author | Brock Pytlik <brock.pytlik@oracle.com> |
Wed, 15 Jun 2011 20:06:10 -0700 | |
changeset 2414 | ce704b29a50c |
parent 2408 | 6424614c2ed1 |
child 2433 | 7af4ccfa1c06 |
permissions | -rw-r--r-- |
1516
8c950a3b4171
10485 move pkg(5) to Python 2.6
Rich Burridge <rich.burridge@sun.com>
parents:
1505
diff
changeset
|
1 |
#!/usr/bin/python |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
3 |
# CDDL HEADER START |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
4 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
5 |
# The contents of this file are subject to the terms of the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
6 |
# Common Development and Distribution License (the "License"). |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
7 |
# You may not use this file except in compliance with the License. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
8 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
9 |
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
10 |
# or http://www.opensolaris.org/os/licensing. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
11 |
# See the License for the specific language governing permissions |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
12 |
# and limitations under the License. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
13 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
14 |
# When distributing Covered Code, include this CDDL HEADER in each |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
15 |
# file and include the License file at usr/src/OPENSOLARIS.LICENSE. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
16 |
# If applicable, add the following below this CDDL HEADER, with the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
17 |
# fields enclosed by brackets "[]" replaced with your own identifying |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
18 |
# information: Portions Copyright [yyyy] [name of copyright owner] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
19 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
20 |
# CDDL HEADER END |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
21 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
22 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
23 |
# |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
24 |
# Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved. |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
25 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
26 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
27 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
28 |
# NOTE: Any changes to this file are considered a change in client api |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
29 |
# interfaces and must be fully documented in doc/client_api_versions.txt |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
30 |
# if they are visible changes to the public interfaces provided. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
31 |
# |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
32 |
# This also means that changes to the interfaces here must be reflected in |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
33 |
# the client version number and compatible_versions specifier found in |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
34 |
# modules/client/api.py:__init__. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
35 |
# |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
36 |
|
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
37 |
import calendar |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
38 |
import collections |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
39 |
import copy |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
40 |
import cStringIO |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
41 |
import datetime as dt |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
42 |
import errno |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
43 |
import hashlib |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
44 |
import os |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
45 |
import pycurl |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
46 |
import shutil |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
47 |
import tempfile |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
48 |
import time |
1968
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
49 |
import urllib |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
50 |
import urlparse |
1516
8c950a3b4171
10485 move pkg(5) to Python 2.6
Rich Burridge <rich.burridge@sun.com>
parents:
1505
diff
changeset
|
51 |
import uuid |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
52 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
53 |
from pkg.client import global_settings |
2272
d81ea073d050
3617 Testsuite should allow choice for base port to use
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2263
diff
changeset
|
54 |
from pkg.client.debugvalues import DebugValues |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
55 |
logger = global_settings.logger |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
56 |
|
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
57 |
import pkg.catalog |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
58 |
import pkg.client.api_errors as api_errors |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
59 |
import pkg.client.sigpolicy as sigpolicy |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
60 |
import pkg.misc as misc |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
61 |
import pkg.portable as portable |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
62 |
import pkg.server.catalog as old_catalog |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
63 |
import M2Crypto as m2 |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
64 |
|
2073
9fcacc9e5eaa
16998 transport should support publisher-specific write and read caches
Shawn Walker <shawn.walker@oracle.com>
parents:
2028
diff
changeset
|
65 |
from pkg.misc import EmptyDict, EmptyI, SIGNATURE_POLICY, DictProperty |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
66 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
67 |
# The "core" type indicates that a repository contains all of the dependencies |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
68 |
# declared by packages in the repository. It is primarily used for operating |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
69 |
# system repositories. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
70 |
REPO_CTYPE_CORE = "core" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
71 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
72 |
# The "supplemental" type indicates that a repository contains packages that |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
73 |
# rely on or are intended to be used with packages located in another |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
74 |
# repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
75 |
REPO_CTYPE_SUPPLEMENTAL = "supplemental" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
76 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
77 |
# Mapping of constant values to names (in the event these ever get changed to |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
78 |
# numeric values or it is decided they need "prettier" or different labels). |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
79 |
REPO_COLLECTION_TYPES = { |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
80 |
REPO_CTYPE_CORE: "core", |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
81 |
REPO_CTYPE_SUPPLEMENTAL: "supplemental", |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
82 |
} |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
83 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
84 |
# Supported Protocol Schemes |
1895
0a260cc2a689
15762 client support for filesystem-based repository access
Shawn Walker <shawn.walker@oracle.com>
parents:
1795
diff
changeset
|
85 |
SUPPORTED_SCHEMES = set(("file", "http", "https")) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
86 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
87 |
# SSL Protocol Schemes |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
88 |
SSL_SCHEMES = set(("https",)) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
89 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
90 |
# Supported RepositoryURI sorting policies. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
91 |
URI_SORT_PRIORITY = "priority" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
92 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
93 |
# Sort policy mapping. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
94 |
URI_SORT_POLICIES = { |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
95 |
URI_SORT_PRIORITY: lambda obj: (obj.priority, obj.uri), |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
96 |
} |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
97 |
|
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
98 |
# This dictionary records the recognized values of extensions. |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
99 |
SUPPORTED_EXTENSION_VALUES = { |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
100 |
"basicConstraints": ("CA:TRUE", "CA:FALSE", "PATHLEN:"), |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
101 |
"keyUsage": ("DIGITAL SIGNATURE", "CERTIFICATE SIGN", "CRL SIGN") |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
102 |
} |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
103 |
|
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
104 |
# These dictionaries map uses into their extensions. |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
105 |
CODE_SIGNING_USE = { |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
106 |
"keyUsage": ["DIGITAL SIGNATURE"] |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
107 |
} |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
108 |
|
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
109 |
CERT_SIGNING_USE = { |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
110 |
"basicConstraints": ["CA:TRUE"], |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
111 |
"keyUsage": ["CERTIFICATE SIGN"] |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
112 |
} |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
113 |
|
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
114 |
CRL_SIGNING_USE = { |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
115 |
"keyUsage": ["CRL SIGN"] |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
116 |
} |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
117 |
|
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
118 |
POSSIBLE_USES = [CODE_SIGNING_USE, CERT_SIGNING_USE, CRL_SIGNING_USE] |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
119 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
120 |
class RepositoryURI(object): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
121 |
"""Class representing a repository URI and any transport-related |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
122 |
information.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
123 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
124 |
# These properties are declared here so that they show up in the pydoc |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
125 |
# documentation as private, and for clarity in the property declarations |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
126 |
# found near the end of the class definition. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
127 |
__priority = None |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
128 |
__proxy = None |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
129 |
__ssl_cert = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
130 |
__ssl_key = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
131 |
__trailing_slash = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
132 |
__uri = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
133 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
134 |
# Used to store the id of the original object this one was copied |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
135 |
# from during __copy__. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
136 |
_source_object_id = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
137 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
138 |
def __init__(self, uri, priority=None, ssl_cert=None, ssl_key=None, |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
139 |
trailing_slash=True, proxy=None, system=False): |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
140 |
# Must set first. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
141 |
self.__trailing_slash = trailing_slash |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
142 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
143 |
# Note that the properties set here are intentionally lacking |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
144 |
# the '__' prefix which means assignment will occur using the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
145 |
# get/set methods declared for the property near the end of |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
146 |
# the class definition. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
147 |
self.priority = priority |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
148 |
self.uri = uri |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
149 |
self.ssl_cert = ssl_cert |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
150 |
self.ssl_key = ssl_key |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
151 |
self.proxy = proxy |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
152 |
self.system = system |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
153 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
154 |
def __copy__(self): |
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
155 |
uri = RepositoryURI(self.__uri, priority=self.__priority, |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
156 |
ssl_cert=self.__ssl_cert, ssl_key=self.__ssl_key, |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
157 |
trailing_slash=self.__trailing_slash, proxy=self.__proxy, |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
158 |
system=self.system) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
159 |
uri._source_object_id = id(self) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
160 |
return uri |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
161 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
162 |
def __eq__(self, other): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
163 |
if isinstance(other, RepositoryURI): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
164 |
return self.uri == other.uri and \ |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
165 |
self.proxy == other.proxy |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
166 |
if isinstance(other, str): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
167 |
return self.proxy is None and self.uri == other |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
168 |
return False |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
169 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
170 |
def __ne__(self, other): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
171 |
if isinstance(other, RepositoryURI): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
172 |
return self.uri != other.uri or \ |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
173 |
self.proxy != other.proxy |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
174 |
if isinstance(other, str): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
175 |
return self.proxy is not None or self.uri != other |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
176 |
return True |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
177 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
178 |
def __cmp__(self, other): |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
179 |
if not other: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
180 |
return 1 |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
181 |
if not isinstance(other, RepositoryURI): |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
182 |
other = RepositoryURI(other) |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
183 |
res = cmp(self.uri, other.uri) |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
184 |
if res != 0: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
185 |
return res |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
186 |
return cmp(self.proxy, other.proxy) |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
187 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
188 |
def __set_priority(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
189 |
if value is not None: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
190 |
try: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
191 |
value = int(value) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
192 |
except (TypeError, ValueError): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
193 |
raise api_errors.BadRepositoryURIPriority(value) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
194 |
self.__priority = value |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
195 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
196 |
def __set_proxy(self, proxy): |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
197 |
if not proxy: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
198 |
return |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
199 |
self.__proxy = proxy |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
200 |
assert not self.__ssl_cert |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
201 |
assert not self.__ssl_key |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
202 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
203 |
def __set_ssl_cert(self, filename): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
204 |
if self.scheme not in SSL_SCHEMES and filename: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
205 |
raise api_errors.UnsupportedRepositoryURIAttribute( |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
206 |
"ssl_cert", scheme=self.scheme) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
207 |
if filename: |
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
208 |
if not isinstance(filename, basestring): |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
209 |
raise api_errors.BadRepositoryAttributeValue( |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
210 |
"ssl_cert", value=filename) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
211 |
filename = os.path.abspath(filename) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
212 |
if not os.path.exists(filename): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
213 |
raise api_errors.NoSuchCertificate(filename, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
214 |
uri=self.uri) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
215 |
