upstream/oracle/pkg-gate: src/modules/client/publisher.py@938fbb350ad2 (annotated)

1516 8c950a3b4171 10485 move pkg(5) to Python 2.6 Rich Burridge <rich.burridge@sun.com> parents: 1505 diff changeset	1	#!/usr/bin/python
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2	#
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	3	# CDDL HEADER START
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	4	#
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	5	# The contents of this file are subject to the terms of the
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	6	# Common Development and Distribution License (the "License").
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	7	# You may not use this file except in compliance with the License.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	8	#
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	9	# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	10	# or http://www.opensolaris.org/os/licensing.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	11	# See the License for the specific language governing permissions
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	12	# and limitations under the License.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	13	#
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	14	# When distributing Covered Code, include this CDDL HEADER in each
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	15	# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	16	# If applicable, add the following below this CDDL HEADER, with the
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	17	# fields enclosed by brackets "[]" replaced with your own identifying
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	18	# information: Portions Copyright [yyyy] [name of copyright owner]
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	19	#
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	20	# CDDL HEADER END
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	21	#
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	22
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	23	#
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	24	# Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	25	#
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	26
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	27	#
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	28	# NOTE: Any changes to this file are considered a change in client api
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	29	# interfaces and must be fully documented in doc/client_api_versions.txt
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	30	# if they are visible changes to the public interfaces provided.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	31	#
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	32	# This also means that changes to the interfaces here must be reflected in
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	33	# the client version number and compatible_versions specifier found in
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	34	# modules/client/api.py:__init__.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	35	#
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	36
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	37	import calendar
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	38	import copy
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	39	import cStringIO
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	40	import datetime as dt
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	41	import errno
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	42	import hashlib
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	43	import os
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	44	import pycurl
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	45	import shutil
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	46	import tempfile
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	47	import time
1968 c0540b1e4f7e 8722 advanced repository metadata store needed Shawn Walker <shawn.walker@oracle.com> parents: 1937 diff changeset	48	import urllib
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	49	import urlparse
1516 8c950a3b4171 10485 move pkg(5) to Python 2.6 Rich Burridge <rich.burridge@sun.com> parents: 1505 diff changeset	50	import uuid
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	51
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	52	from pkg.client import global_settings
2272 d81ea073d050 3617 Testsuite should allow choice for base port to use Brock Pytlik <brock.pytlik@oracle.com> parents: 2263 diff changeset	53	from pkg.client.debugvalues import DebugValues
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	54	logger = global_settings.logger
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	55
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	56	import pkg.catalog
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	57	import pkg.client.api_errors as api_errors
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	58	import pkg.client.sigpolicy as sigpolicy
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	59	import pkg.misc as misc
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	60	import pkg.portable as portable
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	61	import pkg.server.catalog as old_catalog
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	62	import M2Crypto as m2
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	63
2073 9fcacc9e5eaa 16998 transport should support publisher-specific write and read caches Shawn Walker <shawn.walker@oracle.com> parents: 2028 diff changeset	64	from pkg.misc import EmptyDict, EmptyI, SIGNATURE_POLICY, DictProperty
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	65
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	66	# The "core" type indicates that a repository contains all of the dependencies
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	67	# declared by packages in the repository. It is primarily used for operating
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	68	# system repositories.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	69	REPO_CTYPE_CORE = "core"
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	70
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	71	# The "supplemental" type indicates that a repository contains packages that
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	72	# rely on or are intended to be used with packages located in another
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	73	# repository.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	74	REPO_CTYPE_SUPPLEMENTAL = "supplemental"
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	75
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	76	# Mapping of constant values to names (in the event these ever get changed to
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	77	# numeric values or it is decided they need "prettier" or different labels).
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	78	REPO_COLLECTION_TYPES = {
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	79	REPO_CTYPE_CORE: "core",
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	80	REPO_CTYPE_SUPPLEMENTAL: "supplemental",
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	81	}
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	82
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	83	# Supported Protocol Schemes
1895 0a260cc2a689 15762 client support for filesystem-based repository access Shawn Walker <shawn.walker@oracle.com> parents: 1795 diff changeset	84	SUPPORTED_SCHEMES = set(("file", "http", "https"))
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	85
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	86	# SSL Protocol Schemes
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	87	SSL_SCHEMES = set(("https",))
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	88
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	89	# Supported RepositoryURI sorting policies.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	90	URI_SORT_PRIORITY = "priority"
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	91
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	92	# Sort policy mapping.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	93	URI_SORT_POLICIES = {
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	94	URI_SORT_PRIORITY: lambda obj: (obj.priority, obj.uri),
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	95	}
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	96
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	97	# This dictionary records the recognized values of extensions.
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	98	SUPPORTED_EXTENSION_VALUES = {
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	99	"basicConstraints": ("CA:TRUE", "CA:FALSE", "PATHLEN:"),
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	100	"keyUsage": ("DIGITAL SIGNATURE", "CERTIFICATE SIGN", "CRL SIGN")
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	101	}
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	102
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	103	# These dictionaries map uses into their extensions.
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	104	CODE_SIGNING_USE = {
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	105	"keyUsage": ["DIGITAL SIGNATURE"]
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	106	}
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	107
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	108	CERT_SIGNING_USE = {
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	109	"basicConstraints": ["CA:TRUE"],
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	110	"keyUsage": ["CERTIFICATE SIGN"]
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	111	}
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	112
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	113	CRL_SIGNING_USE = {
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	114	"keyUsage": ["CRL SIGN"]
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	115	}
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	116
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	117	POSSIBLE_USES = [CODE_SIGNING_USE, CERT_SIGNING_USE, CRL_SIGNING_USE]
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	118
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	119	class RepositoryURI(object):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	120	"""Class representing a repository URI and any transport-related
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	121	information."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	122
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	123	# These properties are declared here so that they show up in the pydoc
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	124	# documentation as private, and for clarity in the property declarations
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	125	# found near the end of the class definition.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	126	__priority = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	127	__ssl_cert = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	128	__ssl_key = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	129	__trailing_slash = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	130	__uri = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	131
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	132	# Used to store the id of the original object this one was copied
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	133	# from during __copy__.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	134	_source_object_id = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	135
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	136	def __init__(self, uri, priority=None, ssl_cert=None, ssl_key=None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	137	trailing_slash=True):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	138	# Must set first.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	139	self.__trailing_slash = trailing_slash
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	140
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	141	# Note that the properties set here are intentionally lacking
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	142	# the '__' prefix which means assignment will occur using the
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	143	# get/set methods declared for the property near the end of
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	144	# the class definition.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	145	self.priority = priority
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	146	self.uri = uri
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	147	self.ssl_cert = ssl_cert
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	148	self.ssl_key = ssl_key
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	149
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	150	def __copy__(self):
1252 3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	151	uri = RepositoryURI(self.__uri, priority=self.__priority,
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	152	ssl_cert=self.__ssl_cert, ssl_key=self.__ssl_key,
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	153	trailing_slash=self.__trailing_slash)
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	154	uri._source_object_id = id(self)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	155	return uri
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	156
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	157	def __eq__(self, other):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	158	if isinstance(other, RepositoryURI):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	159	return self.uri == other.uri
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	160	if isinstance(other, str):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	161	return self.uri == other
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	162	return False
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	163
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	164	def __ne__(self, other):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	165	if isinstance(other, RepositoryURI):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	166	return self.uri != other.uri
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	167	if isinstance(other, str):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	168	return self.uri != other
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	169	return True
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	170
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	171	def __set_priority(self, value):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	172	if value is not None:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	173	try:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	174	value = int(value)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	175	except (TypeError, ValueError):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	176	raise api_errors.BadRepositoryURIPriority(value)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	177	self.__priority = value
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	178
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	179	def __set_ssl_cert(self, filename):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	180	if self.scheme not in SSL_SCHEMES and filename:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	181	raise api_errors.UnsupportedRepositoryURIAttribute(
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	182	"ssl_cert", scheme=self.scheme)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	183	if filename:
1252 3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	184	if not isinstance(filename, basestring):
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	185	raise api_errors.BadRepositoryAttributeValue(
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	186	"ssl_cert", value=filename)
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	187	filename = os.path.abspath(filename)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	188	if not os.path.exists(filename):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	189	raise api_errors.NoSuchCertificate(filename,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	190	uri=self.uri)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	191	if filename == "":
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	192	filename = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	193	# XXX attempt certificate verification here?
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	194	self.__ssl_cert = filename
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	195
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	196	def __set_ssl_key(self, filename):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	197	if self.scheme not in SSL_SCHEMES and filename:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	198	raise api_errors.UnsupportedRepositoryURIAttribute(
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	199	"ssl_key", scheme=self.scheme)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	200	if filename:
1252 3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	201	if not isinstance(filename, basestring):
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	202	raise api_errors.BadRepositoryAttributeValue(
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	203	"ssl_key", value=filename)
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	204	filename = os.path.abspath(filename)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	205	if not os.path.exists(filename):
1254 28871b08d49c 8463 missing key file error message says certificate is missing Shawn Walker <srw@sun.com> parents: 1252 diff changeset	206	raise api_errors.NoSuchKey(filename,
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	207	uri=self.uri)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	208	if filename == "":
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	209	filename = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	210	# XXX attempt key verification here?
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	211	self.__ssl_key = filename
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	212
1252 3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	213	def __set_trailing_slash(self, value):
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	214	if value not in (True, False):
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	215	raise api_errors.BadRepositoryAttributeValue(
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	216	"trailing_slash", value=value)
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	217	self.__trailing_slash = value
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	218
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	219	def __set_uri(self, uri):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	220	if uri is None:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	221	raise api_errors.BadRepositoryURI(uri)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	222
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	223	# Decompose URI to verify attributes.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	224	scheme, netloc, path, params, query = \
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	225	urlparse.urlsplit(uri, allow_fragments=0)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	226
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	227	# The set of currently supported protocol schemes.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	228	if scheme.lower() not in SUPPORTED_SCHEMES:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	229	raise api_errors.UnsupportedRepositoryURI(uri)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	230
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	231	# XXX valid_pub_url's check isn't quite right and could prevent
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	232	# usage of IDNs (international domain names).
1895 0a260cc2a689 15762 client support for filesystem-based repository access Shawn Walker <shawn.walker@oracle.com> parents: 1795 diff changeset	233	if (scheme.lower().startswith("http") and not netloc) or \
0a260cc2a689 15762 client support for filesystem-based repository access Shawn Walker <shawn.walker@oracle.com> parents: 1795 diff changeset	234	not misc.valid_pub_url(uri):
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	235	raise api_errors.BadRepositoryURI(uri)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	236
1968 c0540b1e4f7e 8722 advanced repository metadata store needed Shawn Walker <shawn.walker@oracle.com> parents: 1937 diff changeset	237	if scheme.lower() == "file" and netloc:
c0540b1e4f7e 8722 advanced repository metadata store needed Shawn Walker <shawn.walker@oracle.com> parents: 1937 diff changeset	238	raise api_errors.BadRepositoryURI(uri)
c0540b1e4f7e 8722 advanced repository metadata store needed Shawn Walker <shawn.walker@oracle.com> parents: 1937 diff changeset	239
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	240	# Normalize URI scheme.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	241	uri = uri.replace(scheme, scheme.lower(), 1)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	242
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	243	if self.__trailing_slash:
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	244	uri = misc.url_affix_trailing_slash(uri)
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	245
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	246	if scheme.lower() not in SSL_SCHEMES:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	247	self.__ssl_cert = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	248	self.__ssl_key = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	249
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	250	self.__uri = uri
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	251
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	252	def __str__(self):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	253	return self.__uri
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	254
1968 c0540b1e4f7e 8722 advanced repository metadata store needed Shawn Walker <shawn.walker@oracle.com> parents: 1937 diff changeset	255	def get_pathname(self):
c0540b1e4f7e 8722 advanced repository metadata store needed Shawn Walker <shawn.walker@oracle.com> parents: 1937 diff changeset	256	"""Returns the URI path as a pathname if the URI is a file
c0540b1e4f7e 8722 advanced repository metadata store needed Shawn Walker <shawn.walker@oracle.com> parents: 1937 diff changeset	257	URI or '' otherwise."""
c0540b1e4f7e 8722 advanced repository metadata store needed Shawn Walker <shawn.walker@oracle.com> parents: 1937 diff changeset	258
c0540b1e4f7e 8722 advanced repository metadata store needed Shawn Walker <shawn.walker@oracle.com> parents: 1937 diff changeset	259	scheme, netloc, path, params, query, fragment = \
c0540b1e4f7e 8722 advanced repository metadata store needed Shawn Walker <shawn.walker@oracle.com> parents: 1937 diff changeset	260	urlparse.urlparse(self.__uri, allow_fragments=0)
c0540b1e4f7e 8722 advanced repository metadata store needed Shawn Walker <shawn.walker@oracle.com> parents: 1937 diff changeset	261	if scheme == "file":
c0540b1e4f7e 8722 advanced repository metadata store needed Shawn Walker <shawn.walker@oracle.com> parents: 1937 diff changeset	262	return urllib.url2pathname(path)
c0540b1e4f7e 8722 advanced repository metadata store needed Shawn Walker <shawn.walker@oracle.com> parents: 1937 diff changeset	263	return ""
c0540b1e4f7e 8722 advanced repository metadata store needed Shawn Walker <shawn.walker@oracle.com> parents: 1937 diff changeset	264
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	265	ssl_cert = property(lambda self: self.__ssl_cert, __set_ssl_cert, None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	266	"The absolute pathname of a PEM-encoded SSL certificate file.")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	267
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	268	ssl_key = property(lambda self: self.__ssl_key, __set_ssl_key, None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	269	"The absolute pathname of a PEM-encoded SSL key file.")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	270
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	271	uri = property(lambda self: self.__uri, __set_uri, None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	272	"The URI used to access a repository.")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	273
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	274	priority = property(lambda self: self.__priority, __set_priority, None,
1252 3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	275	"An integer value representing the importance of this repository "
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	276	"URI relative to others.")
