res = copy.deepcopy(d1) |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3080 |
for k in d2: |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3081 |
if k in res: |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3082 |
res[k].extend(d2[k]) |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3083 |
else: |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3084 |
res[k] = d2[k] |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3085 |
return res |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3086 |
|
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3087 |
def discard_names(cert, required_names): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3088 |
for cert_cn in [ |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3089 |
str(c.value) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3090 |
for c |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3091 |
in cert.subject.get_attributes_for_oid( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3092 |
x509.oid.NameOID.COMMON_NAME) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3093 |
]: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3094 |
required_names.discard(cert_cn) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3095 |
|
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3096 |
if not usages: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3097 |
usages = {} |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3098 |
for u in POSSIBLE_USES: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3099 |
usages = merge_dicts(usages, u) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3100 |
|
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3101 |
# Check whether we can validate this certificate. |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3102 |
self.__check_extensions(cert, usages, cur_pathlen) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3103 |
|
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3104 |
# Check whether this certificate has been revoked. |
2558
5903fa459c85
18937 check-certificate-revocation is ignored in some cases
Shawn Walker <shawn.walker@oracle.com>
parents:
2529
diff
changeset
|
3105 |
self.__check_revocation(cert, ca_dict, use_crls) |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3106 |
|
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3107 |
while continue_loop: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3108 |
# If this certificate's CN is in the set of required |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3109 |
# names, remove it. |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3110 |
discard_names(cert, required_names) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3111 |
|
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3112 |
# Find the certificate that issued this certificate. |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3113 |
issuer = cert.issuer |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3114 |
issuer_hash = hashlib.sha1(misc.force_bytes( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3115 |
issuer)).hexdigest() |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3116 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3117 |
# See whether this certificate was issued by any of the |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3118 |
# given trust anchors. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3119 |
for c in ca_dict.get(issuer_hash, []): |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3120 |
if self.__verify_x509_signature(cert, |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3121 |
c.public_key()): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3122 |
verified = True |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3123 |
# Remove any required names found in the |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3124 |
# trust anchor. |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3125 |
discard_names(c, required_names) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3126 |
# If there are more names to check for |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3127 |
# continue up the chain of trust to look |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3128 |
# for them. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3129 |
if not required_names: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3130 |
continue_loop = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3131 |
break |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3132 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3133 |
# If the subject and issuer for this certificate are |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3134 |
# identical and the certificate hasn't been verified |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3135 |
# then this is an untrusted self-signed cert and should |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3136 |
# be rejected. |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3137 |
if hashlib.sha1(misc.force_bytes( |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3138 |
cert.subject)).hexdigest() == issuer_hash: |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3139 |
if not verified: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3140 |
raise \ |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3141 |
api_errors.UntrustedSelfSignedCert( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3142 |
cert) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3143 |
# This break should break the |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3144 |
# while continue_loop loop. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3145 |
break |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3146 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3147 |
# If the certificate hasn't been issued by a trust |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3148 |
# anchor or more names need to be found, continue |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3149 |
# looking up the chain of trust. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3150 |
if continue_loop: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3151 |
up_chain = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3152 |
# Keep track of certs that would have verified |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3153 |
# this certificate but had critical extensions |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3154 |
# we can't handle yet for error reporting. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3155 |
certs_with_problems = [] |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3156 |
for c in self.__get_certs_by_name(issuer): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3157 |
# If the certificate is approved to |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3158 |
# sign another certificate, verifies |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3159 |
# the current certificate, and hasn't |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3160 |
# been revoked, consider it as the |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3161 |
# next link in the chain. check_ca |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3162 |
# checks both the basicConstraints |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3163 |
# extension and the keyUsage extension. |
3321
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3164 |
if misc.check_ca(c) and \ |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3165 |
self.__verify_x509_signature(cert, |
52e8eec3014c
17377205 IPS should not use M2Crypto
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3318
diff
changeset
|
3166 |
c.public_key()): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3167 |
problem = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3168 |
# Check whether this certificate |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3169 |
# has a critical extension we |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3170 |
# don't understand. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3171 |
try: |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
3172 |
self.__check_extensions( |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3173 |
c, CERT_SIGNING_USE, |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3174 |
cur_pathlen) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3175 |
self.__check_revocation(c, |
2558
5903fa459c85
18937 check-certificate-revocation is ignored in some cases
Shawn Walker <shawn.walker@oracle.com>
parents:
2529
diff
changeset
|
3176 |
ca_dict, use_crls) |
3171
525f5bdb3f62
20434301 change exception handling syntax for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3158
diff
changeset
|
3177 |
except (api_errors.UnsupportedCriticalExtension, api_errors.RevokedCertificate) as e: |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3178 |