if filename == "": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
216 |
filename = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
217 |
# XXX attempt certificate verification here? |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
218 |
self.__ssl_cert = filename |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
219 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
220 |
def __set_ssl_key(self, filename): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
221 |
if self.scheme not in SSL_SCHEMES and filename: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
222 |
raise api_errors.UnsupportedRepositoryURIAttribute( |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
223 |
"ssl_key", scheme=self.scheme) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
224 |
if filename: |
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
225 |
if not isinstance(filename, basestring): |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
226 |
raise api_errors.BadRepositoryAttributeValue( |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
227 |
"ssl_key", value=filename) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
228 |
filename = os.path.abspath(filename) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
229 |
if not os.path.exists(filename): |
1254
28871b08d49c
8463 missing key file error message says certificate is missing
Shawn Walker <srw@sun.com>
parents:
1252
diff
changeset
|
230 |
raise api_errors.NoSuchKey(filename, |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
231 |
uri=self.uri) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
232 |
if filename == "": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
233 |
filename = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
234 |
# XXX attempt key verification here? |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
235 |
self.__ssl_key = filename |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
236 |
|
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
237 |
def __set_trailing_slash(self, value): |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
238 |
if value not in (True, False): |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
239 |
raise api_errors.BadRepositoryAttributeValue( |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
240 |
"trailing_slash", value=value) |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
241 |
self.__trailing_slash = value |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
242 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
243 |
def __set_uri(self, uri): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
244 |
if uri is None: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
245 |
raise api_errors.BadRepositoryURI(uri) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
246 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
247 |
# Decompose URI to verify attributes. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
248 |
scheme, netloc, path, params, query = \ |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
249 |
urlparse.urlsplit(uri, allow_fragments=0) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
250 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
251 |
# The set of currently supported protocol schemes. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
252 |
if scheme.lower() not in SUPPORTED_SCHEMES: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
253 |
raise api_errors.UnsupportedRepositoryURI(uri) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
254 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
255 |
# XXX valid_pub_url's check isn't quite right and could prevent |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
256 |
# usage of IDNs (international domain names). |
1895
0a260cc2a689
15762 client support for filesystem-based repository access
Shawn Walker <shawn.walker@oracle.com>
parents:
1795
diff
changeset
|
257 |
if (scheme.lower().startswith("http") and not netloc) or \ |
0a260cc2a689
15762 client support for filesystem-based repository access
Shawn Walker <shawn.walker@oracle.com>
parents:
1795
diff
changeset
|
258 |
not misc.valid_pub_url(uri): |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
259 |
raise api_errors.BadRepositoryURI(uri) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
260 |
|
1968
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
261 |
if scheme.lower() == "file" and netloc: |
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
262 |
raise api_errors.BadRepositoryURI(uri) |
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
263 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
264 |
# Normalize URI scheme. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
265 |
uri = uri.replace(scheme, scheme.lower(), 1) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
266 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
267 |
if self.__trailing_slash: |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
268 |
uri = misc.url_affix_trailing_slash(uri) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
269 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
270 |
if scheme.lower() not in SSL_SCHEMES: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
271 |
self.__ssl_cert = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
272 |
self.__ssl_key = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
273 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
274 |
self.__uri = uri |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
275 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
276 |
def __str__(self): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
277 |
if not self.__proxy: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
278 |
return self.__uri |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
279 |
return "proxy://%s" % self.__uri |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
280 |
|
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
281 |
def change_scheme(self, new_scheme): |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
282 |
"""Change the scheme of this uri.""" |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
283 |
|
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
284 |
assert self.__uri |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
285 |
scheme, netloc, path, params, query, fragment = \ |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
286 |
urlparse.urlparse(self.__uri, allow_fragments=False) |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
287 |
if new_scheme == scheme: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
288 |
return |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
289 |
self.uri = urlparse.urlunparse( |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
290 |
(new_scheme, netloc, path, params, query, fragment)) |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
291 |
|
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
292 |
def get_host(self): |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
293 |
"""Get the host and port of this URI if it's a http uri.""" |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
294 |
|
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
295 |
scheme, netloc, path, params, query, fragment = \ |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
296 |
urlparse.urlparse(self.__uri, allow_fragments=0) |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
297 |
if scheme != "file": |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
298 |
return netloc |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
299 |
return "" |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
300 |
|
1968
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
301 |
def get_pathname(self): |
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
302 |
"""Returns the URI path as a pathname if the URI is a file |
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
303 |
URI or '' otherwise.""" |
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
304 |
|
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
305 |
scheme, netloc, path, params, query, fragment = \ |
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
306 |
urlparse.urlparse(self.__uri, allow_fragments=0) |
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
307 |
if scheme == "file": |
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
308 |
return urllib.url2pathname(path) |
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
309 |
return "" |
c0540b1e4f7e
8722 advanced repository metadata store needed
Shawn Walker <shawn.walker@oracle.com>
parents:
1937
diff
changeset
|
310 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
311 |
ssl_cert = property(lambda self: self.__ssl_cert, __set_ssl_cert, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
312 |
"The absolute pathname of a PEM-encoded SSL certificate file.") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
313 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
314 |
ssl_key = property(lambda self: self.__ssl_key, __set_ssl_key, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
315 |
"The absolute pathname of a PEM-encoded SSL key file.") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
316 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
317 |
uri = property(lambda self: self.__uri, __set_uri, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
318 |
"The URI used to access a repository.") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
319 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
320 |
priority = property(lambda self: self.__priority, __set_priority, None, |
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
321 |
"An integer value representing the importance of this repository " |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
322 |
"URI relative to others.") |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
323 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
324 |
proxy = property(lambda self: self.__proxy, __set_proxy, None, "The " |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
325 |
"proxy to use to access this repository.") |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
326 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
327 |
@property |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
328 |
def scheme(self): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
329 |
"""The URI scheme.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
330 |
if not self.__uri: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
331 |
return "" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
332 |
return urlparse.urlsplit(self.__uri, allow_fragments=0)[0] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
333 |
|
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
334 |
trailing_slash = property(lambda self: self.__trailing_slash, |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
335 |
__set_trailing_slash, None, |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
336 |
"A boolean value indicating whether any URI provided for this " |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
337 |
"object should have a trailing slash appended when setting the " |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
338 |
"URI property.") |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
339 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
340 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
341 |
class Repository(object): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
342 |
"""Class representing a repository object. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
343 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
344 |
A repository object represents a location where clients can publish |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
345 |
and retrieve package content and/or metadata. It has the following |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
346 |
characteristics: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
347 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
348 |
- may have one or more origins (URIs) for publication and |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
349 |
retrieval of package metadata and content. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
350 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
351 |
- may have zero or more mirrors (URIs) for retrieval of package |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
352 |
content.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
353 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
354 |
# These properties are declared here so that they show up in the pydoc |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
355 |
# documentation as private, and for clarity in the property declarations |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
356 |
# found near the end of the class definition. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
357 |
__collection_type = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
358 |
__legal_uris = [] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
359 |
__mirrors = [] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
360 |
__origins = [] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
361 |
__refresh_seconds = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
362 |
__registration_uri = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
363 |
__related_uris = [] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
364 |
__sort_policy = URI_SORT_PRIORITY |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
365 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
366 |
# Used to store the id of the original object this one was copied |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
367 |
# from during __copy__. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
368 |
_source_object_id = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
369 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
370 |
name = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
371 |
description = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
372 |
registered = False |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
373 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
374 |
def __init__(self, collection_type=REPO_CTYPE_CORE, description=None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
375 |
legal_uris=None, mirrors=None, name=None, origins=None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
376 |
refresh_seconds=None, registered=False, registration_uri=None, |
2100
6a366b063036
17144 Unix socket support is defunct
johansen <johansen@opensolaris.org>
parents:
2097
diff
changeset
|
377 |
related_uris=None, sort_policy=URI_SORT_PRIORITY): |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
378 |
"""Initializes a repository object. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
379 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
380 |
'collection_type' is an optional constant value indicating the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
381 |
type of packages in the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
382 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
383 |
'description' is an optional string value containing a |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
384 |
descriptive paragraph for the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
385 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
386 |
'legal_uris' should be a list of RepositoryURI objects or URI |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
387 |
strings indicating where licensing, legal, and terms of service |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
388 |
information for the repository can be found. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
389 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
390 |
'mirrors' is an optional list of RepositoryURI objects or URI |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
391 |
strings indicating where package content can be retrieved. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
392 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
393 |
'name' is an optional, short, descriptive name for the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
394 |
repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
395 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
396 |
'origins' should be a list of RepositoryURI objects or URI |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
397 |
strings indicating where package metadata can be retrieved. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
398 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
399 |
'refresh_seconds' is an optional integer value indicating the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
400 |
number of seconds clients should wait before refreshing cached |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
401 |
repository catalog or repository metadata information. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
402 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
403 |
'registered' is an optional boolean value indicating whether |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
404 |
a client has registered with the repository's publisher. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
405 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
406 |
'registration_uri' is an optional RepositoryURI object or a URI |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
407 |
string indicating a location clients can use to register or |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
408 |
obtain credentials needed to access the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
409 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
410 |
'related_uris' is an optional list of RepositoryURI objects or a |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
411 |
list of URI strings indicating the location of related |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
412 |
repositories that a client may be interested in. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
413 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
414 |
'sort_policy' is an optional constant value indicating how |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
415 |
legal_uris, mirrors, origins, and related_uris should be |
2100
6a366b063036
17144 Unix socket support is defunct
johansen <johansen@opensolaris.org>
parents:
2097
diff
changeset
|
416 |
sorted.""" |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
417 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
418 |
# Note that the properties set here are intentionally lacking |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
419 |
# the '__' prefix which means assignment will occur using the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
420 |
# get/set methods declared for the property near the end of |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
421 |
# the class definition. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
422 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
423 |
# Must be set first so that it will apply to attributes set |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
424 |