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	277
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	278	@property
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	279	def scheme(self):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	280	"""The URI scheme."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	281	if not self.__uri:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	282	return ""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	283	return urlparse.urlsplit(self.__uri, allow_fragments=0)[0]
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	284
1252 3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	285	trailing_slash = property(lambda self: self.__trailing_slash,
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	286	__set_trailing_slash, None,
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	287	"A boolean value indicating whether any URI provided for this "
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	288	"object should have a trailing slash appended when setting the "
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	289	"URI property.")
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	290
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	291
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	292	class Repository(object):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	293	"""Class representing a repository object.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	294
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	295	A repository object represents a location where clients can publish
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	296	and retrieve package content and/or metadata. It has the following
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	297	characteristics:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	298
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	299	- may have one or more origins (URIs) for publication and
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	300	retrieval of package metadata and content.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	301
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	302	- may have zero or more mirrors (URIs) for retrieval of package
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	303	content."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	304
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	305	# These properties are declared here so that they show up in the pydoc
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	306	# documentation as private, and for clarity in the property declarations
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	307	# found near the end of the class definition.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	308	__collection_type = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	309	__legal_uris = []
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	310	__mirrors = []
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	311	__origins = []
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	312	__refresh_seconds = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	313	__registration_uri = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	314	__related_uris = []
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	315	__sort_policy = URI_SORT_PRIORITY
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	316
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	317	# Used to store the id of the original object this one was copied
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	318	# from during __copy__.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	319	_source_object_id = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	320
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	321	name = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	322	description = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	323	registered = False
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	324
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	325	def __init__(self, collection_type=REPO_CTYPE_CORE, description=None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	326	legal_uris=None, mirrors=None, name=None, origins=None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	327	refresh_seconds=None, registered=False, registration_uri=None,
2100 6a366b063036 17144 Unix socket support is defunct johansen <johansen@opensolaris.org> parents: 2097 diff changeset	328	related_uris=None, sort_policy=URI_SORT_PRIORITY):
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	329	"""Initializes a repository object.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	330
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	331	'collection_type' is an optional constant value indicating the
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	332	type of packages in the repository.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	333
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	334	'description' is an optional string value containing a
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	335	descriptive paragraph for the repository.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	336
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	337	'legal_uris' should be a list of RepositoryURI objects or URI
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	338	strings indicating where licensing, legal, and terms of service
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	339	information for the repository can be found.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	340
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	341	'mirrors' is an optional list of RepositoryURI objects or URI
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	342	strings indicating where package content can be retrieved.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	343
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	344	'name' is an optional, short, descriptive name for the
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	345	repository.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	346
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	347	'origins' should be a list of RepositoryURI objects or URI
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	348	strings indicating where package metadata can be retrieved.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	349
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	350	'refresh_seconds' is an optional integer value indicating the
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	351	number of seconds clients should wait before refreshing cached
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	352	repository catalog or repository metadata information.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	353
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	354	'registered' is an optional boolean value indicating whether
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	355	a client has registered with the repository's publisher.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	356
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	357	'registration_uri' is an optional RepositoryURI object or a URI
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	358	string indicating a location clients can use to register or
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	359	obtain credentials needed to access the repository.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	360
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	361	'related_uris' is an optional list of RepositoryURI objects or a
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	362	list of URI strings indicating the location of related
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	363	repositories that a client may be interested in.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	364
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	365	'sort_policy' is an optional constant value indicating how
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	366	legal_uris, mirrors, origins, and related_uris should be
2100 6a366b063036 17144 Unix socket support is defunct johansen <johansen@opensolaris.org> parents: 2097 diff changeset	367	sorted."""
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	368
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	369	# Note that the properties set here are intentionally lacking
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	370	# the '__' prefix which means assignment will occur using the
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	371	# get/set methods declared for the property near the end of
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	372	# the class definition.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	373
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	374	# Must be set first so that it will apply to attributes set
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	375	# afterwards.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	376	self.sort_policy = sort_policy
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	377
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	378	self.collection_type = collection_type
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	379	self.description = description
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	380	self.legal_uris = legal_uris
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	381	self.mirrors = mirrors
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	382	self.name = name
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	383	self.origins = origins
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	384	self.refresh_seconds = refresh_seconds
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	385	self.registered = registered
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	386	self.registration_uri = registration_uri
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	387	self.related_uris = related_uris
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	388
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	389	def __add_uri(self, attr, uri, dup_check=None, priority=None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	390	ssl_cert=None, ssl_key=None, trailing_slash=True):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	391	if not isinstance(uri, RepositoryURI):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	392	uri = RepositoryURI(uri, priority=priority,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	393	ssl_cert=ssl_cert, ssl_key=ssl_key,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	394	trailing_slash=trailing_slash)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	395
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	396	if dup_check:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	397	dup_check(uri)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	398
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	399	ulist = getattr(self, attr)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	400	ulist.append(uri)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	401	ulist.sort(key=URI_SORT_POLICIES[self.__sort_policy])
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	402
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	403	def __copy__(self):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	404	cluris = [copy.copy(u) for u in self.legal_uris]
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	405	cmirrors = [copy.copy(u) for u in self.mirrors]
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	406	cruris = [copy.copy(u) for u in self.related_uris]
2100 6a366b063036 17144 Unix socket support is defunct johansen <johansen@opensolaris.org> parents: 2097 diff changeset	407	corigins = [copy.copy(u) for u in self.origins]
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	408	repo = Repository(collection_type=self.collection_type,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	409	description=self.description,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	410	legal_uris=cluris,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	411	mirrors=cmirrors, name=self.name,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	412	origins=corigins,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	413	refresh_seconds=self.refresh_seconds,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	414	registered=self.registered,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	415	registration_uri=copy.copy(self.registration_uri),
2100 6a366b063036 17144 Unix socket support is defunct johansen <johansen@opensolaris.org> parents: 2097 diff changeset	416	related_uris=cruris)
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	417	repo._source_object_id = id(self)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	418	return repo
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	419
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	420	def __replace_uris(self, attr, value, trailing_slash=True):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	421	if value is None:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	422	value = []
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	423	if not isinstance(value, list):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	424	raise api_errors.BadRepositoryAttributeValue(attr,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	425	value=value)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	426	uris = []
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	427	for u in value:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	428	if not isinstance(u, RepositoryURI):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	429	u = RepositoryURI(u,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	430	trailing_slash=trailing_slash)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	431	elif trailing_slash:
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	432	u.uri = misc.url_affix_trailing_slash(u.uri)
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	433	uris.append(u)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	434	uris.sort(key=URI_SORT_POLICIES[self.__sort_policy])
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	435	return uris
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	436
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	437	def __set_collection_type(self, value):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	438	if value not in REPO_COLLECTION_TYPES:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	439	raise api_errors.BadRepositoryCollectionType(value)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	440	self.__collection_type = value
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	441
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	442	def __set_legal_uris(self, value):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	443	self.__legal_uris = self.__replace_uris("legal_uris", value,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	444	trailing_slash=False)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	445
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	446	def __set_mirrors(self, value):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	447	self.__mirrors = self.__replace_uris("mirrors", value)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	448
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	449	def __set_origins(self, value):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	450	self.__origins = self.__replace_uris("origins", value)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	451
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	452	def __set_registration_uri(self, value):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	453	if value and not isinstance(value, RepositoryURI):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	454	value = RepositoryURI(value, trailing_slash=False)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	455	self.__registration_uri = value
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	456
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	457	def __set_related_uris(self, value):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	458	self.__related_uris = self.__replace_uris("related_uris",
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	459	value, trailing_slash=False)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	460
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	461	def __set_refresh_seconds(self, value):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	462	if value is not None:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	463	try:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	464	value = int(value)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	465	except (TypeError, ValueError):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	466	raise api_errors.BadRepositoryAttributeValue(
1252 3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	467	"refresh_seconds", value=value)
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	468	if value < 0:
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	469	raise api_errors.BadRepositoryAttributeValue(
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	470	"refresh_seconds", value=value)
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	471	self.__refresh_seconds = value
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	472
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	473	def __set_sort_policy(self, value):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	474	if value not in URI_SORT_POLICIES:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	475	raise api_errors.BadRepositoryURISortPolicy(value)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	476	self.__sort_policy = value
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	477
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	478	def add_legal_uri(self, uri, priority=None, ssl_cert=None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	479	ssl_key=None):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	480	"""Adds the specified legal URI to the repository.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	481
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	482	'uri' can be a RepositoryURI object or a URI string. If
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	483	it is a RepositoryURI object, all other parameters will be
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	484	ignored."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	485
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	486	self.__add_uri("legal_uris", uri, priority=priority,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	487	ssl_cert=ssl_cert, ssl_key=ssl_key, trailing_slash=False)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	488
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	489	def add_mirror(self, mirror, priority=None, ssl_cert=None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	490	ssl_key=None):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	491	"""Adds the specified mirror to the repository.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	492
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	493	'mirror' can be a RepositoryURI object or a URI string. If
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	494	it is a RepositoryURI object, all other parameters will be
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	495	ignored."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	496
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	497	def dup_check(mirror):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	498	if self.has_mirror(mirror):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	499	raise api_errors.DuplicateRepositoryMirror(
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	500	mirror)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	501
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	502	self.__add_uri("mirrors", mirror, dup_check=dup_check,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	503	priority=priority, ssl_cert=ssl_cert, ssl_key=ssl_key)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	504
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	505	def add_origin(self, origin, priority=None, ssl_cert=None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	506	ssl_key=None):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	507	"""Adds the specified origin to the repository.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	508
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	509	'origin' can be a RepositoryURI object or a URI string. If
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	510	it is a RepositoryURI object, all other parameters will be
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	511	ignored."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	512
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	513	def dup_check(origin):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	514	if self.has_origin(origin):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	515	raise api_errors.DuplicateRepositoryOrigin(
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	516	origin)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	517
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	518	self.__add_uri("origins", origin, dup_check=dup_check,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	519	priority=priority, ssl_cert=ssl_cert, ssl_key=ssl_key)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	520
1252 3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	521	def add_related_uri(self, uri, priority=None, ssl_cert=None,
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	522	ssl_key=None):
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	523	"""Adds the specified related URI to the repository.
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	524
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	525	'uri' can be a RepositoryURI object or a URI string. If
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	526	it is a RepositoryURI object, all other parameters will be
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	527	ignored."""