certs_with_problems.append(e) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3179 |
problem = True |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3180 |
# If this certificate has no |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3181 |
# problems with it, it's the |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3182 |
# next link in the chain so make |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3183 |
# it the current certificate and |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3184 |
# add one to cur_pathlen since |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3185 |
# there's one more chain cert |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3186 |
# between the code signing cert |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3187 |
# and the root of the chain. |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3188 |
if not problem: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3189 |
up_chain = True |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3190 |
cert = c |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
3191 |
cur_pathlen += 1 |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3192 |
break |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3193 |
# If there's not another link in the chain to be |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3194 |
# found, stop the iteration. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3195 |
if not up_chain: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3196 |
continue_loop = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3197 |
# If the certificate wasn't verified against a trust anchor, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3198 |
# raise an exception. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3199 |
if not verified: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3200 |
raise api_errors.BrokenChain(cert, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3201 |
certs_with_problems) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3202 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3203 |
alias = property(lambda self: self.__alias, __set_alias, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3204 |
doc="An alternative name for a publisher.") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3205 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3206 |
client_uuid = property(lambda self: self.__client_uuid, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3207 |
__set_client_uuid, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3208 |
doc="A Universally Unique Identifier (UUID) used to identify a " |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3209 |
"client image to a publisher.") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3210 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3211 |
disabled = property(lambda self: self.__disabled, __set_disabled, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3212 |
doc="A boolean value indicating whether the publisher should be " |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3213 |
"used for packaging operations.") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3214 |
|
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
3215 |
last_refreshed = property(__get_last_refreshed, __set_last_refreshed, |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
3216 |
doc="A datetime object representing the time (in UTC) the " |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
3217 |
"publisher's selected repository was last refreshed for new " |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
3218 |
"metadata (such as catalog updates). 'None' if the publisher " |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
3219 |
"hasn't been refreshed yet or the time is not available.") |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
3220 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
3221 |
meta_root = property(lambda self: self.__meta_root, __set_meta_root, |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
3222 |
doc="The absolute pathname of the directory where the publisher's " |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
3223 |
"metadata should be written to and read from.") |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
3224 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3225 |
prefix = property(lambda self: self.__prefix, __set_prefix, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3226 |
doc="The name of the publisher.") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3227 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
3228 |
repository = property(lambda self: self.__repository, |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
3229 |
__set_repository, |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3230 |
doc="A reference to the selected repository object.") |
1505
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
3231 |
|
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
3232 |
sticky = property(lambda self: self.__sticky, __set_stickiness, |
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
3233 |
doc="Whether or not installed packages from this publisher are" |
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
3234 |
" always preferred to other publishers.") |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3235 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3236 |
def __get_prop(self, name): |
2097
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3237 |
"""Accessor method for properties dictionary""" |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3238 |
return self.__properties[name] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3239 |
|
2097
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3240 |
@staticmethod |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3241 |
def __read_list(list_str): |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3242 |
"""Take a list in string representation and convert it back |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3243 |
to a Python list.""" |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3244 |
|
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3245 |
list_str = list_str.encode("utf-8") |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3246 |
# Strip brackets and any whitespace |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3247 |
list_str = list_str.strip("][ ") |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3248 |
# Strip comma and any whitespeace |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3249 |
lst = list_str.split(", ") |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3250 |
# Strip empty whitespace, single, and double quotation marks |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3251 |
lst = [ s.strip("' \"") for s in lst ] |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3252 |
# Eliminate any empty strings |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3253 |
lst = [ s for s in lst if s != '' ] |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3254 |
|
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3255 |
return lst |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3256 |
|
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3257 |
def __set_prop(self, name, values): |
2097
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3258 |
"""Accessor method to add a property""" |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
3259 |
if self.sys_pub: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
3260 |
raise api_errors.ModifyingSyspubException(_("Cannot " |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
3261 |
"set a property for a system publisher. The " |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
3262 |
"property was:{0}").format(name)) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3263 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3264 |
if name == SIGNATURE_POLICY: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3265 |
self.__sig_policy = None |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
3266 |
if isinstance(values, six.string_types): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3267 |
values = [values] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3268 |
policy_name = values[0] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3269 |
if policy_name not in sigpolicy.Policy.policies(): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3270 |
raise api_errors.InvalidPropertyValue(_( |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
3271 |
"{val} is not a valid value for this " |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
3272 |
"property:{prop}").format(val=policy_name, |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
3273 |
prop=SIGNATURE_POLICY)) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3274 |