# afterwards. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
425 |
self.sort_policy = sort_policy |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
426 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
427 |
self.collection_type = collection_type |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
428 |
self.description = description |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
429 |
self.legal_uris = legal_uris |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
430 |
self.mirrors = mirrors |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
431 |
self.name = name |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
432 |
self.origins = origins |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
433 |
self.refresh_seconds = refresh_seconds |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
434 |
self.registered = registered |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
435 |
self.registration_uri = registration_uri |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
436 |
self.related_uris = related_uris |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
437 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
438 |
def __add_uri(self, attr, uri, dup_check=None, priority=None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
439 |
ssl_cert=None, ssl_key=None, trailing_slash=True): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
440 |
if not isinstance(uri, RepositoryURI): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
441 |
uri = RepositoryURI(uri, priority=priority, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
442 |
ssl_cert=ssl_cert, ssl_key=ssl_key, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
443 |
trailing_slash=trailing_slash) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
444 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
445 |
if dup_check: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
446 |
dup_check(uri) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
447 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
448 |
ulist = getattr(self, attr) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
449 |
ulist.append(uri) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
450 |
ulist.sort(key=URI_SORT_POLICIES[self.__sort_policy]) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
451 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
452 |
def __copy__(self): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
453 |
cluris = [copy.copy(u) for u in self.legal_uris] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
454 |
cmirrors = [copy.copy(u) for u in self.mirrors] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
455 |
cruris = [copy.copy(u) for u in self.related_uris] |
2100
6a366b063036
17144 Unix socket support is defunct
johansen <johansen@opensolaris.org>
parents:
2097
diff
changeset
|
456 |
corigins = [copy.copy(u) for u in self.origins] |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
457 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
458 |
repo = Repository(collection_type=self.collection_type, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
459 |
description=self.description, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
460 |
legal_uris=cluris, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
461 |
mirrors=cmirrors, name=self.name, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
462 |
origins=corigins, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
463 |
refresh_seconds=self.refresh_seconds, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
464 |
registered=self.registered, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
465 |
registration_uri=copy.copy(self.registration_uri), |
2100
6a366b063036
17144 Unix socket support is defunct
johansen <johansen@opensolaris.org>
parents:
2097
diff
changeset
|
466 |
related_uris=cruris) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
467 |
repo._source_object_id = id(self) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
468 |
return repo |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
469 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
470 |
def __replace_uris(self, attr, value, trailing_slash=True): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
471 |
if value is None: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
472 |
value = [] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
473 |
if not isinstance(value, list): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
474 |
raise api_errors.BadRepositoryAttributeValue(attr, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
475 |
value=value) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
476 |
uris = [] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
477 |
for u in value: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
478 |
if not isinstance(u, RepositoryURI): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
479 |
u = RepositoryURI(u, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
480 |
trailing_slash=trailing_slash) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
481 |
elif trailing_slash: |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
482 |
u.uri = misc.url_affix_trailing_slash(u.uri) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
483 |
uris.append(u) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
484 |
uris.sort(key=URI_SORT_POLICIES[self.__sort_policy]) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
485 |
return uris |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
486 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
487 |
def __set_collection_type(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
488 |
if value not in REPO_COLLECTION_TYPES: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
489 |
raise api_errors.BadRepositoryCollectionType(value) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
490 |
self.__collection_type = value |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
491 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
492 |
def __set_legal_uris(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
493 |
self.__legal_uris = self.__replace_uris("legal_uris", value, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
494 |
trailing_slash=False) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
495 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
496 |
def __set_mirrors(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
497 |
self.__mirrors = self.__replace_uris("mirrors", value) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
498 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
499 |
def __set_origins(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
500 |
self.__origins = self.__replace_uris("origins", value) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
501 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
502 |
def __set_registration_uri(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
503 |
if value and not isinstance(value, RepositoryURI): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
504 |
value = RepositoryURI(value, trailing_slash=False) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
505 |
self.__registration_uri = value |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
506 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
507 |
def __set_related_uris(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
508 |
self.__related_uris = self.__replace_uris("related_uris", |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
509 |
value, trailing_slash=False) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
510 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
511 |
def __set_refresh_seconds(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
512 |
if value is not None: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
513 |
try: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
514 |
value = int(value) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
515 |
except (TypeError, ValueError): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
516 |
raise api_errors.BadRepositoryAttributeValue( |
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
517 |
"refresh_seconds", value=value) |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
518 |
if value < 0: |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
519 |
raise api_errors.BadRepositoryAttributeValue( |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
520 |
"refresh_seconds", value=value) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
521 |
self.__refresh_seconds = value |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
522 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
523 |
def __set_sort_policy(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
524 |
if value not in URI_SORT_POLICIES: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
525 |
raise api_errors.BadRepositoryURISortPolicy(value) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
526 |
self.__sort_policy = value |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
527 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
528 |
def add_legal_uri(self, uri, priority=None, ssl_cert=None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
529 |
ssl_key=None): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
530 |
"""Adds the specified legal URI to the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
531 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
532 |
'uri' can be a RepositoryURI object or a URI string. If |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
533 |
it is a RepositoryURI object, all other parameters will be |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
534 |
ignored.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
535 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
536 |
self.__add_uri("legal_uris", uri, priority=priority, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
537 |
ssl_cert=ssl_cert, ssl_key=ssl_key, trailing_slash=False) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
538 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
539 |
def add_mirror(self, mirror, priority=None, ssl_cert=None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
540 |
ssl_key=None): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
541 |
"""Adds the specified mirror to the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
542 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
543 |
'mirror' can be a RepositoryURI object or a URI string. If |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
544 |
it is a RepositoryURI object, all other parameters will be |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
545 |
ignored.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
546 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
547 |
def dup_check(mirror): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
548 |
if self.has_mirror(mirror): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
549 |
raise api_errors.DuplicateRepositoryMirror( |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
550 |
mirror) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
551 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
552 |
self.__add_uri("mirrors", mirror, dup_check=dup_check, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
553 |
priority=priority, ssl_cert=ssl_cert, ssl_key=ssl_key) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
554 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
555 |
def add_origin(self, origin, priority=None, ssl_cert=None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
556 |
ssl_key=None): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
557 |
"""Adds the specified origin to the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
558 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
559 |
'origin' can be a RepositoryURI object or a URI string. If |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
560 |
it is a RepositoryURI object, all other parameters will be |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
561 |
ignored.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
562 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
563 |
def dup_check(origin): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
564 |
if self.has_origin(origin): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
565 |
raise api_errors.DuplicateRepositoryOrigin( |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
566 |
origin) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
567 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
568 |
self.__add_uri("origins", origin, dup_check=dup_check, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
569 |
priority=priority, ssl_cert=ssl_cert, ssl_key=ssl_key) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
570 |
|
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
571 |
def add_related_uri(self, uri, priority=None, ssl_cert=None, |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
572 |
ssl_key=None): |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
573 |
"""Adds the specified related URI to the repository. |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
574 |
|
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
575 |
'uri' can be a RepositoryURI object or a URI string. If |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
576 |
it is a RepositoryURI object, all other parameters will be |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
577 |
ignored.""" |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
578 |
|
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
579 |
self.__add_uri("related_uris", uri, priority=priority, |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
580 |
ssl_cert=ssl_cert, ssl_key=ssl_key, trailing_slash=False) |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
581 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
582 |
def get_mirror(self, mirror): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
583 |
"""Returns a RepositoryURI object representing the mirror |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
584 |
that matches 'mirror'. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
585 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
586 |
'mirror' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
587 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
588 |
if not isinstance(mirror, RepositoryURI): |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
589 |
mirror = misc.url_affix_trailing_slash(mirror) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
590 |
for m in self.mirrors: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
591 |
if mirror == m.uri: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
592 |
return m |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
593 |
raise api_errors.UnknownRepositoryMirror(mirror) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
594 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
595 |
def get_origin(self, origin): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
596 |
"""Returns a RepositoryURI object representing the origin |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
597 |
that matches 'origin'. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
598 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
599 |
'origin' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
600 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
601 |
if not isinstance(origin, RepositoryURI): |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
602 |
origin = misc.url_affix_trailing_slash(origin) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
603 |
for o in self.origins: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
604 |
if origin == o.uri: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
605 |
return o |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
606 |
raise api_errors.UnknownRepositoryOrigin(origin) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
607 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
608 |
def has_mirror(self, mirror): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
609 |
"""Returns a boolean value indicating whether a matching |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
610 |
'mirror' exists for the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
611 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
612 |
'mirror' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
613 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
614 |
if not isinstance(mirror, RepositoryURI): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
615 |
mirror = RepositoryURI(mirror) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
616 |
return mirror in self.mirrors |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
617 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
618 |
def has_origin(self, origin): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
619 |
"""Returns a boolean value indicating whether a matching |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
620 |
'origin' exists for the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
621 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
622 |
'origin' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
623 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
624 |
if not isinstance(origin, RepositoryURI): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
625 |
origin = RepositoryURI(origin) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
626 |
return origin in self.origins |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
627 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
628 |
def remove_legal_uri(self, uri): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
629 |
"""Removes the legal URI matching 'uri' from the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
630 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
631 |
'uri' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
632 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
633 |
for i, m in enumerate(self.legal_uris): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
634 |
if uri == m.uri: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
635 |
# Immediate return as the index into the array |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
636 |
# changes with each removal. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
637 |
del self.legal_uris[i] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
638 |
return |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
639 |
raise api_errors.UnknownLegalURI(uri) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
640 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
641 |
def remove_mirror(self, mirror): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
642 |
"""Removes the mirror matching 'mirror' from the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
643 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
644 |
'mirror' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
645 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
646 |
if not isinstance(mirror, RepositoryURI): |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