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	528
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	529	self.__add_uri("related_uris", uri, priority=priority,
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	530	ssl_cert=ssl_cert, ssl_key=ssl_key, trailing_slash=False)
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	531
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	532	def get_mirror(self, mirror):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	533	"""Returns a RepositoryURI object representing the mirror
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	534	that matches 'mirror'.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	535
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	536	'mirror' can be a RepositoryURI object or a URI string."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	537
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	538	if not isinstance(mirror, RepositoryURI):
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	539	mirror = misc.url_affix_trailing_slash(mirror)
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	540	for m in self.mirrors:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	541	if mirror == m.uri:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	542	return m
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	543	raise api_errors.UnknownRepositoryMirror(mirror)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	544
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	545	def get_origin(self, origin):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	546	"""Returns a RepositoryURI object representing the origin
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	547	that matches 'origin'.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	548
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	549	'origin' can be a RepositoryURI object or a URI string."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	550
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	551	if not isinstance(origin, RepositoryURI):
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	552	origin = misc.url_affix_trailing_slash(origin)
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	553	for o in self.origins:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	554	if origin == o.uri:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	555	return o
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	556	raise api_errors.UnknownRepositoryOrigin(origin)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	557
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	558	def has_mirror(self, mirror):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	559	"""Returns a boolean value indicating whether a matching
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	560	'mirror' exists for the repository.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	561
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	562	'mirror' can be a RepositoryURI object or a URI string."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	563
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	564	if not isinstance(mirror, RepositoryURI):
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	565	mirror = misc.url_affix_trailing_slash(mirror)
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	566	return mirror in self.mirrors
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	567
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	568	def has_origin(self, origin):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	569	"""Returns a boolean value indicating whether a matching
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	570	'origin' exists for the repository.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	571
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	572	'origin' can be a RepositoryURI object or a URI string."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	573
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	574	if not isinstance(origin, RepositoryURI):
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	575	origin = misc.url_affix_trailing_slash(origin)
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	576	return origin in self.origins
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	577
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	578	def remove_legal_uri(self, uri):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	579	"""Removes the legal URI matching 'uri' from the repository.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	580
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	581	'uri' can be a RepositoryURI object or a URI string."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	582
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	583	for i, m in enumerate(self.legal_uris):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	584	if uri == m.uri:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	585	# Immediate return as the index into the array
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	586	# changes with each removal.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	587	del self.legal_uris[i]
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	588	return
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	589	raise api_errors.UnknownLegalURI(uri)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	590
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	591	def remove_mirror(self, mirror):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	592	"""Removes the mirror matching 'mirror' from the repository.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	593
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	594	'mirror' can be a RepositoryURI object or a URI string."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	595
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	596	if not isinstance(mirror, RepositoryURI):
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	597	mirror = misc.url_affix_trailing_slash(mirror)
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	598	for i, m in enumerate(self.mirrors):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	599	if mirror == m.uri:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	600	# Immediate return as the index into the array
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	601	# changes with each removal.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	602	del self.mirrors[i]
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	603	return
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	604	raise api_errors.UnknownRepositoryMirror(mirror)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	605
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	606	def remove_origin(self, origin):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	607	"""Removes the origin matching 'origin' from the repository.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	608
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	609	'origin' can be a RepositoryURI object or a URI string."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	610
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	611	if not isinstance(origin, RepositoryURI):
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	612	origin = misc.url_affix_trailing_slash(origin)
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	613	for i, o in enumerate(self.origins):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	614	if origin == o.uri:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	615	# Immediate return as the index into the array
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	616	# changes with each removal.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	617	del self.origins[i]
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	618	return
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	619	raise api_errors.UnknownRepositoryOrigin(origin)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	620
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	621	def remove_related_uri(self, uri):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	622	"""Removes the related URI matching 'uri' from the repository.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	623
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	624	'uri' can be a RepositoryURI object or a URI string."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	625
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	626	for i, m in enumerate(self.related_uris):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	627	if uri == m.uri:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	628	# Immediate return as the index into the array
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	629	# changes with each removal.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	630	del self.related_uris[i]
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	631	return
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	632	raise api_errors.UnknownRelatedURI(uri)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	633
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	634	def update_mirror(self, mirror, priority=None, ssl_cert=None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	635	ssl_key=None):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	636	"""Updates an existing mirror object matching 'mirror'.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	637
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	638	'mirror' can be a RepositoryURI object or a URI string."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	639
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	640	if not isinstance(mirror, RepositoryURI):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	641	mirror = RepositoryURI(mirror, priority=priority,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	642	ssl_cert=ssl_cert, ssl_key=ssl_key)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	643
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	644	target = self.get_mirror(mirror)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	645	target.priority = mirror.priority
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	646	target.ssl_cert = mirror.ssl_cert
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	647	target.ssl_key = mirror.ssl_key
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	648	self.mirrors.sort(key=URI_SORT_POLICIES[self.__sort_policy])
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	649
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	650	def update_origin(self, origin, priority=None, ssl_cert=None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	651	ssl_key=None):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	652	"""Updates an existing origin object matching 'origin'.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	653
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	654	'origin' can be a RepositoryURI object or a URI string."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	655
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	656	if not isinstance(origin, RepositoryURI):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	657	origin = RepositoryURI(origin, priority=priority,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	658	ssl_cert=ssl_cert, ssl_key=ssl_key)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	659
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	660	target = self.get_origin(origin)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	661	target.priority = origin.priority
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	662	target.ssl_cert = origin.ssl_cert
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	663	target.ssl_key = origin.ssl_key
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	664	self.origins.sort(key=URI_SORT_POLICIES[self.__sort_policy])
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	665
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	666	def reset_mirrors(self):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	667	"""Discards the current list of repository mirrors."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	668
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	669	self.mirrors = []
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	670
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	671	def reset_origins(self):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	672	"""Discards the current list of repository origins."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	673
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	674	self.origins = []
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	675
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	676	collection_type = property(lambda self: self.__collection_type,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	677	__set_collection_type, None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	678	"""A constant value indicating the type of packages in the
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	679	repository. The following collection types are recognized:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	680
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	681	REPO_CTYPE_CORE
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	682	The "core" type indicates that the repository contains
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	683	all of the dependencies declared by packages in the
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	684	repository. It is primarily used for operating system
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	685	repositories.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	686
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	687	REPO_CTYPE_SUPPLEMENTAL
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	688	The "supplemental" type indicates that the repository
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	689	contains packages that rely on or are intended to be
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	690	used with packages located in another repository.""")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	691
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	692	legal_uris = property(lambda self: self.__legal_uris,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	693	__set_legal_uris, None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	694	"""A list of RepositoryURI objects indicating where licensing,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	695	legal, and terms of service information for the repository can be
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	696	found.""")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	697
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	698	mirrors = property(lambda self: self.__mirrors, __set_mirrors, None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	699	"""A list of RepositoryURI objects indicating where package content
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	700	can be retrieved. If any value in the list provided is a URI
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	701	string, it will be replaced with a RepositoryURI object.""")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	702
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	703	origins = property(lambda self: self.__origins, __set_origins, None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	704	"""A list of RepositoryURI objects indicating where package content
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	705	can be retrieved. If any value in the list provided is a URI
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	706	string, it will be replaced with a RepositoryURI object.""")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	707
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	708	registration_uri = property(lambda self: self.__registration_uri,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	709	__set_registration_uri, None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	710	"""A RepositoryURI object indicating a location clients can use to
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	711	register or obtain credentials needed to access the repository. If
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	712	the value provided is a URI string, it will be replaced with a
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	713	RepositoryURI object.""")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	714
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	715	related_uris = property(lambda self: self.__related_uris,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	716	__set_related_uris, None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	717	"""A list of RepositoryURI objects indicating the location of
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	718	related repositories that a client may be interested in. If any
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	719	value in the list provided is a URI string, it will be replaced with
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	720	a RepositoryURI object.""")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	721
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	722	refresh_seconds = property(lambda self: self.__refresh_seconds,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	723	__set_refresh_seconds, None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	724	"""An integer value indicating the number of seconds clients should
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	725	wait before refreshing cached repository metadata information. A
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	726	value of None indicates that refreshes should be performed at the
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	727	client's discretion.""")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	728
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	729	sort_policy = property(lambda self: self.__sort_policy,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	730	__set_sort_policy, None,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	731	"""A constant value indicating how legal_uris, mirrors, origins, and
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	732	related_uris should be sorted. The following policies are
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	733	recognized:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	734
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	735	URI_SORT_PRIORITY
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	736	The "priority" policy indicate that URIs should be
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	737	sorted according to the value of their priority
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	738	attribute.""")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	739
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	740
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	741	class Publisher(object):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	742	"""Class representing a publisher object and a set of interfaces to set
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	743	and retrieve its information.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	744
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	745	A publisher is a forward or reverse domain name identifying a source
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	746	(e.g. "publisher") of packages."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	747
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	748	# These properties are declared here so that they show up in the pydoc
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	749	# documentation as private, and for clarity in the property declarations
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	750	# found near the end of the class definition.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	751	__alias = None
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	752	__catalog = None
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	753	__client_uuid = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	754	__disabled = False
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	755	__meta_root = None
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	756	__prefix = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	757	__selected_repository = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	758	__repositories = []
1505 cc598d70bbbe 4425 pkg install should deal w/ complex dependency changes in one install Bart Smaalders <Bart.Smaalders@Sun.COM> parents: 1449 diff changeset	759	__sticky = True
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	760	transport = None
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	761
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	762	# Used to store the id of the original object this one was copied
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	763	# from during __copy__.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	764	_source_object_id = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	765
2219 60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	766	def __init__(self, prefix, alias=None, catalog=None, client_uuid=None,
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	767	disabled=False, meta_root=None, repositories=None,
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	768	selected_repository=None, transport=None, sticky=True,
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	769	ca_certs=EmptyI, intermediate_certs=EmptyI, props=None,
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	770	revoked_ca_certs=EmptyI, approved_ca_certs=EmptyI):
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	771	"""Initialize a new publisher object.
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	772
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	773	'catalog' is an optional Catalog object to use in place of
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	774	retrieving one from the publisher's meta_root. This option
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	775	may only be used when meta_root is not provided.
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	776	"""
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	777
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	778	assert not (catalog and meta_root)
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	779
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	780	if client_uuid is None:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	781	self.reset_client_uuid()
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	782	else:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	783	self.__client_uuid = client_uuid
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	784
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	785	self.__repositories = []
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	786
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	787	# Note that the properties set here are intentionally lacking
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	788	# the '__' prefix which means assignment will occur using the
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	789	# get/set methods declared for the property near the end of
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	790	# the class definition.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	791	self.alias = alias
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	792	self.disabled = disabled
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	793	self.prefix = prefix
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	794	self.transport = transport
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	795	self.meta_root = meta_root
1505 cc598d70bbbe 4425 pkg install should deal w/ complex dependency changes in one install Bart Smaalders <Bart.Smaalders@Sun.COM> parents: 1449 diff changeset	796	self.sticky = sticky
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	797
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	798	if repositories:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	799	for r in repositories:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	800	self.add_repository(r)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	801
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	802	if selected_repository:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	803	self.selected_repository = selected_repository
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	804
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	805	self.__sig_policy = None
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	806	self.__delay_validation = False
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	807
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	808	self.__properties = {}
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	809
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	810	# Writing out an EmptyI to a config file and reading it back
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	811	# in doesn't work correctly at the moment, but reading and
2028 b2c674e6ee28 16744 repository multi-publisher on-disk format should be formalized and implemented Shawn Walker <shawn.walker@oracle.com> parents: 2026 diff changeset	812	# writing an empty list does. So if intermediate_certs is empty,
b2c674e6ee28 16744 repository multi-publisher on-disk format should be formalized and implemented Shawn Walker <shawn.walker@oracle.com> parents: 2026 diff changeset	813	# make sure it's stored as an empty list.
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	814	#
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	815	# The relevant implementation is probably the line which
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	816	# strips ][ from the input in imageconfig.read_list.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	817	if revoked_ca_certs:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	818	self.revoked_ca_certs = revoked_ca_certs
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	819	else:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	820	self.revoked_ca_certs = []
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	821
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	822	if approved_ca_certs:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	823	self.approved_ca_certs = approved_ca_certs
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	824	else:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	825	self.approved_ca_certs = []
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	826
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	827	if props:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	828	self.properties.update(props)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	829
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	830	self.ca_dict = None
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	831
2219 60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	832	# Must be done last.
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	833	self.__catalog = catalog
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	834
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	835	def __cmp__(self, other):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	836	if other is None:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	837	return 1
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	838	if isinstance(other, Publisher):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	839	return cmp(self.prefix, other.prefix)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	840	return cmp(self.prefix, other)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	841
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	842	@staticmethod
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	843	def __contains__(key):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	844	"""Supports deprecated compatibility interface."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	845
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	846	return key in ("client_uuid", "disabled", "mirrors", "origin",
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	847	"prefix", "ssl_cert", "ssl_key")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	848
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	849	def __copy__(self):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	850	selected = None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	851	repositories = []
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	852	for r in self.__repositories:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	853	repo = copy.copy(r)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	854	if r == self.selected_repository:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	855	selected = repo
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	856	repositories.append(repo)
1252 3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	857	pub = Publisher(self.__prefix, alias=self.__alias,
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	858	client_uuid=self.__client_uuid, disabled=self.__disabled,
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	859	meta_root=self.meta_root, repositories=repositories,
1505 cc598d70bbbe 4425 pkg install should deal w/ complex dependency changes in one install Bart Smaalders <Bart.Smaalders@Sun.COM> parents: 1449 diff changeset	860	selected_repository=selected, transport=self.transport,
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	861	sticky=self.__sticky,
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	862	props=self.properties,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	863	revoked_ca_certs=self.revoked_ca_certs,
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	864	approved_ca_certs=self.approved_ca_certs)
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	865	pub._source_object_id = id(self)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	866	return pub
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	867
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	868	def __eq__(self, other):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	869	if isinstance(other, Publisher):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	870	return self.prefix == other.prefix
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	871	if isinstance(other, str):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	872	return self.prefix == other
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	873	return False
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	874
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	875	def __getitem__(self, key):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	876	"""Deprecated compatibility interface allowing publisher
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	877	attributes to be read as pub["attribute"]."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	878
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	879	if key == "client_uuid":
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	880	return self.__client_uuid
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	881	if key == "disabled":
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	882	return self.__disabled
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	883	if key == "prefix":
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	884	return self.__prefix
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	885
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	886	repo = self.selected_repository
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	887	if key == "mirrors":
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	888	return [str(m) for m in repo.mirrors]
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	889	if key == "origin":
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	890	if not repo.origins[0]:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	891	return None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	892	return repo.origins[0].uri
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	893	if key == "ssl_cert":
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	894	if not repo.origins[0]:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	895	return None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	896	return repo.origins[0].ssl_cert
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	897	if key == "ssl_key":
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	898	if not repo.origins[0]:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	899	return None
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	900	return repo.origins[0].ssl_key
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	901
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	902	def __get_last_refreshed(self):
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	903	if not self.meta_root:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	904	return None
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	905
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	906	lcfile = os.path.join(self.meta_root, "last_refreshed")
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	907	try:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	908	mod_time = os.stat(lcfile).st_mtime
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	909	except EnvironmentError, e:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	910	if e.errno == errno.ENOENT:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	911	return None
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	912	raise
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	913	return dt.datetime.utcfromtimestamp(mod_time)
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	914
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	915	def __ne__(self, other):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	916	if isinstance(other, Publisher):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	917	return self.prefix != other.prefix
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	918	if isinstance(other, str):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	919	return self.prefix != other
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	920	return True
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	921
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	922	def __set_alias(self, value):
2028 b2c674e6ee28 16744 repository multi-publisher on-disk format should be formalized and implemented Shawn Walker <shawn.walker@oracle.com> parents: 2026 diff changeset	923	# Aliases must comply with the same restrictions that prefixes
b2c674e6ee28 16744 repository multi-publisher on-disk format should be formalized and implemented Shawn Walker <shawn.walker@oracle.com> parents: 2026 diff changeset	924	# have as they are intended to be useable in any case where
b2c674e6ee28 16744 repository multi-publisher on-disk format should be formalized and implemented Shawn Walker <shawn.walker@oracle.com> parents: 2026 diff changeset	925	# a prefix may be used.
b2c674e6ee28 16744 repository multi-publisher on-disk format should be formalized and implemented Shawn Walker <shawn.walker@oracle.com> parents: 2026 diff changeset	926	if value is not None and value != "" and \
b2c674e6ee28 16744 repository multi-publisher on-disk format should be formalized and implemented Shawn Walker <shawn.walker@oracle.com> parents: 2026 diff changeset	927	not misc.valid_pub_prefix(value):
b2c674e6ee28 16744 repository multi-publisher on-disk format should be formalized and implemented Shawn Walker <shawn.walker@oracle.com> parents: 2026 diff changeset	928	raise api_errors.BadPublisherAlias(value)
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	929	self.__alias = value
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	930
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	931	def __set_disabled(self, disabled):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	932	if disabled:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	933	self.__disabled = True
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	934	else:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	935	self.__disabled = False
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	936
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	937	def __set_last_refreshed(self, value):
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	938	if not self.meta_root:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	939	return
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	940
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	941	if value is not None and not isinstance(value, dt.datetime):
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	942	raise api_errors.BadRepositoryAttributeValue(
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	943	"last_refreshed", value=value)
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	944
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	945	lcfile = os.path.join(self.meta_root, "last_refreshed")
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	946	if not value:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	947	# If no value was provided, attempt to remove the
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	948	# tracking file.
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	949	try:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	950	portable.remove(lcfile)
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	951	except EnvironmentError, e:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	952	# If the file can't be removed due to
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	953	# permissions, a read-only filesystem, or
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	954	# because it doesn't exist, continue on.