if policy_name == "require-names": |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3275 |
if self.__delay_validation: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3276 |
# If __delay_validation is set, then |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3277 |
# it's possible that |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3278 |
# signature-required-names was |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3279 |
# set by a previous call to set_prop |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3280 |
# file. If so, don't overwrite the |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3281 |
# values that have already been read. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3282 |
self.__properties.setdefault( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3283 |
"signature-required-names", []) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3284 |
self.__properties[ |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3285 |
"signature-required-names"].extend( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3286 |
values[1:]) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3287 |
else: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3288 |
self.__properties[ |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3289 |
"signature-required-names"] = \ |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3290 |
values[1:] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3291 |
self.__validate_properties() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3292 |
else: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3293 |
if len(values) > 1: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3294 |
raise api_errors.InvalidPropertyValue(_( |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
3295 |
"The {0} signature-policy takes no " |
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
3296 |
"argument.").format(policy_name)) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3297 |
self.__properties[SIGNATURE_POLICY] = policy_name |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3298 |
return |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3299 |
if name == "signature-required-names": |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
3300 |
if isinstance(values, six.string_types): |
2097
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3301 |
values = self.__read_list(values) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3302 |
self.__properties[name] = values |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3303 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3304 |
def __del_prop(self, name): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3305 |
"""Accessor method for properties""" |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
3306 |
if self.sys_pub: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
3307 |
raise api_errors.ModifyingSyspubException(_("Cannot " |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
3308 |
"unset a property for a system publisher. The " |
3158
58c9c2c21e67
20177033 change string formatting for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3065
diff
changeset
|
3309 |
"property was:{0}").format(name)) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3310 |
del self.__properties[name] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3311 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3312 |
def __prop_iter(self): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3313 |
return self.__properties.__iter__() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3314 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3315 |
def __prop_iteritems(self): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3316 |
"""Support iteritems on properties""" |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
3317 |
return six.iteritems(self.__properties) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3318 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3319 |
def __prop_keys(self): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3320 |
"""Support keys() on properties""" |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
3321 |
return list(self.__properties.keys()) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3322 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3323 |
def __prop_values(self): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3324 |
"""Support values() on properties""" |
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
3325 |
return list(self.__properties.values()) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3326 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3327 |
def __prop_getdefault(self, name, value): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3328 |
"""Support getdefault() on properties""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3329 |
return self.__properties.get(name, value) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3330 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3331 |
def __prop_setdefault(self, name, value): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3332 |
"""Support setdefault() on properties""" |
2097
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3333 |
# Must set it this way so that the logic in __set_prop is used. |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3334 |
try: |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3335 |
return self.__properties[name] |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3336 |
except KeyError: |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3337 |
self.properties[name] = value |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3338 |
return value |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3339 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3340 |
def __prop_update(self, d): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3341 |
"""Support update() on properties""" |
2097
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3342 |
|
3234
3a90dc0b66c9
21188662 use six library for python 3 migration
Yiteng Zhang <yiteng.zhang@oracle.com>
parents:
3185
diff
changeset
|
3343 |
for k, v in six.iteritems(d): |
2097
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3344 |
# Must iterate through each value and |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3345 |
# set it this way so that the logic |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3346 |
# in __set_prop is used. |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3347 |
self.properties[k] = v |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3348 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3349 |
def __prop_pop(self, d, default): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3350 |
"""Support pop() on properties""" |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
3351 |
if self.sys_pub: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
3352 |
raise api_errors.ModifyingSyspubException(_("Cannot " |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
3353 |
"unset a property for a system publisher.")) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3354 |
return self.__properties.pop(d, default) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3355 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3356 |
properties = DictProperty(__get_prop, __set_prop, __del_prop, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3357 |
__prop_iteritems, __prop_keys, __prop_values, __prop_iter, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3358 |
doc="A dict holding the properties for an image.", |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3359 |
fgetdefault=__prop_getdefault, fsetdefault=__prop_setdefault, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3360 |
update=__prop_update, pop=__prop_pop) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3361 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3362 |
@property |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3363 |
def signature_policy(self): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3364 |
"""Return the signature policy for the publisher.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3365 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3366 |
if self.__sig_policy is not None: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3367 |
return self.__sig_policy |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3368 |
txt = self.properties.get(SIGNATURE_POLICY, |
2097
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
3369 |
sigpolicy.DEFAULT_POLICY) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3370 |
names = self.properties.get("signature-required-names", []) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3371 |
self.__sig_policy = sigpolicy.Policy.policy_factory(txt, names) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
3372 |
return self.__sig_policy |