647 |
mirror = misc.url_affix_trailing_slash(mirror) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
648 |
for i, m in enumerate(self.mirrors): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
649 |
if mirror == m.uri: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
650 |
# Immediate return as the index into the array |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
651 |
# changes with each removal. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
652 |
del self.mirrors[i] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
653 |
return |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
654 |
raise api_errors.UnknownRepositoryMirror(mirror) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
655 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
656 |
def remove_origin(self, origin): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
657 |
"""Removes the origin matching 'origin' from the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
658 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
659 |
'origin' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
660 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
661 |
if not isinstance(origin, RepositoryURI): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
662 |
origin = RepositoryURI(origin) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
663 |
for i, o in enumerate(self.origins): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
664 |
if origin == o.uri and origin.proxy == o.proxy: |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
665 |
# Immediate return as the index into the array |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
666 |
# changes with each removal. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
667 |
del self.origins[i] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
668 |
return |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
669 |
raise api_errors.UnknownRepositoryOrigin(origin) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
670 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
671 |
def remove_related_uri(self, uri): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
672 |
"""Removes the related URI matching 'uri' from the repository. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
673 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
674 |
'uri' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
675 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
676 |
for i, m in enumerate(self.related_uris): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
677 |
if uri == m.uri: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
678 |
# Immediate return as the index into the array |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
679 |
# changes with each removal. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
680 |
del self.related_uris[i] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
681 |
return |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
682 |
raise api_errors.UnknownRelatedURI(uri) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
683 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
684 |
def update_mirror(self, mirror, priority=None, ssl_cert=None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
685 |
ssl_key=None): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
686 |
"""Updates an existing mirror object matching 'mirror'. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
687 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
688 |
'mirror' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
689 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
690 |
if not isinstance(mirror, RepositoryURI): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
691 |
mirror = RepositoryURI(mirror, priority=priority, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
692 |
ssl_cert=ssl_cert, ssl_key=ssl_key) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
693 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
694 |
target = self.get_mirror(mirror) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
695 |
target.priority = mirror.priority |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
696 |
target.ssl_cert = mirror.ssl_cert |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
697 |
target.ssl_key = mirror.ssl_key |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
698 |
self.mirrors.sort(key=URI_SORT_POLICIES[self.__sort_policy]) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
699 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
700 |
def update_origin(self, origin, priority=None, ssl_cert=None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
701 |
ssl_key=None): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
702 |
"""Updates an existing origin object matching 'origin'. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
703 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
704 |
'origin' can be a RepositoryURI object or a URI string.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
705 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
706 |
if not isinstance(origin, RepositoryURI): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
707 |
origin = RepositoryURI(origin, priority=priority, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
708 |
ssl_cert=ssl_cert, ssl_key=ssl_key) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
709 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
710 |
target = self.get_origin(origin) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
711 |
target.priority = origin.priority |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
712 |
target.ssl_cert = origin.ssl_cert |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
713 |
target.ssl_key = origin.ssl_key |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
714 |
self.origins.sort(key=URI_SORT_POLICIES[self.__sort_policy]) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
715 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
716 |
def reset_mirrors(self): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
717 |
"""Discards the current list of repository mirrors.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
718 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
719 |
self.mirrors = [] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
720 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
721 |
def reset_origins(self): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
722 |
"""Discards the current list of repository origins.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
723 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
724 |
self.origins = [] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
725 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
726 |
collection_type = property(lambda self: self.__collection_type, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
727 |
__set_collection_type, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
728 |
"""A constant value indicating the type of packages in the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
729 |
repository. The following collection types are recognized: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
730 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
731 |
REPO_CTYPE_CORE |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
732 |
The "core" type indicates that the repository contains |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
733 |
all of the dependencies declared by packages in the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
734 |
repository. It is primarily used for operating system |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
735 |
repositories. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
736 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
737 |
REPO_CTYPE_SUPPLEMENTAL |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
738 |
The "supplemental" type indicates that the repository |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
739 |
contains packages that rely on or are intended to be |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
740 |
used with packages located in another repository.""") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
741 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
742 |
legal_uris = property(lambda self: self.__legal_uris, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
743 |
__set_legal_uris, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
744 |
"""A list of RepositoryURI objects indicating where licensing, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
745 |
legal, and terms of service information for the repository can be |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
746 |
found.""") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
747 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
748 |
mirrors = property(lambda self: self.__mirrors, __set_mirrors, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
749 |
"""A list of RepositoryURI objects indicating where package content |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
750 |
can be retrieved. If any value in the list provided is a URI |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
751 |
string, it will be replaced with a RepositoryURI object.""") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
752 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
753 |
origins = property(lambda self: self.__origins, __set_origins, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
754 |
"""A list of RepositoryURI objects indicating where package content |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
755 |
can be retrieved. If any value in the list provided is a URI |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
756 |
string, it will be replaced with a RepositoryURI object.""") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
757 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
758 |
registration_uri = property(lambda self: self.__registration_uri, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
759 |
__set_registration_uri, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
760 |
"""A RepositoryURI object indicating a location clients can use to |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
761 |
register or obtain credentials needed to access the repository. If |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
762 |
the value provided is a URI string, it will be replaced with a |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
763 |
RepositoryURI object.""") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
764 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
765 |
related_uris = property(lambda self: self.__related_uris, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
766 |
__set_related_uris, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
767 |
"""A list of RepositoryURI objects indicating the location of |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
768 |
related repositories that a client may be interested in. If any |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
769 |
value in the list provided is a URI string, it will be replaced with |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
770 |
a RepositoryURI object.""") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
771 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
772 |
refresh_seconds = property(lambda self: self.__refresh_seconds, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
773 |
__set_refresh_seconds, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
774 |
"""An integer value indicating the number of seconds clients should |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
775 |
wait before refreshing cached repository metadata information. A |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
776 |
value of None indicates that refreshes should be performed at the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
777 |
client's discretion.""") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
778 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
779 |
sort_policy = property(lambda self: self.__sort_policy, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
780 |
__set_sort_policy, None, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
781 |
"""A constant value indicating how legal_uris, mirrors, origins, and |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
782 |
related_uris should be sorted. The following policies are |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
783 |
recognized: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
784 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
785 |
URI_SORT_PRIORITY |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
786 |
The "priority" policy indicate that URIs should be |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
787 |
sorted according to the value of their priority |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
788 |
attribute.""") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
789 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
790 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
791 |
class Publisher(object): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
792 |
"""Class representing a publisher object and a set of interfaces to set |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
793 |
and retrieve its information. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
794 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
795 |
A publisher is a forward or reverse domain name identifying a source |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
796 |
(e.g. "publisher") of packages.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
797 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
798 |
# These properties are declared here so that they show up in the pydoc |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
799 |
# documentation as private, and for clarity in the property declarations |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
800 |
# found near the end of the class definition. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
801 |
__alias = None |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
802 |
__catalog = None |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
803 |
__client_uuid = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
804 |
__disabled = False |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
805 |
__meta_root = None |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
806 |
__origin_root = None |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
807 |
__prefix = None |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
808 |
__repository = None |
1505
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
809 |
__sticky = True |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
810 |
transport = None |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
811 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
812 |
# Used to store the id of the original object this one was copied |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
813 |
# from during __copy__. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
814 |
_source_object_id = None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
815 |
|
2408
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
816 |
# Used to record those CRLs which are unreachable during the current |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
817 |
# operation. |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
818 |
__bad_crls = set() |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
819 |
|
2219
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
820 |
def __init__(self, prefix, alias=None, catalog=None, client_uuid=None, |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
821 |
disabled=False, meta_root=None, repository=None, |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
822 |
transport=None, sticky=True, props=None, revoked_ca_certs=EmptyI, |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
823 |
approved_ca_certs=EmptyI, sys_pub=False): |
2219
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
824 |
"""Initialize a new publisher object. |
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
825 |
|
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
826 |
'catalog' is an optional Catalog object to use in place of |
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
827 |
retrieving one from the publisher's meta_root. This option |
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
828 |
may only be used when meta_root is not provided. |
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
829 |
""" |
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
830 |
|
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
831 |
assert not (catalog and meta_root) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
832 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
833 |
if client_uuid is None: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
834 |
self.reset_client_uuid() |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
835 |
else: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
836 |
self.__client_uuid = client_uuid |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
837 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
838 |
self.sys_pub = False |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
839 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
840 |
# Note that the properties set here are intentionally lacking |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
841 |
# the '__' prefix which means assignment will occur using the |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
842 |
# get/set methods declared for the property near the end of |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
843 |
# the class definition. |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
844 |
self.alias = alias |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
845 |
self.disabled = disabled |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
846 |
self.prefix = prefix |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
847 |
self.transport = transport |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
848 |
self.meta_root = meta_root |
1505
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
849 |
self.sticky = sticky |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
850 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
851 |
|
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
852 |
self.__sig_policy = None |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
853 |
self.__delay_validation = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
854 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
855 |
self.__properties = {} |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
856 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
857 |
# Writing out an EmptyI to a config file and reading it back |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
858 |
# in doesn't work correctly at the moment, but reading and |
2028
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
859 |