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	955	if e.errno not in (errno.ENOENT, errno.EACCES,
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	956	errno.EROFS):
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	957	raise
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	958	return
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	959
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	960	def create_tracker():
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	961	try:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	962	f = open(lcfile, "wb")
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	963	f.write("%s\n" % misc.time_to_timestamp(
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	964	calendar.timegm(value.utctimetuple())))
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	965	f.close()
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	966	except EnvironmentError, e:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	967	# If the file can't be written due to
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	968	# permissions or because the filesystem is
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	969	# read-only, continue on.
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	970	if e.errno not in (errno.EACCES, errno.EROFS):
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	971	raise
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	972
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	973	try:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	974	# If a time was provided, write out a special file that
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	975	# can be used to track the information with the actual
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	976	# time (in UTC) contained within.
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	977	create_tracker()
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	978	except EnvironmentError, e:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	979	if e.errno != errno.ENOENT:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	980	raise
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	981
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	982	# Assume meta_root doesn't exist and create it.
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	983	try:
1087 293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	984	self.create_meta_root()
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	985	except api_errors.PermissionsException:
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	986	# If the directory can't be created due to
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	987	# permissions, move on.
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	988	pass
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	989	except EnvironmentError, e:
1087 293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	990	# If the directory can't be created due to a
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	991	# read-only filesystem, move on.
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	992	if e.errno != errno.EROFS:
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	993	raise
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	994	else:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	995	# Try one last time.
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	996	create_tracker()
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	997
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	998	def __set_meta_root(self, pathname):
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	999	if pathname:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1000	pathname = os.path.abspath(pathname)
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1001	self.__meta_root = pathname
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1002	if self.__catalog:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1003	self.__catalog.meta_root = self.catalog_root
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1004	if self.__meta_root:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1005	self.cert_root = os.path.join(self.__meta_root, "certs")
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1006	self.__subj_root = os.path.join(self.cert_root,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1007	"subject_hashes")
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1008	self.__crl_root = os.path.join(self.cert_root, "crls")
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1009
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1010	def __set_prefix(self, prefix):
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1011	if not misc.valid_pub_prefix(prefix):
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1012	raise api_errors.BadPublisherPrefix(prefix)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1013	self.__prefix = prefix
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1014
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1015	def __set_selected_repository(self, value):
1252 3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	1016	if not isinstance(value, Repository) or \
3b1b69011fcf 8709 ImageInterface.has_publisher has incorrect docstring Shawn Walker <srw@sun.com> parents: 1210 diff changeset	1017	value not in self.repositories:
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1018	raise api_errors.UnknownRepository(value)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1019	self.__selected_repository = value
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1020	self.__catalog = None
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1021
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1022	def __set_client_uuid(self, value):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1023	self.__client_uuid = value
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1024
1505 cc598d70bbbe 4425 pkg install should deal w/ complex dependency changes in one install Bart Smaalders <Bart.Smaalders@Sun.COM> parents: 1449 diff changeset	1025	def __set_stickiness(self, value):
cc598d70bbbe 4425 pkg install should deal w/ complex dependency changes in one install Bart Smaalders <Bart.Smaalders@Sun.COM> parents: 1449 diff changeset	1026	self.__sticky = bool(value)
cc598d70bbbe 4425 pkg install should deal w/ complex dependency changes in one install Bart Smaalders <Bart.Smaalders@Sun.COM> parents: 1449 diff changeset	1027
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1028	def __str__(self):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1029	return self.prefix
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1030
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1031	def __validate_metadata(self):
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1032	"""Private helper function to check the publisher's metadata
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1033	for configuration or other issues and log appropriate warnings
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1034	or errors. Currently only checks catalog metadata."""
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1035
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1036	c = self.catalog
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1037	if not c.exists:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1038	# Nothing to validate.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1039	return
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1040	if not c.version > 0:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1041	# Validation doesn't apply.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1042	return
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1043	if not c.package_count:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1044	# Nothing to do.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1045	return
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1046
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1047	# XXX For now, perform this check using the catalog data.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1048	# In the future, it should be done using the output of the
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1049	# publisher/0 operation.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1050	pubs = self.catalog.publishers()
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1051
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1052	if self.prefix not in pubs:
1604 a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1053	origins = self.selected_repository.origins
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1054	origin = origins[0]
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1055	logger.error(_("""
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1056	Unable to retrieve package data for publisher '%(prefix)s' from one
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1057	of the following origin(s):
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1058
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1059	%(origins)s
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1060
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1061	The catalog retrieved from one of the origin(s) listed above only
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1062	contains package data for: %(pubs)s.
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1063	""") % { "origins": "\n".join(str(o) for o in origins), "prefix": self.prefix,
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1064	"pubs": ", ".join(pubs) })
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1065
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1066	if global_settings.client_name != "pkg":
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1067	logger.error(_("""\
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1068	This is either a result of invalid origin information being provided
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1069	for publisher '%s', or because the wrong publisher name was
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1070	provided when this publisher was added.
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1071	""") % self.prefix)
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1072	# Remaining messages are for pkg client only.
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1073	return
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1074
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1075	logger.error(_("""\
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1076	To resolve this issue, correct the origin information provided for
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1077	publisher '%(prefix)s' using the pkg set-publisher subcommand, or re-add
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1078	the publisher using the correct name and remove the '%(prefix)s'
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1079	publisher.
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1080	""") % { "prefix": self.prefix })
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1081
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1082	if len(pubs) == 1:
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1083	logger.warning(_("""\
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1084	To re-add this publisher with the correct name, execute the following
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1085	commands as a privileged user:
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1086
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1087	pkg set-publisher -P -g %(origin)s %(pub)s
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1088	pkg unset-publisher %(prefix)s
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1089	""") % { "origin": origin, "prefix": self.prefix, "pub": list(pubs)[0] })
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1090	return
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1091
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1092	logger.warning(_("""\
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1093	The origin(s) listed above contain package data for more than one
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1094	publisher, but this issue can likely be resolved by executing one
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1095	of the following commands as a privileged user:
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1096	"""))
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1097
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1098	for pfx in pubs:
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1099	logger.warning(_("pkg set-publisher -P -g "
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1100	"%(origin)s %(pub)s\n") % {
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1101	"origin": origin, "pub": pfx })
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1102
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1103	logger.warning(_("""\
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1104	Afterwards, the old publisher should be removed by executing the
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1105	following command as a privileged user:
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1106
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1107	pkg unset-publisher %s
a150e634e8c2 13404 publisher prefix failure message needs update / improvement Shawn Walker <srw@sun.com> parents: 1549 diff changeset	1108	""") % self.prefix)
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1109
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1110	def add_repository(self, repository):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1111	"""Adds the provided repository object to the publisher and
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1112	sets it as the selected one if no repositories exist."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1113
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1114	for r in self.__repositories:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1115	if repository.name == r.name:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1116	raise api_errors.DuplicateRepository(
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1117	self.prefix)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1118	for o in repository.origins:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1119	if o.uri in r.origins:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1120	raise api_errors.DuplicateRepository(
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1121	self.prefix)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1122
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1123	self.__repositories.append(repository)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1124	if len(self.__repositories) == 1:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1125	self.selected_repository = repository
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1126
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1127	@property
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1128	def catalog(self):
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1129	"""A reference to the Catalog object for the publisher's
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1130	selected repository, or None if available."""
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1131
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1132	if not self.meta_root:
2219 60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	1133	if self.__catalog:
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	1134	return self.__catalog
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1135	return None
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1136
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1137	if not self.__catalog:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1138	croot = self.catalog_root
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1139	if not os.path.isdir(croot):
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1140	# Current meta_root structure is likely in
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1141	# a state of transition, so don't provide a
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1142	# meta_root. Assume that an empty catalog
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1143	# is desired instead. (This can happen during
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1144	# an image format upgrade.)
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1145	croot = None
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1146	self.__catalog = pkg.catalog.Catalog(
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1147	meta_root=croot)
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1148	return self.__catalog
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1149
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1150	@property
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1151	def catalog_root(self):
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1152	"""The absolute pathname of the directory containing the
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1153	Catalog data for the publisher, or None if meta_root is
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1154	not defined."""
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1155
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1156	if self.meta_root:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1157	return os.path.join(self.meta_root, "catalog")
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1158
1087 293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1159	def create_meta_root(self):
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1160	"""Create the publisher's meta_root."""
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1161
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1162	if not self.meta_root:
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1163	raise api_errors.BadPublisherMetaRoot(self.meta_root,
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1164	operation="create_meta_root")
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1165
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1166	for path in (self.meta_root, self.catalog_root):
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1167	try:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1168	os.makedirs(path)
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1169	except EnvironmentError, e:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1170	if e.errno == errno.EACCES:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1171	raise api_errors.PermissionsException(
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1172	e.filename)
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1173	if e.errno == errno.EROFS:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1174	raise api_errors.ReadOnlyFileSystemException(
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1175	e.filename)
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1176	elif e.errno != errno.EEXIST:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1177	# If the path already exists, move on.
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1178	# Otherwise, raise the exception.
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1179	raise
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1180	# Optional roots not needed for all operations.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1181	for path in (self.cert_root, self.__subj_root, self.__crl_root):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1182	try:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1183	os.makedirs(path)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1184	except EnvironmentError, e:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1185	if e.errno in (errno.EACCES, errno.EROFS):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1186	pass
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1187	elif e.errno != errno.EEXIST:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1188	# If the path already exists, move on.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1189	# Otherwise, raise the exception.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1190	raise
1087 293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1191
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1192	def get_repository(self, name=None, origin=None):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1193	"""Returns the repository object matching the name or that has
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1194	a matching origin URI."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1195
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1196	assert not (name and origin)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1197	for r in self.__repositories:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1198	if (name and r.name == name) or (origin and
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1199	r.has_origin(origin)):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1200	return r
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1201	raise api_errors.UnknownRepository(max(name, origin))
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1202
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1203	@property
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1204	def needs_refresh(self):
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1205	"""A boolean value indicating whether the publisher's
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1206	metadata for the currently selected repository needs to be
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1207	refreshed."""
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1208
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1209	if not self.selected_repository or not self.meta_root:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1210	# Nowhere to obtain metadata from; this should rarely
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1211	# occur except during publisher initialization.
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1212	return False
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1213
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1214	lc = self.last_refreshed
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1215	if not lc:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1216	# There is no record of when the publisher metadata was
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1217	# last refreshed, so assume it should be refreshed now.
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1218	return True
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1219
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1220	ts_now = time.time()
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1221	ts_last = calendar.timegm(lc.utctimetuple())
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1222
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1223	rs = self.selected_repository.refresh_seconds
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1224	if not rs:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1225	# There is no indicator of how often often publisher
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1226	# metadata should be refreshed, so assume it should be
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1227	# now.
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1228	return True
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1229
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1230	if (ts_now - ts_last) >= rs:
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1231	# The number of seconds that has elapsed since the
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1232	# publisher metadata was last refreshed exceeds or
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1233	# equals the specified interval.
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1234	return True
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1235
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1236	return False
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	1237
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1238	def __convert_v0_catalog(self, v0_cat):
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1239	"""Transforms the contents of the provided version 0 Catalog
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1240	into a version 1 Catalog, replacing the current Catalog."""
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1241
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1242	v0_lm = v0_cat.last_modified()
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1243	if v0_lm:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1244	# last_modified can be none if the catalog is empty.
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1245	v0_lm = pkg.catalog.ts_to_datetime(v0_lm)
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1246
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1247	v1_cat = self.catalog
1358 6fec8fbc15a6 11324 package state written to parent boot environment during image-update Shawn Walker <srw@sun.com> parents: 1352 diff changeset	1248
6fec8fbc15a6 11324 package state written to parent boot environment during image-update Shawn Walker <srw@sun.com> parents: 1352 diff changeset	1249	# There's no point in signing this catalog since it's simply
6fec8fbc15a6 11324 package state written to parent boot environment during image-update Shawn Walker <srw@sun.com> parents: 1352 diff changeset	1250	# a transformation of a v0 catalog.
6fec8fbc15a6 11324 package state written to parent boot environment during image-update Shawn Walker <srw@sun.com> parents: 1352 diff changeset	1251	v1_cat.sign = False
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1252
1358 6fec8fbc15a6 11324 package state written to parent boot environment during image-update Shawn Walker <srw@sun.com> parents: 1352 diff changeset	1253	# A check for a previous non-zero package count is made to
6fec8fbc15a6 11324 package state written to parent boot environment during image-update Shawn Walker <srw@sun.com> parents: 1352 diff changeset	1254	# determine whether the last_modified date alone can be
6fec8fbc15a6 11324 package state written to parent boot environment during image-update Shawn Walker <srw@sun.com> parents: 1352 diff changeset	1255	# relied on. This works around some oddities with empty
6fec8fbc15a6 11324 package state written to parent boot environment during image-update Shawn Walker <srw@sun.com> parents: 1352 diff changeset	1256	# v0 catalogs.
1606 7966bbfe38b7 13457 pkg refresh can fail for v0 repository with duplicate entry error Shawn Walker <srw@sun.com> parents: 1604 diff changeset	1257	try:
7966bbfe38b7 13457 pkg refresh can fail for v0 repository with duplicate entry error Shawn Walker <srw@sun.com> parents: 1604 diff changeset	1258	# Could be 'None'
7966bbfe38b7 13457 pkg refresh can fail for v0 repository with duplicate entry error Shawn Walker <srw@sun.com> parents: 1604 diff changeset	1259	n0_pkgs = int(v0_cat.npkgs())
7966bbfe38b7 13457 pkg refresh can fail for v0 repository with duplicate entry error Shawn Walker <srw@sun.com> parents: 1604 diff changeset	1260	except (TypeError, ValueError):
7966bbfe38b7 13457 pkg refresh can fail for v0 repository with duplicate entry error Shawn Walker <srw@sun.com> parents: 1604 diff changeset	1261	n0_pkgs = 0
7966bbfe38b7 13457 pkg refresh can fail for v0 repository with duplicate entry error Shawn Walker <srw@sun.com> parents: 1604 diff changeset	1262
7966bbfe38b7 13457 pkg refresh can fail for v0 repository with duplicate entry error Shawn Walker <srw@sun.com> parents: 1604 diff changeset	1263	if n0_pkgs != v1_cat.package_version_count:
1358 6fec8fbc15a6 11324 package state written to parent boot environment during image-update Shawn Walker <srw@sun.com> parents: 1352 diff changeset	1264	if v0_lm == self.catalog.last_modified:
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1265	# Already converted.
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1266	return
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1267	# Simply rebuild the entire v1 catalog every time, this
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1268	# avoids many of the problems that could happen due to
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1269	# deficiencies in the v0 implementation.
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1270	v1_cat.destroy()
1606 7966bbfe38b7 13457 pkg refresh can fail for v0 repository with duplicate entry error Shawn Walker <srw@sun.com> parents: 1604 diff changeset	1271	self.__catalog = None
7966bbfe38b7 13457 pkg refresh can fail for v0 repository with duplicate entry error Shawn Walker <srw@sun.com> parents: 1604 diff changeset	1272	v1_cat = self.catalog
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1273
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1274	# Now populate the v1 Catalog with the v0 Catalog's data.
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1275	v1_cat.batch_mode = True
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1276	for f in v0_cat.fmris():
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1277	v1_cat.add_package(f)
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1278
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1279	# Normally, the Catalog's attributes are automatically
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1280	# populated as a result of catalog operations. But in
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1281	# this case, we want the v1 Catalog's attributes to
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1282	# match those of the v0 catalog.
1369 e86145680c34 11359 catalog should offer lazy-load mechanism for action metadata Shawn Walker <srw@sun.com> parents: 1358 diff changeset	1283	v1_cat.last_modified = v0_lm
e86145680c34 11359 catalog should offer lazy-load mechanism for action metadata Shawn Walker <srw@sun.com> parents: 1358 diff changeset	1284
e86145680c34 11359 catalog should offer lazy-load mechanism for action metadata Shawn Walker <srw@sun.com> parents: 1358 diff changeset	1285	# While this is a v1 catalog format-wise, v0 data is stored.
e86145680c34 11359 catalog should offer lazy-load mechanism for action metadata Shawn Walker <srw@sun.com> parents: 1358 diff changeset	1286	# This allows consumers to be aware that certain data won't be
e86145680c34 11359 catalog should offer lazy-load mechanism for action metadata Shawn Walker <srw@sun.com> parents: 1358 diff changeset	1287	# available in this catalog (such as dependencies, etc.).
e86145680c34 11359 catalog should offer lazy-load mechanism for action metadata Shawn Walker <srw@sun.com> parents: 1358 diff changeset	1288	v1_cat.version = 0
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1289
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1290	# Finally, save the new Catalog, and replace the old in-memory
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1291	# catalog.
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1292	v1_cat.batch_mode = False
1549 cc81f5023603 13110 image catalog rebuild could be faster Shawn Walker <srw@sun.com> parents: 1516 diff changeset	1293	v1_cat.finalize()
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1294	v1_cat.save()
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1295	self.__catalog = v1_cat
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1296
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1297	def __refresh_v0(self, full_refresh, immediate):
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1298	"""The method to refresh the publisher's metadata against
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1299	a catalog/0 source. If the more recent catalog/1 version
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1300	isn't supported, this routine gets invoked as a fallback."""
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1301
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1302	if full_refresh:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1303	immediate = True
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1304
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1305	# Catalog needs v0 -> v1 transformation if repository only
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1306	# offers v0 catalog.
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1307	v0_cat = old_catalog.ServerCatalog(self.catalog_root,
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1308	read_only=True, publisher=self.prefix)
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1309
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1310	new_cat = True
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1311	v0_lm = None
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1312	if v0_cat.exists:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1313	repo = self.selected_repository
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1314	if full_refresh or v0_cat.origin() not in repo.origins:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1315	try:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1316	v0_cat.destroy(root=self.catalog_root)
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1317	except EnvironmentError, e:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1318	if e.errno == errno.EACCES:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1319	raise api_errors.PermissionsException(
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1320	e.filename)
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1321	if e.errno == errno.EROFS:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1322	raise api_errors.ReadOnlyFileSystemException(
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1323	e.filename)
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1324	raise
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1325	immediate = True
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1326	else:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1327	new_cat = False
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1328	v0_lm = v0_cat.last_modified()
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1329
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1330	if not immediate and not self.needs_refresh:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1331	# No refresh needed.
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1332	return False
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1333
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1334	import pkg.updatelog as old_ulog
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1335	try:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1336	# Note that this currently retrieves a v0 catalog that
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1337	# has to be converted to v1 format.
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1338	self.transport.get_catalog(self, v0_lm)
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1339	except old_ulog.UpdateLogException:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1340	# If an incremental update fails, attempt a full
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1341	# catalog retrieval instead.
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1342	try:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1343	v0_cat.destroy(root=self.catalog_root)
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1344	except EnvironmentError, e:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1345	if e.errno == errno.EACCES:
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1346	raise api_errors.PermissionsException(
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1347	e.filename)
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1348	if e.errno == errno.EROFS:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1349	raise api_errors.ReadOnlyFileSystemException(
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1350	e.filename)
1352 5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1351	raise
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1352	self.transport.get_catalog(self)
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1353
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1354	v0_cat = pkg.server.catalog.ServerCatalog(
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1355	self.catalog_root, read_only=True,
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1356	publisher=self.prefix)
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1357
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1358	self.__convert_v0_catalog(v0_cat)
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1359	self.last_refreshed = dt.datetime.utcnow()
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1360
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1361	if new_cat or v0_lm != v0_cat.last_modified():
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1362	# If the catalog was rebuilt, or the timestamp of the
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1363	# catalog changed, then an update has occurred.
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1364	return True
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1365	return False
5c92c9d342ef 11065 client v1 catalog support for v0 catalogs Shawn Walker <srw@sun.com> parents: 1254 diff changeset	1366
2022 40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1367	def __refresh_v1(self, tempdir, full_refresh, immediate, mismatched):
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1368	"""The method to refresh the publisher's metadata against
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1369	a catalog/1 source. If the more recent catalog/1 version
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1370	isn't supported, __refresh_v0 is invoked as a fallback."""
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1371
2022 40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1372	# If full_refresh is True, then redownload should be True to
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1373	# ensure a non-cached version of the catalog is retrieved.
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1374	# If full_refresh is False, but mismatched is True, then
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1375	# the retrieval requests should indicate that content should
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1376	# be revalidated before being returned. Note that this
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1377	# only applies to the catalog v1 case.
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1378	redownload = full_refresh
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1379	revalidate = not redownload and mismatched
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1380
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1381	try:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1382	self.transport.get_catalog1(self, ["catalog.attrs"],
2022 40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1383	path=tempdir, redownload=redownload,
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1384	revalidate=revalidate)
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1385	except api_errors.UnsupportedRepositoryOperation:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1386	# No v1 catalogs available.
1449 a721d9b0aad2 12273 client catalog can mis-merge state information / lazy-load can fail Shawn Walker <srw@sun.com> parents: 1431 diff changeset	1387	if self.catalog.exists:
a721d9b0aad2 12273 client catalog can mis-merge state information / lazy-load can fail Shawn Walker <srw@sun.com> parents: 1431 diff changeset	1388	# Ensure v1 -> v0 transition works right.
a721d9b0aad2 12273 client catalog can mis-merge state information / lazy-load can fail Shawn Walker <srw@sun.com> parents: 1431 diff changeset	1389	self.catalog.destroy()
a721d9b0aad2 12273 client catalog can mis-merge state information / lazy-load can fail Shawn Walker <srw@sun.com> parents: 1431 diff changeset	1390	self.__catalog = None
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1391	return self.__refresh_v0(full_refresh, immediate)
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1392
1449 a721d9b0aad2 12273 client catalog can mis-merge state information / lazy-load can fail Shawn Walker <srw@sun.com> parents: 1431 diff changeset	1393	# If a v0 catalog is present, remove it before proceeding to
a721d9b0aad2 12273 client catalog can mis-merge state information / lazy-load can fail Shawn Walker <srw@sun.com> parents: 1431 diff changeset	1394	# ensure transitions between catalog versions work correctly.
a721d9b0aad2 12273 client catalog can mis-merge state information / lazy-load can fail Shawn Walker <srw@sun.com> parents: 1431 diff changeset	1395	v0_cat = old_catalog.ServerCatalog(self.catalog_root,
a721d9b0aad2 12273 client catalog can mis-merge state information / lazy-load can fail Shawn Walker <srw@sun.com> parents: 1431 diff changeset	1396	read_only=True, publisher=self.prefix)
a721d9b0aad2 12273 client catalog can mis-merge state information / lazy-load can fail Shawn Walker <srw@sun.com> parents: 1431 diff changeset	1397	if v0_cat.exists:
a721d9b0aad2 12273 client catalog can mis-merge state information / lazy-load can fail Shawn Walker <srw@sun.com> parents: 1431 diff changeset	1398	v0_cat.destroy(root=self.catalog_root)
a721d9b0aad2 12273 client catalog can mis-merge state information / lazy-load can fail Shawn Walker <srw@sun.com> parents: 1431 diff changeset	1399
a721d9b0aad2 12273 client catalog can mis-merge state information / lazy-load can fail Shawn Walker <srw@sun.com> parents: 1431 diff changeset	1400	# If above succeeded, we now have a catalog.attrs file. Parse
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1401	# this to determine what other constituent parts need to be
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1402	# downloaded.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1403	flist = []
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1404	if not full_refresh and self.catalog.exists:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1405	flist = self.catalog.get_updates_needed(tempdir)
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1406	if flist == None:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1407	# Catalog has not changed.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1408	self.last_refreshed = dt.datetime.utcnow()
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1409	return False
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1410	else:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1411	attrs = pkg.catalog.CatalogAttrs(meta_root=tempdir)
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1412	for name in attrs.parts:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1413	locale = name.split(".", 2)[2]
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1414	# XXX Skip parts that aren't in the C locale for
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1415	# now.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1416	if locale != "C":
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1417	continue
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1418	flist.append(name)
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1419
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1420	if flist:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1421	# More catalog files to retrieve.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1422	try:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1423	self.transport.get_catalog1(self, flist,
2022 40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1424	path=tempdir, redownload=redownload,
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1425	revalidate=revalidate)
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1426	except api_errors.UnsupportedRepositoryOperation:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1427	# Couldn't find a v1 catalog after getting one
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1428	# before. This would be a bizzare error, but we
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1429	# can try for a v0 catalog anyway.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1430	return self.__refresh_v0(full_refresh,
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1431	immediate)
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1432
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1433	# At this point the client should have a set of the constituent
1449 a721d9b0aad2 12273 client catalog can mis-merge state information / lazy-load can fail Shawn Walker <srw@sun.com> parents: 1431 diff changeset	1434	# pieces that are necessary to construct a catalog. If a
a721d9b0aad2 12273 client catalog can mis-merge state information / lazy-load can fail Shawn Walker <srw@sun.com> parents: 1431 diff changeset	1435	# catalog already exists, call apply_updates. Otherwise,
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1436	# move the files to the appropriate location.
2022 40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1437	validate = False
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1438	if not full_refresh and self.catalog.exists:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1439	self.catalog.apply_updates(tempdir)
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1440	else:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1441	if self.catalog.exists:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1442	# This is a full refresh. Destroy
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1443	# the existing catalog.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1444	self.catalog.destroy()
2022 40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1445	self.__catalog = None
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1446
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1447	for fn in os.listdir(tempdir):
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1448	srcpath = os.path.join(tempdir, fn)
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1449	dstpath = os.path.join(self.catalog_root, fn)
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1450	pkg.portable.rename(srcpath, dstpath)
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1451
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1452	# Apply_updates validates the newly constructed catalog.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1453	# If refresh didn't call apply_updates, arrange to
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1454	# have the new catalog validated.
2022 40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1455	validate = True
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1456
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1457	# Update refresh time.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1458	self.last_refreshed = dt.datetime.utcnow()
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1459
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1460	# Clear __catalog, so we'll read in the new catalog.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1461	self.__catalog = None
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1462
2022 40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1463	if validate:
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1464	try:
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1465	self.catalog.validate()
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1466	except api_errors.BadCatalogSignatures:
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1467	# If signature validation fails here, that means
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1468	# that the attributes and individual parts were
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1469	# self-consistent and not corrupt, but that the
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1470	# attributes and parts didn't match. This could
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1471	# be the result of a broken source providing
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1472	# an attributes file that is much older or newer
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1473	# than the catalog parts being provided.
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1474	self.catalog.destroy()
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1475	self.__catalog = None
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1476	raise api_errors.MismatchedCatalog(self.prefix)
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1477	return True
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1478
2022 40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1479	def __refresh(self, full_refresh, immediate, mismatched=False):
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1480	"""The method to handle the overall refresh process. It
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1481	determines if a refresh is actually needed, and then calls
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1482	the first version-specific refresh method in the chain."""
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1483
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1484	assert self.catalog_root
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1485	assert self.transport
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1486
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1487	if full_refresh:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1488	immediate = True
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1489
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1490	# Ensure consistent directory structure.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1491	self.create_meta_root()
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1492
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1493	# Check if we already have a v1 catalog on disk.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1494	if not full_refresh and self.catalog.exists:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1495	# If catalog is on disk, check if refresh is necessary.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1496	if not immediate and not self.needs_refresh:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1497	# No refresh needed.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1498	return False
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1499
2219 60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	1500	if not self.selected_repository.origins:
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	1501	# Nothing to do.