# writing an empty list does. So if intermediate_certs is empty, |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
860 |
# make sure it's stored as an empty list. |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
861 |
# |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
862 |
# The relevant implementation is probably the line which |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
863 |
# strips ][ from the input in imageconfig.read_list. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
864 |
if revoked_ca_certs: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
865 |
self.revoked_ca_certs = revoked_ca_certs |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
866 |
else: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
867 |
self.revoked_ca_certs = [] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
868 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
869 |
if approved_ca_certs: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
870 |
self.approved_ca_certs = approved_ca_certs |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
871 |
else: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
872 |
self.approved_ca_certs = [] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
873 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
874 |
if props: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
875 |
self.properties.update(props) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
876 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
877 |
self.ca_dict = None |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
878 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
879 |
if repository: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
880 |
self.repository = repository |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
881 |
self.sys_pub = sys_pub |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
882 |
|
2219
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
883 |
# Must be done last. |
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
884 |
self.__catalog = catalog |
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
885 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
886 |
def __cmp__(self, other): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
887 |
if other is None: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
888 |
return 1 |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
889 |
if isinstance(other, Publisher): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
890 |
return cmp(self.prefix, other.prefix) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
891 |
return cmp(self.prefix, other) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
892 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
893 |
@staticmethod |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
894 |
def __contains__(key): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
895 |
"""Supports deprecated compatibility interface.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
896 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
897 |
return key in ("client_uuid", "disabled", "mirrors", "origin", |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
898 |
"prefix", "ssl_cert", "ssl_key") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
899 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
900 |
def __copy__(self): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
901 |
selected = None |
1252
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
902 |
pub = Publisher(self.__prefix, alias=self.__alias, |
3b1b69011fcf
8709 ImageInterface.has_publisher has incorrect docstring
Shawn Walker <srw@sun.com>
parents:
1210
diff
changeset
|
903 |
client_uuid=self.__client_uuid, disabled=self.__disabled, |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
904 |
meta_root=self.meta_root, |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
905 |
repository=copy.copy(self.repository), |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
906 |
transport=self.transport, sticky=self.__sticky, |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
907 |
props=self.properties, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
908 |
revoked_ca_certs=self.revoked_ca_certs, |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
909 |
approved_ca_certs=self.approved_ca_certs, |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
910 |
sys_pub=self.sys_pub) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
911 |
pub._source_object_id = id(self) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
912 |
return pub |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
913 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
914 |
def __eq__(self, other): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
915 |
if isinstance(other, Publisher): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
916 |
return self.prefix == other.prefix |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
917 |
if isinstance(other, str): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
918 |
return self.prefix == other |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
919 |
return False |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
920 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
921 |
def __getitem__(self, key): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
922 |
"""Deprecated compatibility interface allowing publisher |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
923 |
attributes to be read as pub["attribute"].""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
924 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
925 |
if key == "client_uuid": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
926 |
return self.__client_uuid |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
927 |
if key == "disabled": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
928 |
return self.__disabled |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
929 |
if key == "prefix": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
930 |
return self.__prefix |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
931 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
932 |
repo = self.repository |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
933 |
if key == "mirrors": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
934 |
return [str(m) for m in repo.mirrors] |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
935 |
if key == "origin": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
936 |
if not repo.origins[0]: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
937 |
return None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
938 |
return repo.origins[0].uri |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
939 |
if key == "ssl_cert": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
940 |
if not repo.origins[0]: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
941 |
return None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
942 |
return repo.origins[0].ssl_cert |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
943 |
if key == "ssl_key": |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
944 |
if not repo.origins[0]: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
945 |
return None |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
946 |
return repo.origins[0].ssl_key |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
947 |
|
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
948 |
def __get_last_refreshed(self): |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
949 |
if not self.meta_root: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
950 |
return None |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
951 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
952 |
lcfile = os.path.join(self.meta_root, "last_refreshed") |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
953 |
try: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
954 |
mod_time = os.stat(lcfile).st_mtime |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
955 |
except EnvironmentError, e: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
956 |
if e.errno == errno.ENOENT: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
957 |
return None |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
958 |
raise |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
959 |
return dt.datetime.utcfromtimestamp(mod_time) |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
960 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
961 |
def __ne__(self, other): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
962 |
if isinstance(other, Publisher): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
963 |
return self.prefix != other.prefix |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
964 |
if isinstance(other, str): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
965 |
return self.prefix != other |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
966 |
return True |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
967 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
968 |
def __set_alias(self, value): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
969 |
if self.sys_pub: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
970 |
raise api_errors.ModifyingSyspubException( |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
971 |
"Cannot set the alias of a system publisher") |
2028
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
972 |
# Aliases must comply with the same restrictions that prefixes |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
973 |
# have as they are intended to be useable in any case where |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
974 |
# a prefix may be used. |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
975 |
if value is not None and value != "" and \ |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
976 |
not misc.valid_pub_prefix(value): |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
977 |
raise api_errors.BadPublisherAlias(value) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
978 |
self.__alias = value |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
979 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
980 |
def __set_disabled(self, disabled): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
981 |
if self.sys_pub: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
982 |
raise api_errors.ModifyingSyspubException(_("Cannot " |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
983 |
"enable or disable a system publisher")) |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
984 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
985 |
if disabled: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
986 |
self.__disabled = True |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
987 |
else: |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
988 |
self.__disabled = False |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
989 |
|
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
990 |
def __set_last_refreshed(self, value): |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
991 |
if not self.meta_root: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
992 |
return |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
993 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
994 |
if value is not None and not isinstance(value, dt.datetime): |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
995 |
raise api_errors.BadRepositoryAttributeValue( |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
996 |
"last_refreshed", value=value) |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
997 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
998 |
lcfile = os.path.join(self.meta_root, "last_refreshed") |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
999 |
if not value: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1000 |
# If no value was provided, attempt to remove the |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1001 |
# tracking file. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1002 |
try: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1003 |
portable.remove(lcfile) |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1004 |
except EnvironmentError, e: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1005 |
# If the file can't be removed due to |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1006 |
# permissions, a read-only filesystem, or |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1007 |
# because it doesn't exist, continue on. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1008 |
if e.errno not in (errno.ENOENT, errno.EACCES, |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1009 |
errno.EROFS): |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1010 |
raise |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1011 |
return |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1012 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1013 |
def create_tracker(): |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1014 |
try: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1015 |
f = open(lcfile, "wb") |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1016 |
f.write("%s\n" % misc.time_to_timestamp( |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1017 |
calendar.timegm(value.utctimetuple()))) |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1018 |
f.close() |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1019 |
except EnvironmentError, e: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1020 |
# If the file can't be written due to |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1021 |
# permissions or because the filesystem is |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1022 |
# read-only, continue on. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1023 |
if e.errno not in (errno.EACCES, errno.EROFS): |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1024 |
raise |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1025 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1026 |
try: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1027 |
# If a time was provided, write out a special file that |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1028 |
# can be used to track the information with the actual |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1029 |
# time (in UTC) contained within. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1030 |
create_tracker() |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1031 |
except EnvironmentError, e: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1032 |
if e.errno != errno.ENOENT: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1033 |
raise |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1034 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1035 |
# Assume meta_root doesn't exist and create it. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1036 |
try: |
1087
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1037 |
self.create_meta_root() |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1038 |
except api_errors.PermissionsException: |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1039 |
# If the directory can't be created due to |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1040 |
# permissions, move on. |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1041 |
pass |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1042 |
except EnvironmentError, e: |
1087
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1043 |
# If the directory can't be created due to a |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1044 |
# read-only filesystem, move on. |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1045 |
if e.errno != errno.EROFS: |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1046 |
raise |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1047 |
else: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1048 |
# Try one last time. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1049 |
create_tracker() |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1050 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1051 |
def __set_meta_root(self, pathname): |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1052 |
if pathname: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1053 |
pathname = os.path.abspath(pathname) |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1054 |
self.__meta_root = pathname |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1055 |
if self.__catalog: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1056 |
self.__catalog.meta_root = self.catalog_root |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1057 |
if self.__meta_root: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1058 |
self.__origin_root = os.path.join(self.__meta_root, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1059 |
"origins") |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1060 |
self.cert_root = os.path.join(self.__meta_root, "certs") |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1061 |
self.__subj_root = os.path.join(self.cert_root, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1062 |
"subject_hashes") |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1063 |
self.__crl_root = os.path.join(self.cert_root, "crls") |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1064 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1065 |
def __set_prefix(self, prefix): |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1066 |
if not misc.valid_pub_prefix(prefix): |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1067 |
raise api_errors.BadPublisherPrefix(prefix) |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1068 |
self.__prefix = prefix |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1069 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1070 |
def __set_repository(self, value): |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1071 |
if not isinstance(value, Repository): |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1072 |
raise api_errors.UnknownRepository(value) |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1073 |
self.__repository = value |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1074 |
self.__catalog = None |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1075 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1076 |
def __set_client_uuid(self, value): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1077 |
self.__client_uuid = value |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1078 |
|
1505
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
1079 |
def __set_stickiness(self, value): |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1080 |
if self.sys_pub: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1081 |
raise api_errors.ModifyingSyspubException(_("Cannot " |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1082 |
"change the stickiness of a system publisher")) |
1505
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
1083 |
self.__sticky = bool(value) |
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