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	1502	return False
60ad60f7592c 2152 standalone package support needed (on-disk format) Shawn Walker <shawn.walker@oracle.com> parents: 2215 diff changeset	1503
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1504	# Create temporary directory for assembly of catalog pieces.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1505	try:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1506	tempdir = tempfile.mkdtemp(dir=self.catalog_root)
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1507	except EnvironmentError, e:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1508	if e.errno == errno.EACCES:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1509	raise api_errors.PermissionsException(
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1510	e.filename)
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1511	if e.errno == errno.EROFS:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1512	raise api_errors.ReadOnlyFileSystemException(
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1513	e.filename)
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1514	raise
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1515
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1516	# Ensure that the temporary directory gets removed regardless
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1517	# of success or failure.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1518	try:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1519	rval = self.__refresh_v1(tempdir, full_refresh,
2022 40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1520	immediate, mismatched)
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1521
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1522	# Perform publisher metadata sanity checks.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1523	self.__validate_metadata()
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1524
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1525	return rval
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1526	finally:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1527	# Cleanup tempdir.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1528	shutil.rmtree(tempdir, True)
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1529
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1530	def refresh(self, full_refresh=False, immediate=False):
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1531	"""Refreshes the publisher's metadata, returning a boolean
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1532	value indicating whether any updates to the publisher's
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1533	metadata occurred.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1534
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1535	'full_refresh' is an optional boolean value indicating whether
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1536	a full retrieval of publisher metadata (e.g. catalogs) or only
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1537	an update to the existing metadata should be performed. When
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1538	True, 'immediate' is also set to True.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1539
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1540	'immediate' is an optional boolean value indicating whether
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1541	a refresh should occur now. If False, a publisher's selected
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1542	repository will be checked for updates only if needs_refresh
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1543	is True."""
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1544
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1545	try:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1546	return self.__refresh(full_refresh, immediate)
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1547	except (api_errors.BadCatalogUpdateIdentity,
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1548	api_errors.DuplicateCatalogEntry,
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1549	api_errors.ObsoleteCatalogUpdate,
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1550	api_errors.UnknownUpdateType):
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1551	if full_refresh:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1552	# Completely unexpected failure.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1553	# These exceptions should never
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1554	# be raised for a full refresh
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1555	# case anyway, so the error should
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1556	# definitely be raised.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1557	raise
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1558
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1559	# The incremental update likely failed for one or
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1560	# more of the following reasons:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1561	#
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1562	# * The origin for the publisher has changed.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1563	#
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1564	# * The catalog that the publisher is offering
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1565	# is now completely different (due to a restore
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1566	# from backup or --rebuild possibly).
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1567	#
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1568	# * The catalog that the publisher is offering
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1569	# has been restored to an older version, and
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1570	# packages that already exist in this client's
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1571	# copy of the catalog have been re-addded.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1572	#
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1573	# * The type of incremental update operation that
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1574	# that was performed on the catalog isn't supported
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1575	# by this version of the client, so a full retrieval
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1576	# is required.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1577	#
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1578	return self.__refresh(True, True)
2022 40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1579	except api_errors.MismatchedCatalog:
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1580	if full_refresh:
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1581	# If this was a full refresh, don't bother
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1582	# retrying as it implies that the content
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1583	# retrieved wasn't cached.
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1584	raise
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1585
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1586	# Retrieval of the catalog attributes and/or parts was
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1587	# successful, but the identity (digest or other
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1588	# information) didn't match the catalog attributes.
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1589	# This could be the result of a misbehaving or stale
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1590	# cache.
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1591	return self.__refresh(False, True, mismatched=True)
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1592	except (api_errors.BadCatalogSignatures,
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1593	api_errors.InvalidCatalogFile):
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1594	# Assembly of the catalog failed, but this could be due
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1595	# to a transient error. So, retry at least once more.
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1596	return self.__refresh(True, True)
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1597	except (api_errors.BadCatalogSignatures,
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1598	api_errors.InvalidCatalogFile):
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1599	# Assembly of the catalog failed, but this could be due
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1600	# to a transient error. So, retry at least once more.
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1601	return self.__refresh(True, True)
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1602
1087 293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1603	def remove_meta_root(self):
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1604	"""Removes the publisher's meta_root."""
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1605
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1606	if not self.meta_root:
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1607	raise api_errors.BadPublisherMetaRoot(self.meta_root,
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1608	operation="remove_meta_root")
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1609
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1610	try:
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1611	shutil.rmtree(self.meta_root)
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1612	except EnvironmentError, e:
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1613	if e.errno == errno.EACCES:
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1614	raise api_errors.PermissionsException(
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1615	e.filename)
1431 62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1616	if e.errno == errno.EROFS:
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1617	raise api_errors.ReadOnlyFileSystemException(
62b6033670e4 10416 server catalog v1 support desired Shawn Walker <srw@sun.com> parents: 1369 diff changeset	1618	e.filename)
1087 293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1619	if e.errno not in (errno.ENOENT, errno.ESRCH):
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1620	raise
293c0aa5f32e 8214 load_catalogs should only load catalog data when needed Shawn Walker <srw@sun.com> parents: 996 diff changeset	1621
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1622	def remove_repository(self, name=None, origin=None):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1623	"""Removes the repository object matching the name or that has
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1624	a matching origin URI from the publisher."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1625
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1626	assert not (name and origin)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1627	for i, r in enumerate(self.__repositories):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1628	if (name and r.name == name) or (origin and
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1629	r.has_origin(origin)):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1630	if r != self.selected_repository:
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1631	# Immediate return as the index into the
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1632	# array changes with each removal.
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1633	del self.__repositories[i]
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1634	return
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1635	raise api_errors.SelectedRepositoryRemoval(r)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1636
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1637	def reset_client_uuid(self):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1638	"""Replaces the current client_uuid with a new UUID."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1639
1516 8c950a3b4171 10485 move pkg(5) to Python 2.6 Rich Burridge <rich.burridge@sun.com> parents: 1505 diff changeset	1640	self.__client_uuid = str(uuid.uuid1())
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1641
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1642	def set_selected_repository(self, name=None, origin=None):
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1643	"""Sets the selected repository for the publisher to the
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1644	repository object matching the name or that has a matching
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1645	origin URI."""
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1646
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1647	self.__selected_repository = self.get_repository(name=name,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1648	origin=origin)
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	1649
2022 40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1650	def validate_config(self, repo_uri=None):
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1651	"""Verify that the publisher's configuration (such as prefix)
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1652	matches that provided by the repository. If the configuration
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1653	does not match as expected, an UnknownRepositoryPublishers
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1654	exception will be raised.
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1655
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1656	'repo_uri' is an optional RepositoryURI object or URI string
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1657	containing the location of the repository. If not provided,
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1658	the publisher's selected_repository will be used instead."""
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1659
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1660	if repo_uri and not isinstance(repo_uri, RepositoryURI):
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1661	repo = RepositoryURI(repo_uri)
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1662	elif not repo_uri:
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1663	# Transport actually allows both type of objects.
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1664	repo = self
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1665	else:
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1666	repo = repo_uri
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1667
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1668	pubs = None
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1669	try:
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1670	pubs = self.transport.get_publisherdata(repo)
2028 b2c674e6ee28 16744 repository multi-publisher on-disk format should be formalized and implemented Shawn Walker <shawn.walker@oracle.com> parents: 2026 diff changeset	1671	except (api_errors.TransportError,
b2c674e6ee28 16744 repository multi-publisher on-disk format should be formalized and implemented Shawn Walker <shawn.walker@oracle.com> parents: 2026 diff changeset	1672	api_errors.UnsupportedRepositoryOperation):
b2c674e6ee28 16744 repository multi-publisher on-disk format should be formalized and implemented Shawn Walker <shawn.walker@oracle.com> parents: 2026 diff changeset	1673	# Nothing more can be done (because the target origin
b2c674e6ee28 16744 repository multi-publisher on-disk format should be formalized and implemented Shawn Walker <shawn.walker@oracle.com> parents: 2026 diff changeset	1674	# can't be contacted, or beacuse it doesn't support
b2c674e6ee28 16744 repository multi-publisher on-disk format should be formalized and implemented Shawn Walker <shawn.walker@oracle.com> parents: 2026 diff changeset	1675	# retrievel of publisher configuration data).
2022 40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1676	return
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1677
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1678	if not pubs:
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1679	raise api_errors.RepoPubConfigUnavailable(
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1680	location=repo_uri, pub=self)
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1681
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1682	if self.prefix not in pubs:
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1683	known = [p.prefix for p in pubs]
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1684	if repo_uri:
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1685	raise api_errors.UnknownRepositoryPublishers(
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1686	known=known, unknown=[self.prefix],
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1687	location=repo_uri)
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1688	raise api_errors.UnknownRepositoryPublishers(
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1689	known=known, unknown=[self.prefix],
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1690	origins=self.selected_repository.origins)
40fbda1e14b7 16715 publisher refresh should validate retrieved catalog parts using catalog attributes Shawn Walker <shawn.walker@oracle.com> parents: 1968 diff changeset	1691
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	1692	def approve_ca_cert(self, cert, trust_anchors=None, img_policy=None):
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1693	"""Add the cert as a CA for manifest signing for this publisher.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1694
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1695	The 'cert' parameter as a string of the certificate to add.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1696
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1697	The 'trust_anchors' parameter is a dictionary which contains
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1698	the trust anchors to use to validate the certificate.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1699
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1700	The 'img_policy' parameter is the signature policy for the
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1701	image."""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1702
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	1703	hsh = self.__add_cert(cert)
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	1704	# If the user had previously revoked this certificate, remove
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1705	# the certificate from that list.
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	1706	if hsh in self.revoked_ca_certs:
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1707	t = set(self.revoked_ca_certs)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1708	t.remove(hsh)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1709	self.revoked_ca_certs = list(t)
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	1710	self.approved_ca_certs.append(hsh)
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1711
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1712	def revoke_ca_cert(self, s):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1713	"""Record that the cert with hash 's' is no longer trusted
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1714	as a CA. This method currently assumes it's only invoked as
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1715	a result of user action."""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1716
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1717	self.revoked_ca_certs.append(s)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1718	self.revoked_ca_certs = list(set(
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1719	self.revoked_ca_certs))
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1720	if s in self.approved_ca_certs:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1721	t = set(self.approved_ca_certs)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1722	t.remove(s)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1723	self.approved_ca_certs = list(t)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1724
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1725	def unset_ca_cert(self, s):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1726	"""If the cert with hash 's' has been added or removed by the
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1727	user, undo the add or removal."""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1728
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1729	if s in self.approved_ca_certs:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1730	t = set(self.approved_ca_certs)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1731	t.remove(s)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1732	self.approved_ca_certs = list(t)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1733	if s in self.revoked_ca_certs:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1734	t = set(self.revoked_ca_certs)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1735	t.remove(s)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1736	self.revoked_ca_certs = list(t)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1737
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	1738	@staticmethod
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	1739	def __hash_cert(s):
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	1740	return hashlib.sha1(s).hexdigest()
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	1741
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	1742	def __add_cert(self, s):
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1743	"""Add the certificate stored as a string in 's' to the
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1744	certificates this publisher knows about."""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1745
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1746	self.create_meta_root()
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	1747	pkg_hash = self.__hash_cert(s)
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1748	pkg_hash_pth = os.path.join(self.cert_root, pkg_hash)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1749	try:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1750	with open(pkg_hash_pth, "wb") as fh:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1751	fh.write(s)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1752	except EnvironmentError, e:
2073 9fcacc9e5eaa 16998 transport should support publisher-specific write and read caches Shawn Walker <shawn.walker@oracle.com> parents: 2028 diff changeset	1753	raise api_errors._convert_error(e)
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1754	try:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1755	c = m2.X509.load_cert_string(s)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1756	except m2.X509.X509Error, e:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1757	try:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1758	portable.remove(pkg_hash_pth)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1759	except:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1760	# Pass because the bad file format error is the
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1761	# more important one.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1762	pass
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1763	raise api_errors.BadFileFormat(_("The file with hash "
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1764	"%s was expected to be a PEM certificate but it "
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1765	"could not be read.") % pkg_hash)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1766
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1767	# Note that while we store certs by their subject hashes,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1768	# M2Crypto's subject hashes differ from what openssl reports
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1769	# the subject hash to be.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1770	subj_hsh = c.get_subject().as_hash()
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1771	c = 0
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1772	made_link = False
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1773	while not made_link:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1774	fn = os.path.join(self.__subj_root,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1775	"%s.%s" % (subj_hsh, c))
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1776	if os.path.exists(fn):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1777	c += 1
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1778	else:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1779	try:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1780	portable.link(pkg_hash_pth, fn)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1781	except EnvironmentError, e:
2073 9fcacc9e5eaa 16998 transport should support publisher-specific write and read caches Shawn Walker <shawn.walker@oracle.com> parents: 2028 diff changeset	1782	raise api_errors._convert_error(e)
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1783	made_link = True
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1784	return pkg_hash
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1785
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1786	def get_cert_by_hash(self, pkg_hash, verify_hash=False,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1787	only_retrieve=False):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1788	"""Given a pkg5 hash, retrieve the cert that's associated with
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1789	it.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1790
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1791	The 'pkg_hash' parameter contains the file hash of the
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1792	certificate to retrieve.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1793
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1794	The 'verify_hash' parameter determines the file that's read
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1795	from disk matches the expected hash.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1796
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1797	The 'only_retrieve' parameter determines whether a X509 object
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1798	is built from the certificate retrieved or if the certificate
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1799	is only stored on disk. """
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1800
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1801	assert not (verify_hash and only_retrieve)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1802	pth = os.path.join(self.cert_root, pkg_hash)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1803	if not os.path.exists(pth):
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	1804	self.__add_cert(self.transport.get_content(self,
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1805	pkg_hash))
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1806	if only_retrieve:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1807	return None
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1808	with open(pth, "rb") as fh:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1809	s = fh.read()
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1810	c = m2.X509.load_cert_string(s)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1811
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1812	if verify_hash:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1813	h = misc.get_data_digest(cStringIO.StringIO(s),
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1814	length=len(s))[0]
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1815	if h != pkg_hash:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1816	raise api_errors.ModifiedCertificateException(c,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1817	pth)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1818	return c
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1819
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	1820	def __get_certs_by_name(self, name):
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1821	"""Given 'name', a M2Crypto X509_Name, return the certs with
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1822	that name as a subject."""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1823
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1824	res = []
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1825	c = 0
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1826	name_hsh = name.as_hash()
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1827	try:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1828	while True:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1829	pth = os.path.join(self.__subj_root,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1830	"%s.%s" % (name_hsh, c))
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1831	cert = m2.X509.load_cert(pth)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1832	res.append(cert)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1833	c += 1
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1834	except EnvironmentError, e:
2073 9fcacc9e5eaa 16998 transport should support publisher-specific write and read caches Shawn Walker <shawn.walker@oracle.com> parents: 2028 diff changeset	1835	t = api_errors._convert_error(e,
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1836	[errno.ENOENT])
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1837	if t:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1838	raise t
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1839	return res
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1840
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1841	def get_ca_certs(self):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1842	"""Return a dictionary of the CA certificates for this
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1843	publisher."""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1844
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1845	if self.ca_dict is not None:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1846	return self.ca_dict
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1847	self.ca_dict = {}
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1848	# CA certs approved for this publisher are stored by hash to
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1849	# prevent the later substitution or confusion over what certs
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1850	# have or have not been approved.
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	1851	for h in set(self.approved_ca_certs):
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1852	c = self.get_cert_by_hash(h, verify_hash=True)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1853	s = c.get_subject().as_hash()
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1854	self.ca_dict.setdefault(s, [])
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1855	self.ca_dict[s].append(c)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1856	return self.ca_dict
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1857
2073 9fcacc9e5eaa 16998 transport should support publisher-specific write and read caches Shawn Walker <shawn.walker@oracle.com> parents: 2028 diff changeset	1858	def update_props(self, set_props=EmptyI, add_prop_values=EmptyDict,
9fcacc9e5eaa 16998 transport should support publisher-specific write and read caches Shawn Walker <shawn.walker@oracle.com> parents: 2028 diff changeset	1859	remove_prop_values=EmptyDict, unset_props=EmptyI):
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1860	"""Update the properties set for this publisher with the ones
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1861	provided as arguments. The order of application is that any
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1862	existing properties are unset, then properties are set to their
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1863	new values, then values are added to properties, and finally
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1864	values are removed from properties."""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1865
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1866	# Delay validation so that any intermittent inconsistent state
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1867	# doesn't cause problems.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1868	self.__delay_validation = True
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1869	# Remove existing properties.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1870	for n in unset_props:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1871	self.properties.pop(n, None)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1872	# Add or reset new properties.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1873	self.properties.update(set_props)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1874	# Add new values to properties.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1875	for n in add_prop_values.keys():
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1876	self.properties.setdefault(n, [])
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1877	self.properties[n].extend(add_prop_values[n])
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1878	# Remove values from properties.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1879	for n in remove_prop_values.keys():
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1880	if n not in self.properties:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1881	raise api_errors.InvalidPropertyValue(_(
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1882	"Cannot remove a value from the property "
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1883	"%(name)s because the property does not "
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1884	"exist.") % {"name":n})
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1885	if not isinstance(self.properties[n], list):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1886	raise api_errors.InvalidPropertyValue(_(
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1887	"Cannot remove a value from a single "
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1888	"valued property, unset must be used. The "
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1889	"property name is '%(name)s' and the "
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1890	"current value is '%(value)s'") %
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1891	{"name":n, "value":self.properties[n]})
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1892	for v in remove_prop_values[n]:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1893	try:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1894	self.properties[n].remove(v)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1895	except ValueError:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1896	raise api_errors.InvalidPropertyValue(_(
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1897	"Cannot remove the value %(value)s "
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1898	"from the property %(name)s "
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1899	"because the value is not in the "
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1900	"property's list.") %
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1901	{"value":v, "name":n})
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1902	self.__delay_validation = False
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1903	self.__validate_properties()
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1904
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1905	def __validate_properties(self):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1906	"""Check that the properties set for this publisher are
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1907	consistent with each other."""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1908
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1909	if self.__properties.get(SIGNATURE_POLICY, "") == \
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1910	"require-names":
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1911	if not self.__properties.get("signature-required-names",
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1912	None):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1913	raise api_errors.InvalidPropertyValue(_(
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1914	"At least one name must be provided for "
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1915	"the signature-required-names policy."))
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1916
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1917	def __format_safe_read_crl(self, pth):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1918	"""CRLs seem to frequently come in DER format, so try reading
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1919	the CRL using both of the formats before giving up."""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1920
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1921	try:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1922	return m2.X509.load_crl(pth)
2073 9fcacc9e5eaa 16998 transport should support publisher-specific write and read caches Shawn Walker <shawn.walker@oracle.com> parents: 2028 diff changeset	1923	except m2.X509.X509Error:
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1924	try:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1925	return m2.X509.load_crl(pth,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1926	format=m2.X509.FORMAT_DER)
2073 9fcacc9e5eaa 16998 transport should support publisher-specific write and read caches Shawn Walker <shawn.walker@oracle.com> parents: 2028 diff changeset	1927	except m2.X509.X509Error:
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1928	raise api_errors.BadFileFormat(_("The CRL file "
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1929	"%s is not in a recognized format.") %
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1930	pth)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1931
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	1932	def __get_crl(self, uri):
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1933	"""Given a URI (for now only http URIs are supported), return
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1934	the CRL object created from the file stored at that uri."""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1935
2263 42b8af0a12a1 17776 Need to update m2crypto to version 0.21.1 Brock Pytlik <brock.pytlik@oracle.com> parents: 2219 diff changeset	1936	uri = uri.strip()
42b8af0a12a1 17776 Need to update m2crypto to version 0.21.1 Brock Pytlik <brock.pytlik@oracle.com> parents: 2219 diff changeset	1937	if uri.startswith("Full Name:"):
42b8af0a12a1 17776 Need to update m2crypto to version 0.21.1 Brock Pytlik <brock.pytlik@oracle.com> parents: 2219 diff changeset	1938	uri = uri[len("Full Name:"):]
42b8af0a12a1 17776 Need to update m2crypto to version 0.21.1 Brock Pytlik <brock.pytlik@oracle.com> parents: 2219 diff changeset	1939	uri = uri.strip()
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1940	if uri.startswith("URI:"):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1941	uri = uri[4:]
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1942	if not uri.startswith("http://") and \
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1943	not uri.startswith("file://"):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1944	raise api_errors.InvalidResourceLocation(uri.strip())
2272 d81ea073d050 3617 Testsuite should allow choice for base port to use Brock Pytlik <brock.pytlik@oracle.com> parents: 2263 diff changeset	1945	crl_host = DebugValues.get_value("crl_host")
d81ea073d050 3617 Testsuite should allow choice for base port to use Brock Pytlik <brock.pytlik@oracle.com> parents: 2263 diff changeset	1946	if crl_host:
d81ea073d050 3617 Testsuite should allow choice for base port to use Brock Pytlik <brock.pytlik@oracle.com> parents: 2263 diff changeset	1947	orig = urlparse.urlparse(uri)
d81ea073d050 3617 Testsuite should allow choice for base port to use Brock Pytlik <brock.pytlik@oracle.com> parents: 2263 diff changeset	1948	crl = urlparse.urlparse(crl_host)
d81ea073d050 3617 Testsuite should allow choice for base port to use Brock Pytlik <brock.pytlik@oracle.com> parents: 2263 diff changeset	1949	uri = urlparse.urlunparse(urlparse.ParseResult(
d81ea073d050 3617 Testsuite should allow choice for base port to use Brock Pytlik <brock.pytlik@oracle.com> parents: 2263 diff changeset	1950	scheme=crl.scheme, netloc=crl.netloc,
d81ea073d050 3617 Testsuite should allow choice for base port to use Brock Pytlik <brock.pytlik@oracle.com> parents: 2263 diff changeset	1951	path=orig.path,
d81ea073d050 3617 Testsuite should allow choice for base port to use Brock Pytlik <brock.pytlik@oracle.com> parents: 2263 diff changeset	1952	params=orig.params, query=orig.params,
d81ea073d050 3617 Testsuite should allow choice for base port to use Brock Pytlik <brock.pytlik@oracle.com> parents: 2263 diff changeset	1953	fragment=orig.fragment))
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1954	fn = urllib.quote(uri, "")
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1955	assert os.path.isdir(self.__crl_root)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1956	fpath = os.path.join(self.__crl_root, fn)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1957	crl = None
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1958	# Check if we already have a CRL for this URI.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1959	if os.path.exists(fpath):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1960	# If we already have a CRL, check whether it's time
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1961	# to retrieve a new one from the location.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1962	crl = self.__format_safe_read_crl(fpath)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1963	nu = crl.get_next_update().get_datetime()
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1964	# get_datetime is supposed to return a UTC time, so
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1965	# assert that's the case.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1966	assert nu.tzinfo.utcoffset(nu) == dt.timedelta(0)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1967	# Add timezone info to cur_time so that cur_time and
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1968	# nu can be compared.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1969	cur_time = dt.datetime.now(nu.tzinfo)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1970	if cur_time < nu:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1971	return crl
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1972	# If no CRL already exists or it's time to try to get a new one,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1973	# try to retrieve it from the server.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1974	tmp_pth = fpath + ".tmp"
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1975	with open(tmp_pth, "wb") as fh:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1976	hdl = pycurl.Curl()
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1977	hdl.setopt(pycurl.URL, uri)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1978	hdl.setopt(pycurl.WRITEDATA, fh)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1979	hdl.setopt(pycurl.FAILONERROR, 1)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1980	try:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1981	hdl.perform()
2073 9fcacc9e5eaa 16998 transport should support publisher-specific write and read caches Shawn Walker <shawn.walker@oracle.com> parents: 2028 diff changeset	1982	except pycurl.error:
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1983	# If we should treat failure to get a new CRL
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1984	# as a failure, raise an exception here. If not,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1985	# if we should use an old CRL if it exists,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1986	# return that here. If none is available and
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1987	# that means the cert should not be treated as
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1988	# revoked, return None here.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1989	return crl
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1990	try:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1991	ncrl = self.__format_safe_read_crl(tmp_pth)
2073 9fcacc9e5eaa 16998 transport should support publisher-specific write and read caches Shawn Walker <shawn.walker@oracle.com> parents: 2028 diff changeset	1992	except api_errors.BadFileFormat:
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1993	portable.remove(tmp_pth)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1994	return crl
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1995	portable.rename(tmp_pth, fpath)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1996	return ncrl
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1997
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1998	def __check_crls(self, cert, ca_dict):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	1999	"""Determines whether the certificate has been revoked by its
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2000	CRL.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2001
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2002	The 'cert' parameter is the certificate to check for revocation.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2003
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2004	The 'ca_dict' is a dictionary which maps subject hashes to
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2005	certs treated as trust anchors."""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2006
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2007	# If the certificate doesn't have a CRL location listed, treat
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2008	# it as valid.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2009	try:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2010	ext = cert.get_ext("crlDistributionPoints")
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2011	except LookupError, e:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2012	return True
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2013	uri = ext.get_value()
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2014	crl = self.__get_crl(uri)
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2015	# If we couldn't retrieve a CRL from the distribution point
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2016	# and no CRL is cached on disk, assume the cert has not been
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2017	# revoked. It's possible that this should be an image or
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2018	# publisher setting in the future.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2019	if not crl:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2020	return True
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2021
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2022	# A CRL has been found, now it needs to be validated like
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2023	# a certificate is.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2024	verified_crl = False
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2025	crl_issuer = crl.get_issuer()
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2026	tas = ca_dict.get(crl_issuer.as_hash(), [])
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2027	for t in tas:
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2028	try:
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2029	if crl.verify(t.get_pubkey()):
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2030	# If t isn't approved for signing crls,
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2031	# the exception __check_extensions
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2032	# raises will take the code to the
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2033	# except below.
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2034	self.__check_extensions(t,
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2035	CRL_SIGNING_USE, 0)
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2036	verified_crl = True
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2037	except api_errors.SigningException:
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2038	pass
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2039	if not verified_crl:
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2040	crl_cas = self.__get_certs_by_name(crl_issuer)
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2041	for c in crl_cas:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2042	if crl.verify(c.get_pubkey()):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2043	try:
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2044	self.verify_chain(c, ca_dict, 0,
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2045	usages=CRL_SIGNING_USE,)
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2046	except api_errors.SigningException:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2047	pass
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2048	else:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2049	verified_crl = True
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2050	break
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2051	if not verified_crl:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2052	return True
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2053	# For a certificate to be revoked, its CRL must be validated
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2054	# and revoked the certificate.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2055	rev = crl.is_revoked(cert)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2056	if rev:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2057	raise api_errors.RevokedCertificate(cert, rev[1])
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2058
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2059	def __check_revocation(self, cert, ca_dict):
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2060	txt = cert.as_text() + cert.as_pem()
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2061	hsh = self.__hash_cert(txt)
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2062	if hsh in self.revoked_ca_certs:
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2063	raise api_errors.RevokedCertificate(cert,
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2064	"User manually revoked certificate.")
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2065	self.__check_crls(cert, ca_dict)
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2066
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2067	def __check_extensions(self, cert, usages, cur_pathlen):
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2068	"""Check whether the critical extensions in this certificate
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2069	are supported and allow the provided use(s)."""
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2070
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2071	def check_values(vs):
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2072	for v in vs:
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2073	if v in supported_vs:
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2074	continue
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2075	if v.startswith("PATHLEN:") and \
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2076	"PATHLEN:" in supported_vs:
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2077	try:
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2078	cert_pathlen = int(v[len("PATHLEN:"):])
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2079	except ValueError, e:
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2080	raise api_errors.UnsupportedExtensionValue(cert, ext, v)
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2081	if cur_pathlen > cert_pathlen:
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2082	raise api_errors.PathlenTooShort(cert, cur_pathlen, cert_pathlen)
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2083	continue
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2084	if len(vs) < 2:
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2085	raise api_errors.UnsupportedExtensionValue(cert, ext)
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2086	else:
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2087	raise api_errors.UnsupportedExtensionValue(cert, ext, v)
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2088
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2089
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2090	for i in range(0, cert.get_ext_count()):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2091	ext = cert.get_ext_at(i)
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2092	name = ext.get_name()
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2093	v = ext.get_value().upper()
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2094	# Check whether the extension name is recognized.
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2095	if name in SUPPORTED_EXTENSION_VALUES:
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2096	supported_vs = \
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2097	SUPPORTED_EXTENSION_VALUES[name]
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2098	vs = [s.strip() for s in v.split(",")]
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2099	# Check whether the values for the extension are
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2100	# recognized.