1084 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1085 |
def __str__(self): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1086 |
return self.prefix |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1087 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1088 |
def __validate_metadata(self, croot, repo): |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1089 |
"""Private helper function to check the publisher's metadata |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1090 |
for configuration or other issues and log appropriate warnings |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1091 |
or errors. Currently only checks catalog metadata.""" |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1092 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1093 |
c = pkg.catalog.Catalog(meta_root=croot, read_only=True) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1094 |
if not c.exists: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1095 |
# Nothing to validate. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1096 |
return |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1097 |
if not c.version > 0: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1098 |
# Validation doesn't apply. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1099 |
return |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1100 |
if not c.package_count: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1101 |
# Nothing to do. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1102 |
return |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1103 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1104 |
# XXX For now, perform this check using the catalog data. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1105 |
# In the future, it should be done using the output of the |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1106 |
# publisher/0 operation. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1107 |
pubs = c.publishers() |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1108 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1109 |
if self.prefix not in pubs: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1110 |
origins = repo.origins |
1604
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1111 |
origin = origins[0] |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1112 |
logger.error(_(""" |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1113 |
Unable to retrieve package data for publisher '%(prefix)s' from one |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1114 |
of the following origin(s): |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1115 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1116 |
%(origins)s |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1117 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1118 |
The catalog retrieved from one of the origin(s) listed above only |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1119 |
contains package data for: %(pubs)s. |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1120 |
""") % { "origins": "\n".join(str(o) for o in origins), "prefix": self.prefix, |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1121 |
"pubs": ", ".join(pubs) }) |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1122 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1123 |
if global_settings.client_name != "pkg": |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1124 |
logger.error(_("""\ |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1125 |
This is either a result of invalid origin information being provided |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1126 |
for publisher '%s', or because the wrong publisher name was |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1127 |
provided when this publisher was added. |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1128 |
""") % self.prefix) |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1129 |
# Remaining messages are for pkg client only. |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1130 |
return |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1131 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1132 |
logger.error(_("""\ |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1133 |
To resolve this issue, correct the origin information provided for |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1134 |
publisher '%(prefix)s' using the pkg set-publisher subcommand, or re-add |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1135 |
the publisher using the correct name and remove the '%(prefix)s' |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1136 |
publisher. |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1137 |
""") % { "prefix": self.prefix }) |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1138 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1139 |
if len(pubs) == 1: |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1140 |
logger.warning(_("""\ |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1141 |
To re-add this publisher with the correct name, execute the following |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1142 |
commands as a privileged user: |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1143 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1144 |
pkg set-publisher -P -g %(origin)s %(pub)s |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1145 |
pkg unset-publisher %(prefix)s |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1146 |
""") % { "origin": origin, "prefix": self.prefix, "pub": list(pubs)[0] }) |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1147 |
return |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1148 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1149 |
logger.warning(_("""\ |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1150 |
The origin(s) listed above contain package data for more than one |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1151 |
publisher, but this issue can likely be resolved by executing one |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1152 |
of the following commands as a privileged user: |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1153 |
""")) |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1154 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1155 |
for pfx in pubs: |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1156 |
logger.warning(_("pkg set-publisher -P -g " |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1157 |
"%(origin)s %(pub)s\n") % { |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1158 |
"origin": origin, "pub": pfx }) |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1159 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1160 |
logger.warning(_("""\ |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1161 |
Afterwards, the old publisher should be removed by executing the |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1162 |
following command as a privileged user: |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1163 |
|
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1164 |
pkg unset-publisher %s |
a150e634e8c2
13404 publisher prefix failure message needs update / improvement
Shawn Walker <srw@sun.com>
parents:
1549
diff
changeset
|
1165 |
""") % self.prefix) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1166 |
|
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1167 |
@property |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1168 |
def catalog(self): |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1169 |
"""A reference to the Catalog object for the publisher's |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1170 |
selected repository, or None if available.""" |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1171 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1172 |
if not self.meta_root: |
2219
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
1173 |
if self.__catalog: |
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
1174 |
return self.__catalog |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1175 |
return None |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1176 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1177 |
if not self.__catalog: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1178 |
croot = self.catalog_root |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1179 |
if not os.path.isdir(croot): |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1180 |
# Current meta_root structure is likely in |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1181 |
# a state of transition, so don't provide a |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1182 |
# meta_root. Assume that an empty catalog |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1183 |
# is desired instead. (This can happen during |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1184 |
# an image format upgrade.) |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1185 |
croot = None |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1186 |
self.__catalog = pkg.catalog.Catalog( |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1187 |
meta_root=croot) |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1188 |
return self.__catalog |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1189 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1190 |
@property |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1191 |
def catalog_root(self): |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1192 |
"""The absolute pathname of the directory containing the |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1193 |
Catalog data for the publisher, or None if meta_root is |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1194 |
not defined.""" |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1195 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1196 |
if self.meta_root: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1197 |
return os.path.join(self.meta_root, "catalog") |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1198 |
|
1087
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1199 |
def create_meta_root(self): |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1200 |
"""Create the publisher's meta_root.""" |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1201 |
|
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1202 |
if not self.meta_root: |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1203 |
raise api_errors.BadPublisherMetaRoot(self.meta_root, |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1204 |
operation="create_meta_root") |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1205 |
|
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1206 |
for path in (self.meta_root, self.catalog_root): |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1207 |
try: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1208 |
os.makedirs(path) |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1209 |
except EnvironmentError, e: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1210 |
if e.errno == errno.EACCES: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1211 |
raise api_errors.PermissionsException( |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1212 |
e.filename) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1213 |
if e.errno == errno.EROFS: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1214 |
raise api_errors.ReadOnlyFileSystemException( |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1215 |
e.filename) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1216 |
elif e.errno != errno.EEXIST: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1217 |
# If the path already exists, move on. |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1218 |
# Otherwise, raise the exception. |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1219 |
raise |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1220 |
# Optional roots not needed for all operations. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1221 |
for path in (self.cert_root, self.__origin_root, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1222 |
self.__subj_root, self.__crl_root): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1223 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1224 |
os.makedirs(path) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1225 |
except EnvironmentError, e: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1226 |
if e.errno in (errno.EACCES, errno.EROFS): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1227 |
pass |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1228 |
elif e.errno != errno.EEXIST: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1229 |
# If the path already exists, move on. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1230 |
# Otherwise, raise the exception. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1231 |
raise |
1087
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1232 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1233 |
def get_origin_sets(self): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1234 |
"""Returns a list of Repository objects representing the unique |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1235 |
groups of origins available. Each group is based on the origins |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1236 |
that share identical package catalog data.""" |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1237 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1238 |
if not self.repository or not self.repository.origins: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1239 |
# Guard against failure for publishers with no |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1240 |
# transport information. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1241 |
return [] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1242 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1243 |
if not self.meta_root or not os.path.exists(self.__origin_root): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1244 |
# No way to identify unique sets. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1245 |
return [self.repository] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1246 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1247 |
# Index origins by tuple of (catalog creation, catalog modified) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1248 |
osets = collections.defaultdict(list) |
2408
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
1249 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1250 |
for origin, opath in self.__gen_origin_paths(): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1251 |
cat = pkg.catalog.Catalog(meta_root=opath, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1252 |
read_only=True) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1253 |
if not cat.exists: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1254 |
key = None |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1255 |
else: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1256 |
key = (str(cat.created), str(cat.last_modified)) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1257 |
osets[key].append(origin) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1258 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1259 |
# Now return a list of Repository objects (copies of the |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1260 |
# currently selected one) assigning each set of origins. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1261 |
# Sort by index to ensure consistent ordering. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1262 |
rval = [] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1263 |
for k in sorted(osets): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1264 |
nrepo = copy.copy(self.repository) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1265 |
nrepo.origins = osets[k] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1266 |
rval.append(nrepo) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1267 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1268 |
return rval |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1269 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1270 |
def has_configuration(self): |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1271 |
"""Returns whether this publisher has any configuration which |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1272 |
should prevent its removal.""" |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1273 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1274 |
return bool(self.__repository.origins or |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1275 |
self.__repository.mirrors or self.__sig_policy or |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1276 |
self.approved_ca_certs or self.revoked_ca_certs) |
2408
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
1277 |
|
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1278 |
@property |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1279 |
def needs_refresh(self): |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1280 |
"""A boolean value indicating whether the publisher's |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1281 |
metadata for the currently selected repository needs to be |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1282 |
refreshed.""" |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1283 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1284 |
if not self.repository or not self.meta_root: |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1285 |
# Nowhere to obtain metadata from; this should rarely |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1286 |
# occur except during publisher initialization. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1287 |
return False |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1288 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1289 |
lc = self.last_refreshed |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1290 |
if not lc: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1291 |
# There is no record of when the publisher metadata was |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1292 |
# last refreshed, so assume it should be refreshed now. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1293 |
return True |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1294 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1295 |
ts_now = time.time() |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1296 |
ts_last = calendar.timegm(lc.utctimetuple()) |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1297 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1298 |
rs = self.repository.refresh_seconds |
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1299 |
if not rs: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1300 |
# There is no indicator of how often often publisher |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1301 |
# metadata should be refreshed, so assume it should be |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1302 |
# now. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1303 |
return True |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1304 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1305 |
if (ts_now - ts_last) >= rs: |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1306 |
# The number of seconds that has elapsed since the |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1307 |
# publisher metadata was last refreshed exceeds or |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1308 |
# equals the specified interval. |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1309 |
return True |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1310 |
return False |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
1311 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1312 |
def __get_origin_path(self, origin): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1313 |
if not os.path.exists(self.__origin_root): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1314 |
return |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1315 |
# A digest of the URI string is used here to attempt to avoid |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1316 |
# path length problems. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1317 |
return os.path.join(self.__origin_root, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1318 |
hashlib.sha1(origin.uri).hexdigest()) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1319 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1320 |
def __gen_origin_paths(self): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1321 |
if not os.path.exists(self.__origin_root): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1322 |
return |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1323 |
for origin in self.repository.origins: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1324 |
yield origin, self.__get_origin_path(origin) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1325 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1326 |
def __rebuild_catalog(self): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1327 |
"""Private helper function that builds publisher catalog based |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1328 |
on catalog from each origin.""" |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1329 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1330 |
# First, remove catalogs for any origins that no longer exist. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1331 |
ohashes = [ |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1332 |
hashlib.sha1(o.uri).hexdigest() |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1333 |
for o in self.repository.origins |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1334 |
] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1335 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1336 |
for entry in os.listdir(self.__origin_root): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1337 |
opath = os.path.join(self.__origin_root, entry) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1338 |
try: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1339 |
if entry in ohashes: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1340 |
continue |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1341 |
except Exception: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1342 |
# Discard anything that isn't an origin. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1343 |
pass |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1344 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1345 |
# Not an origin or origin no longer exists; either way, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1346 |
# it shouldn't exist here. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1347 |
try: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1348 |
if os.path.isdir(opath): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1349 |
shutil.rmtree(opath) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1350 |
else: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1351 |
portable.remove(opath) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1352 |
except EnvironmentError, e: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1353 |
raise api_errors._convert_error(e) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1354 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1355 |
# Discard existing catalog. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1356 |
self.catalog.destroy() |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1357 |
self.__catalog = None |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1358 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1359 |
# Ensure all old catalog files are removed. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1360 |
for entry in os.listdir(self.catalog_root): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1361 |
if entry == "attrs" or entry == "catalog" or \ |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1362 |
entry.startswith("catalog."): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1363 |
try: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1364 |
portable.remove(os.path.join( |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1365 |
self.catalog_root, entry)) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1366 |
except EnvironmentError, e: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1367 |
raise apx._convert_error(e) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1368 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1369 |
# If there's only one origin, then just symlink its catalog |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1370 |
# files into place. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1371 |
opaths = [entry for entry in self.__gen_origin_paths()] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1372 |
if len(opaths) == 1: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1373 |
opath = opaths[0][1] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1374 |
for fname in os.listdir(opath): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1375 |
if fname.startswith("catalog."): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1376 |
src = os.path.join(opath, fname) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1377 |
dest = os.path.join(self.catalog_root, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1378 |
fname) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1379 |
os.symlink(misc.relpath(src, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1380 |
self.catalog_root), dest) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1381 |
return |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1382 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1383 |
# If there's more than one origin, then create a new catalog |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1384 |
# based on a composite of the catalogs for all origins. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1385 |
ncat = pkg.catalog.Catalog(batch_mode=True, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1386 |
meta_root=self.catalog_root, sign=False) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1387 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1388 |
# Mark all operations as occurring at this time. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1389 |
op_time = dt.datetime.utcnow() |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1390 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1391 |
# Copied from pkg.client.image.Image to avoid circular |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1392 |
# dependency. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1393 |
PKG_STATE_V0 = 6 |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1394 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1395 |
for origin, opath in opaths: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1396 |
src_cat = pkg.catalog.Catalog(meta_root=opath, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1397 |
read_only=True) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1398 |
for name in src_cat.parts: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1399 |
spart = src_cat.get_part(name, must_exist=True) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1400 |
if spart is None: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1401 |
# Client hasn't retrieved this part. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1402 |
continue |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1403 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1404 |
npart = ncat.get_part(name) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1405 |
base = name.startswith("catalog.base.") |
2408
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
1406 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1407 |
# Avoid accessor overhead since these will be |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1408 |
# used for every entry. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1409 |
cat_ver = src_cat.version |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1410 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1411 |
for t, sentry in spart.tuple_entries( |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1412 |
pubs=[self.prefix]): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1413 |
pub, stem, ver = t |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1414 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1415 |
entry = dict(sentry.iteritems()) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1416 |
try: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1417 |
npart.add(metadata=entry, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1418 |
op_time=op_time, pub=pub, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1419 |
stem=stem, ver=ver) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1420 |
except api_errors.DuplicateCatalogEntry: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1421 |
if not base: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1422 |
# Don't care. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1423 |
continue |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1424 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1425 |
# Destination entry is in |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1426 |
# catalog already. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1427 |
entry = npart.get_entry( |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1428 |
pub=pub, stem=stem, ver=ver) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1429 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1430 |
src_sigs = set( |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1431 |
s |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1432 |
for s in sentry |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1433 |
if s.startswith("signature-") |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1434 |
) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1435 |
dest_sigs = set( |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1436 |
s |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1437 |
for s in entry |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1438 |
if s.startswith("signature-") |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1439 |
) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1440 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1441 |
if src_sigs != dest_sigs: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1442 |
# Ignore any packages |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1443 |
# that are different |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1444 |
# from the first |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1445 |
# encountered for this |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1446 |
# package version. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1447 |
# The client expects |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1448 |
# these to always be |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1449 |
# the same. This seems |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1450 |
# saner than failing. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1451 |
continue |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1452 |
else: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1453 |
if not base: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1454 |
# Nothing to do. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1455 |
continue |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1456 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1457 |
# Destination entry is one just |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1458 |
# added. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1459 |
entry["metadata"] = { |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1460 |
"sources": [], |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1461 |
"states": [], |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1462 |
} |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1463 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1464 |
entry["metadata"]["sources"].append( |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1465 |
origin.uri) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1466 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1467 |
states = entry["metadata"]["states"] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1468 |
if src_cat.version == 0: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1469 |
states.append(PKG_STATE_V0) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1470 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1471 |
# Now go back and trim each entry to minimize footprint. This |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1472 |
# ensures each package entry only has state and source info |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1473 |
# recorded when needed. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1474 |
for t, entry in ncat.tuple_entries(): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1475 |
pub, stem, ver = t |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1476 |
mdata = entry["metadata"] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1477 |
if len(mdata["sources"]) == len(opaths): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1478 |
# Package is available from all origins, so |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1479 |
# there's no need to require which ones |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1480 |
# have it. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1481 |
del mdata["sources"] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1482 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1483 |
if len(mdata["states"]) < len(opaths): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1484 |
# At least one source is not V0, so the lazy- |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1485 |
# load fallback for the package metadata isn't |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1486 |
# needed. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1487 |
del mdata["states"] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1488 |
elif len(mdata["states"]) > 1: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1489 |
# Ensure only one instance of state value. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1490 |
mdata["states"] = [PKG_STATE_V0] |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1491 |
if not mdata: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1492 |
mdata = None |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1493 |
ncat.update_entry(mdata, pub=pub, stem=stem, ver=ver) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1494 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1495 |
# Finally, write out publisher catalog. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1496 |
ncat.batch_mode = False |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1497 |
ncat.finalize() |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1498 |
ncat.save() |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1499 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1500 |
def __convert_v0_catalog(self, v0_cat, v1_root): |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1501 |
"""Transforms the contents of the provided version 0 Catalog |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1502 |
into a version 1 Catalog, replacing the current Catalog.""" |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1503 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1504 |
v0_lm = v0_cat.last_modified() |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1505 |
if v0_lm: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1506 |
# last_modified can be none if the catalog is empty. |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1507 |
v0_lm = pkg.catalog.ts_to_datetime(v0_lm) |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1508 |
|
1358
6fec8fbc15a6
11324 package state written to parent boot environment during image-update
Shawn Walker <srw@sun.com>
parents:
1352
diff
changeset
|
1509 |
# There's no point in signing this catalog since it's simply |
6fec8fbc15a6
11324 package state written to parent boot environment during image-update
Shawn Walker <srw@sun.com>
parents:
1352
diff
changeset
|
1510 |
# a transformation of a v0 catalog. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1511 |
v1_cat = pkg.catalog.Catalog(batch_mode=True, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1512 |
meta_root=v1_root, sign=False) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1513 |
|
1358
6fec8fbc15a6
11324 package state written to parent boot environment during image-update
Shawn Walker <srw@sun.com>
parents:
1352
diff
changeset
|
1514 |
# A check for a previous non-zero package count is made to |
6fec8fbc15a6
11324 package state written to parent boot environment during image-update
Shawn Walker <srw@sun.com>
parents:
1352
diff
changeset
|
1515 |
# determine whether the last_modified date alone can be |
6fec8fbc15a6
11324 package state written to parent boot environment during image-update
Shawn Walker <srw@sun.com>
parents:
1352
diff
changeset
|
1516 |
# relied on. This works around some oddities with empty |
6fec8fbc15a6
11324 package state written to parent boot environment during image-update
Shawn Walker <srw@sun.com>
parents:
1352
diff
changeset
|
1517 |
# v0 catalogs. |
1606
7966bbfe38b7
13457 pkg refresh can fail for v0 repository with duplicate entry error
Shawn Walker <srw@sun.com>
parents:
1604
diff
changeset
|
1518 |
try: |
7966bbfe38b7
13457 pkg refresh can fail for v0 repository with duplicate entry error
Shawn Walker <srw@sun.com>
parents:
1604
diff
changeset
|
1519 |
# Could be 'None' |
7966bbfe38b7
13457 pkg refresh can fail for v0 repository with duplicate entry error
Shawn Walker <srw@sun.com>
parents:
1604
diff
changeset
|
1520 |
n0_pkgs = int(v0_cat.npkgs()) |
7966bbfe38b7
13457 pkg refresh can fail for v0 repository with duplicate entry error
Shawn Walker <srw@sun.com>
parents:
1604
diff
changeset