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2101	check_values(vs)
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2102	uses = usages.get(name, [])
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2103	if isinstance(uses, basestring):
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2104	uses = [uses]
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2105	# For each use, check to see whether it's
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2106	# permitted by the certificate's extension
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2107	# values.
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2108	for u in uses:
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2109	if u not in vs:
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2110	raise api_errors.InappropriateCertificateUse(cert, ext, u)
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2111	# If the extension name is unrecognized and critical,
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2112	# then the chain cannot be verified.
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2113	elif ext.get_critical():
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2114	raise api_errors.UnsupportedCriticalExtension(
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2115	cert, ext)
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2116
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2117	def verify_chain(self, cert, ca_dict, cur_pathlen, required_names=None,
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2118	usages=None):
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2119	"""Validates the certificate against the given trust anchors.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2120
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2121	The 'cert' parameter is the certificate to validate.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2122
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2123	The 'ca_dict' parameter is a dictionary which maps subject
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2124	hashes to certs treated as trust anchors.
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2125
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2126	The 'cur_pathlen' parameter is an integer indicating how many
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2127	certificates have been found between cert and the leaf cert.
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2128
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2129	The 'required_names' parameter is a set of strings that must
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2130	be seen as a CN in the chain of trust for the certificate."""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2131
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2132	if required_names is None:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2133	required_names = set()
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2134	verified = False
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2135	continue_loop = True
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2136	certs_with_problems = []
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2137
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2138	ca_dict = copy.copy(ca_dict)
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2139	for k, v in self.get_ca_certs().iteritems():
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2140	if k in ca_dict:
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2141	ca_dict[k].extend(v)
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2142	else:
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2143	ca_dict[k] = v
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2144
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2145	def merge_dicts(d1, d2):
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2146	"""Function for merging usage dictionaries."""
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2147	res = copy.deepcopy(d1)
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2148	for k in d2:
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2149	if k in res:
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2150	res[k].extend(d2[k])
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2151	else:
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2152	res[k] = d2[k]
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2153	return res
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2154
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2155	def discard_names(cert, required_names):
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2156	for cert_cn in [
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2157	str(c.get_data())
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2158	for c
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2159	in cert.get_subject().get_entries_by_nid(
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2160	m2.X509.X509_Name.nid["CN"])
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2161	]:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2162	required_names.discard(cert_cn)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2163
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2164	if not usages:
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2165	usages = {}
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2166	for u in POSSIBLE_USES:
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2167	usages = merge_dicts(usages, u)
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2168
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2169	# Check whether we can validate this certificate.
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2170	self.__check_extensions(cert, usages, cur_pathlen)
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2171
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2172	# Check whether this certificate has been revoked.
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2173	self.__check_revocation(cert, ca_dict)
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2174
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2175	while continue_loop:
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2176	# If this certificate's CN is in the set of required
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2177	# names, remove it.
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2178	discard_names(cert, required_names)
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2179
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2180	# Find the certificate that issued this certificate.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2181	issuer = cert.get_issuer()
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2182	issuer_hash = issuer.as_hash()
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2183
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2184	# See whether this certificate was issued by any of the
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2185	# given trust anchors.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2186	for c in ca_dict.get(issuer_hash, []):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2187	if cert.verify(c.get_pubkey()):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2188	verified = True
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2189	# Remove any required names found in the
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2190	# trust anchor.
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2191	discard_names(c, required_names)
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2192	# If there are more names to check for
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2193	# continue up the chain of trust to look
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2194	# for them.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2195	if not required_names:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2196	continue_loop = False
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2197	break
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2198
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2199	# If the subject and issuer for this certificate are
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2200	# identical and the certificate hasn't been verified
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2201	# then this is an untrusted self-signed cert and should
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2202	# be rejected.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2203	if cert.get_subject().as_hash() == issuer_hash:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2204	if not verified:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2205	raise \
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2206	api_errors.UntrustedSelfSignedCert(
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2207	cert)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2208	# This break should break the
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2209	# while continue_loop loop.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2210	break
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2211
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2212	# If the certificate hasn't been issued by a trust
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2213	# anchor or more names need to be found, continue
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2214	# looking up the chain of trust.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2215	if continue_loop:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2216	up_chain = False
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2217	# Keep track of certs that would have verified
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2218	# this certificate but had critical extensions
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2219	# we can't handle yet for error reporting.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2220	certs_with_problems = []
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2221	for c in self.__get_certs_by_name(issuer):
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2222	# If the certificate is approved to
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2223	# sign another certificate, verifies
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2224	# the current certificate, and hasn't
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2225	# been revoked, consider it as the
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2226	# next link in the chain. check_ca
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2227	# checks both the basicConstraints
b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2228	# extension and the keyUsage extension.
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2229	if c.check_ca() and \
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2230	cert.verify(c.get_pubkey()):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2231	problem = False
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2232	# Check whether this certificate
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2233	# has a critical extension we
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2234	# don't understand.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2235	try:
2215 b4355e8c5097 16856 need to check keyUsage for leaf certs Brock Pytlik <brock.pytlik@oracle.com> parents: 2100 diff changeset	2236	self.__check_extensions(
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2237	c, CERT_SIGNING_USE,
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2238	cur_pathlen)
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2239	self.__check_revocation(c,
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2240	ca_dict)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2241	except (api_errors.UnsupportedCriticalExtension, api_errors.RevokedCertificate), e:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2242	certs_with_problems.append(e)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2243	problem = True
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2244	# If this certificate has no
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2245	# problems with it, it's the
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2246	# next link in the chain so make
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2247	# it the current certificate and
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2248	# add one to cur_pathlen since
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2249	# there's one more chain cert
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2250	# between the code signing cert
938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2251	# and the root of the chain.
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2252	if not problem:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2253	up_chain = True
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2254	cert = c
2286 938fbb350ad2 16867 pkgsign should handle existing signatures better Brock Pytlik <brock.pytlik@oracle.com> parents: 2272 diff changeset	2255	cur_pathlen += 1
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2256	break
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2257	# If there's not another link in the chain to be
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2258	# found, stop the iteration.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2259	if not up_chain:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2260	continue_loop = False
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2261	# If the certificate wasn't verified against a trust anchor,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2262	# raise an exception.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2263	if not verified:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2264	raise api_errors.BrokenChain(cert,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2265	certs_with_problems)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2266
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2267	alias = property(lambda self: self.__alias, __set_alias,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2268	doc="An alternative name for a publisher.")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2269
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2270	client_uuid = property(lambda self: self.__client_uuid,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2271	__set_client_uuid,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2272	doc="A Universally Unique Identifier (UUID) used to identify a "
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2273	"client image to a publisher.")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2274
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2275	disabled = property(lambda self: self.__disabled, __set_disabled,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2276	doc="A boolean value indicating whether the publisher should be "
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2277	"used for packaging operations.")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2278
996 31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	2279	last_refreshed = property(__get_last_refreshed, __set_last_refreshed,
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	2280	doc="A datetime object representing the time (in UTC) the "
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	2281	"publisher's selected repository was last refreshed for new "
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	2282	"metadata (such as catalog updates). 'None' if the publisher "
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	2283	"hasn't been refreshed yet or the time is not available.")
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	2284
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	2285	meta_root = property(lambda self: self.__meta_root, __set_meta_root,
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	2286	doc="The absolute pathname of the directory where the publisher's "
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	2287	"metadata should be written to and read from.")
31d152a5212b 7582 pkg set-publisher --no-refresh will delete catalogs Shawn Walker <Shawn.Walker@Sun.COM> parents: 926 diff changeset	2288
926 6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2289	prefix = property(lambda self: self.__prefix, __set_prefix,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2290	doc="The name of the publisher.")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2291
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2292	repositories = property(lambda self: self.__repositories,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2293	doc="A list of repository objects that belong to the publisher.")
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2294
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2295	selected_repository = property(lambda self: self.__selected_repository,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2296	__set_selected_repository,
6ee411c9026a 5871 publisher apis desired Shawn Walker <Shawn.Walker@Sun.COM> parents: diff changeset	2297	doc="A reference to the selected repository object.")
1505 cc598d70bbbe 4425 pkg install should deal w/ complex dependency changes in one install Bart Smaalders <Bart.Smaalders@Sun.COM> parents: 1449 diff changeset	2298
cc598d70bbbe 4425 pkg install should deal w/ complex dependency changes in one install Bart Smaalders <Bart.Smaalders@Sun.COM> parents: 1449 diff changeset	2299	sticky = property(lambda self: self.__sticky, __set_stickiness,
cc598d70bbbe 4425 pkg install should deal w/ complex dependency changes in one install Bart Smaalders <Bart.Smaalders@Sun.COM> parents: 1449 diff changeset	2300	doc="Whether or not installed packages from this publisher are"
cc598d70bbbe 4425 pkg install should deal w/ complex dependency changes in one install Bart Smaalders <Bart.Smaalders@Sun.COM> parents: 1449 diff changeset	2301	" always preferred to other publishers.")
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2302
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2303	def __get_prop(self, name):
2097 068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2304	"""Accessor method for properties dictionary"""
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2305	return self.__properties[name]
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2306
2097 068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2307	@staticmethod
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2308	def __read_list(list_str):
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2309	"""Take a list in string representation and convert it back
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2310	to a Python list."""
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2311
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2312	list_str = list_str.encode("utf-8")
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2313	# Strip brackets and any whitespace
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2314	list_str = list_str.strip("][ ")
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2315	# Strip comma and any whitespeace
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2316	lst = list_str.split(", ")
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2317	# Strip empty whitespace, single, and double quotation marks
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2318	lst = [ s.strip("' \"") for s in lst ]
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2319	# Eliminate any empty strings
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2320	lst = [ s for s in lst if s != '' ]
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2321
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2322	return lst
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2323
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2324	def __set_prop(self, name, values):
2097 068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2325	"""Accessor method to add a property"""
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2326
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2327	if name == SIGNATURE_POLICY:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2328	self.__sig_policy = None
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2329	if isinstance(values, basestring):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2330	values = [values]
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2331	policy_name = values[0]
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2332	if policy_name not in sigpolicy.Policy.policies():
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2333	raise api_errors.InvalidPropertyValue(_(
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2334	"%(val)s is not a valid value for this "
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2335	"property:%(prop)s") % {"val": policy_name,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2336	"prop": SIGNATURE_POLICY})
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2337	if policy_name == "require-names":
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2338	if self.__delay_validation:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2339	# If __delay_validation is set, then
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2340	# it's possible that
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2341	# signature-required-names was
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2342	# set by a previous call to set_prop
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2343	# file. If so, don't overwrite the
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2344	# values that have already been read.
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2345	self.__properties.setdefault(
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2346	"signature-required-names", [])
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2347	self.__properties[
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2348	"signature-required-names"].extend(
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2349	values[1:])
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2350	else:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2351	self.__properties[
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2352	"signature-required-names"] = \
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2353	values[1:]
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2354	self.__validate_properties()
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2355	else:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2356	if len(values) > 1:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2357	raise api_errors.InvalidPropertyValue(_(
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2358	"The %s signature-policy takes no "
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2359	"argument.") % policy_name)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2360	self.__properties[SIGNATURE_POLICY] = policy_name
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2361	return
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2362	if name == "signature-required-names":
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2363	if isinstance(values, basestring):
2097 068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2364	values = self.__read_list(values)
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2365	self.__properties[name] = values
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2366
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2367	def __del_prop(self, name):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2368	"""Accessor method for properties"""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2369	del self.__properties[name]
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2370
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2371	def __prop_iter(self):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2372	return self.__properties.__iter__()
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2373
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2374	def __prop_iteritems(self):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2375	"""Support iteritems on properties"""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2376	return self.__properties.iteritems()
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2377
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2378	def __prop_keys(self):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2379	"""Support keys() on properties"""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2380	return self.__properties.keys()
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2381
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2382	def __prop_values(self):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2383	"""Support values() on properties"""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2384	return self.__properties.values()
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2385
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2386	def __prop_getdefault(self, name, value):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2387	"""Support getdefault() on properties"""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2388	return self.__properties.get(name, value)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2389
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2390	def __prop_setdefault(self, name, value):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2391	"""Support setdefault() on properties"""
2097 068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2392	# Must set it this way so that the logic in __set_prop is used.
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2393	try:
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2394	return self.__properties[name]
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2395	except KeyError:
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2396	self.properties[name] = value
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2397	return value
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2398
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2399	def __prop_update(self, d):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2400	"""Support update() on properties"""
2097 068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2401
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2402	for k, v in d.iteritems():
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2403	# Must iterate through each value and
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2404	# set it this way so that the logic
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2405	# in __set_prop is used.
068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2406	self.properties[k] = v
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2407
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2408	def __prop_pop(self, d, default):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2409	"""Support pop() on properties"""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2410	return self.__properties.pop(d, default)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2411
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2412	properties = DictProperty(__get_prop, __set_prop, __del_prop,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2413	__prop_iteritems, __prop_keys, __prop_values, __prop_iter,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2414	doc="A dict holding the properties for an image.",
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2415	fgetdefault=__prop_getdefault, fsetdefault=__prop_setdefault,
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2416	update=__prop_update, pop=__prop_pop)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2417
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2418	@property
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2419	def signature_policy(self):
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2420	"""Return the signature policy for the publisher."""
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2421
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2422	if self.__sig_policy is not None:
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2423	return self.__sig_policy
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2424	txt = self.properties.get(SIGNATURE_POLICY,
2097 068cc63b4d6e 17055 image configuration should use pkg.config classes Shawn Walker <shawn.walker@oracle.com> parents: 2073 diff changeset	2425	sigpolicy.DEFAULT_POLICY)
2026 d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2426	names = self.properties.get("signature-required-names", [])
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2427	self.__sig_policy = sigpolicy.Policy.policy_factory(txt, names)
d1b30615bc99 9196 pkg(5) should have support for cryptographic manifest signatures Brock Pytlik <bpytlik@sun.com> parents: 2022 diff changeset	2428	return self.__sig_policy

author	Brock Pytlik <brock.pytlik@oracle.com>
	Wed, 06 Apr 2011 18:06:57 -0700
changeset 2286	938fbb350ad2
parent 2272	d81ea073d050
child 2310	ce10607d5332
permissions	-rw-r--r--