|
1521 |
except (TypeError, ValueError): |
7966bbfe38b7
13457 pkg refresh can fail for v0 repository with duplicate entry error
Shawn Walker <srw@sun.com>
parents:
1604
diff
changeset
|
1522 |
n0_pkgs = 0 |
7966bbfe38b7
13457 pkg refresh can fail for v0 repository with duplicate entry error
Shawn Walker <srw@sun.com>
parents:
1604
diff
changeset
|
1523 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1524 |
if v1_cat.exists and n0_pkgs != v1_cat.package_version_count: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1525 |
if v0_lm == v1_cat.last_modified: |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1526 |
# Already converted. |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1527 |
return |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1528 |
# Simply rebuild the entire v1 catalog every time, this |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1529 |
# avoids many of the problems that could happen due to |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1530 |
# deficiencies in the v0 implementation. |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1531 |
v1_cat.destroy() |
1606
7966bbfe38b7
13457 pkg refresh can fail for v0 repository with duplicate entry error
Shawn Walker <srw@sun.com>
parents:
1604
diff
changeset
|
1532 |
self.__catalog = None |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1533 |
v1_cat = pkg.catalog.Catalog(meta_root=v1_root, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1534 |
sign=False) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1535 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1536 |
# Now populate the v1 Catalog with the v0 Catalog's data. |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1537 |
for f in v0_cat.fmris(): |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1538 |
v1_cat.add_package(f) |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1539 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1540 |
# Normally, the Catalog's attributes are automatically |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1541 |
# populated as a result of catalog operations. But in |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1542 |
# this case, we want the v1 Catalog's attributes to |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1543 |
# match those of the v0 catalog. |
1369
e86145680c34
11359 catalog should offer lazy-load mechanism for action metadata
Shawn Walker <srw@sun.com>
parents:
1358
diff
changeset
|
1544 |
v1_cat.last_modified = v0_lm |
e86145680c34
11359 catalog should offer lazy-load mechanism for action metadata
Shawn Walker <srw@sun.com>
parents:
1358
diff
changeset
|
1545 |
|
e86145680c34
11359 catalog should offer lazy-load mechanism for action metadata
Shawn Walker <srw@sun.com>
parents:
1358
diff
changeset
|
1546 |
# While this is a v1 catalog format-wise, v0 data is stored. |
e86145680c34
11359 catalog should offer lazy-load mechanism for action metadata
Shawn Walker <srw@sun.com>
parents:
1358
diff
changeset
|
1547 |
# This allows consumers to be aware that certain data won't be |
e86145680c34
11359 catalog should offer lazy-load mechanism for action metadata
Shawn Walker <srw@sun.com>
parents:
1358
diff
changeset
|
1548 |
# available in this catalog (such as dependencies, etc.). |
e86145680c34
11359 catalog should offer lazy-load mechanism for action metadata
Shawn Walker <srw@sun.com>
parents:
1358
diff
changeset
|
1549 |
v1_cat.version = 0 |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1550 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1551 |
# Finally, save the new Catalog, and replace the old in-memory |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1552 |
# catalog. |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1553 |
v1_cat.batch_mode = False |
1549
cc81f5023603
13110 image catalog rebuild could be faster
Shawn Walker <srw@sun.com>
parents:
1516
diff
changeset
|
1554 |
v1_cat.finalize() |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1555 |
v1_cat.save() |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1556 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1557 |
def __refresh_v0(self, croot, full_refresh, immediate, repo): |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1558 |
"""The method to refresh the publisher's metadata against |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1559 |
a catalog/0 source. If the more recent catalog/1 version |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1560 |
isn't supported, this routine gets invoked as a fallback. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1561 |
Returns a tuple of (changed, refreshed) where 'changed' |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1562 |
indicates whether new catalog data was found and 'refreshed' |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1563 |
indicates that catalog data was actually retrieved to determine |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1564 |
if there were any updates.""" |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1565 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1566 |
if full_refresh: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1567 |
immediate = True |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1568 |
|
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1569 |
# Catalog needs v0 -> v1 transformation if repository only |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1570 |
# offers v0 catalog. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1571 |
v0_cat = old_catalog.ServerCatalog(croot, read_only=True, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1572 |
publisher=self.prefix) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1573 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1574 |
new_cat = True |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1575 |
v0_lm = None |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1576 |
if v0_cat.exists: |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1577 |
repo = self.repository |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1578 |
if full_refresh or v0_cat.origin() not in repo.origins: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1579 |
try: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1580 |
v0_cat.destroy(root=croot) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1581 |
except EnvironmentError, e: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1582 |
if e.errno == errno.EACCES: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1583 |
raise api_errors.PermissionsException( |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1584 |
e.filename) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1585 |
if e.errno == errno.EROFS: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1586 |
raise api_errors.ReadOnlyFileSystemException( |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1587 |
e.filename) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1588 |
raise |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1589 |
immediate = True |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1590 |
else: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1591 |
new_cat = False |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1592 |
v0_lm = v0_cat.last_modified() |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1593 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1594 |
if not immediate and not self.needs_refresh: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1595 |
# No refresh needed. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1596 |
return False, False |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1597 |
|
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1598 |
import pkg.updatelog as old_ulog |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1599 |
try: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1600 |
# Note that this currently retrieves a v0 catalog that |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1601 |
# has to be converted to v1 format. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1602 |
self.transport.get_catalog(self, v0_lm, path=croot, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1603 |
alt_repo=repo) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1604 |
except old_ulog.UpdateLogException: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1605 |
# If an incremental update fails, attempt a full |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1606 |
# catalog retrieval instead. |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1607 |
try: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1608 |
v0_cat.destroy(root=croot) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1609 |
except EnvironmentError, e: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1610 |
if e.errno == errno.EACCES: |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1611 |
raise api_errors.PermissionsException( |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1612 |
e.filename) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1613 |
if e.errno == errno.EROFS: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1614 |
raise api_errors.ReadOnlyFileSystemException( |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1615 |
e.filename) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1616 |
raise |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1617 |
self.transport.get_catalog(self, path=croot, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1618 |
alt_repo=repo) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1619 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1620 |
v0_cat = pkg.server.catalog.ServerCatalog(croot, read_only=True, |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1621 |
publisher=self.prefix) |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1622 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1623 |
self.__convert_v0_catalog(v0_cat, croot) |
1352
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1624 |
if new_cat or v0_lm != v0_cat.last_modified(): |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1625 |
# If the catalog was rebuilt, or the timestamp of the |
5c92c9d342ef
11065 client v1 catalog support for v0 catalogs
Shawn Walker <srw@sun.com>
parents:
1254
diff
changeset
|
1626 |
# catalog changed, then an update has occurred. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1627 |
return True, True |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1628 |
return False, True |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1629 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1630 |
def __refresh_v1(self, croot, tempdir, full_refresh, immediate, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1631 |
mismatched, repo): |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1632 |
"""The method to refresh the publisher's metadata against |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1633 |
a catalog/1 source. If the more recent catalog/1 version |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1634 |
isn't supported, __refresh_v0 is invoked as a fallback. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1635 |
Returns a tuple of (changed, refreshed) where 'changed' |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1636 |
indicates whether new catalog data was found and 'refreshed' |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1637 |
indicates that catalog data was actually retrieved to determine |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1638 |
if there were any updates.""" |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1639 |
|
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1640 |
# If full_refresh is True, then redownload should be True to |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1641 |
# ensure a non-cached version of the catalog is retrieved. |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1642 |
# If full_refresh is False, but mismatched is True, then |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1643 |
# the retrieval requests should indicate that content should |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1644 |
# be revalidated before being returned. Note that this |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1645 |
# only applies to the catalog v1 case. |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1646 |
redownload = full_refresh |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1647 |
revalidate = not redownload and mismatched |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1648 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1649 |
v1_cat = pkg.catalog.Catalog(meta_root=croot) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1650 |
try: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1651 |
self.transport.get_catalog1(self, ["catalog.attrs"], |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1652 |
path=tempdir, redownload=redownload, |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1653 |
revalidate=revalidate, alt_repo=repo) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1654 |
except api_errors.UnsupportedRepositoryOperation: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1655 |
# No v1 catalogs available. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1656 |
if v1_cat.exists: |
1449
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
1657 |
# Ensure v1 -> v0 transition works right. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1658 |
v1_cat.destroy() |
1449
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
1659 |
self.__catalog = None |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1660 |
return self.__refresh_v0(croot, full_refresh, immediate, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1661 |
repo) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1662 |
|
1449
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
1663 |
# If a v0 catalog is present, remove it before proceeding to |
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
1664 |
# ensure transitions between catalog versions work correctly. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1665 |
v0_cat = old_catalog.ServerCatalog(croot, read_only=True, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1666 |
publisher=self.prefix) |
1449
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
1667 |
if v0_cat.exists: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1668 |
v0_cat.destroy(root=croot) |
1449
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
1669 |
|
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
1670 |
# If above succeeded, we now have a catalog.attrs file. Parse |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1671 |
# this to determine what other constituent parts need to be |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1672 |
# downloaded. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1673 |
flist = [] |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1674 |
if not full_refresh and v1_cat.exists: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1675 |
flist = v1_cat.get_updates_needed(tempdir) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1676 |
if flist == None: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1677 |
return False, True |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1678 |
else: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1679 |
attrs = pkg.catalog.CatalogAttrs(meta_root=tempdir) |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1680 |
for name in attrs.parts: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1681 |
locale = name.split(".", 2)[2] |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1682 |
# XXX Skip parts that aren't in the C locale for |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1683 |
# now. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1684 |
if locale != "C": |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1685 |
continue |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1686 |
flist.append(name) |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1687 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1688 |
if flist: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1689 |
# More catalog files to retrieve. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1690 |
try: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1691 |
self.transport.get_catalog1(self, flist, |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1692 |
path=tempdir, redownload=redownload, |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1693 |
revalidate=revalidate, alt_repo=repo) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1694 |
except api_errors.UnsupportedRepositoryOperation: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1695 |
# Couldn't find a v1 catalog after getting one |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1696 |
# before. This would be a bizzare error, but we |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1697 |
# can try for a v0 catalog anyway. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1698 |
return self.__refresh_v0(croot, full_refresh, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1699 |
immediate, repo) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1700 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1701 |
# Clear __catalog, so we'll read in the new catalog. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1702 |
self.__catalog = None |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1703 |
v1_cat = pkg.catalog.Catalog(meta_root=croot) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1704 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1705 |
# At this point the client should have a set of the constituent |
1449
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
1706 |
# pieces that are necessary to construct a catalog. If a |
a721d9b0aad2
12273 client catalog can mis-merge state information / lazy-load can fail
Shawn Walker <srw@sun.com>
parents:
1431
diff
changeset
|
1707 |
# catalog already exists, call apply_updates. Otherwise, |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1708 |
# move the files to the appropriate location. |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1709 |
validate = False |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1710 |
if not full_refresh and v1_cat.exists: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1711 |
v1_cat.apply_updates(tempdir) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1712 |
else: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1713 |
if v1_cat.exists: |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1714 |
# This is a full refresh. Destroy |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1715 |
# the existing catalog. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1716 |
v1_cat.destroy() |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1717 |
|
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1718 |
for fn in os.listdir(tempdir): |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1719 |
srcpath = os.path.join(tempdir, fn) |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1720 |
dstpath = os.path.join(croot, fn) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1721 |
pkg.portable.rename(srcpath, dstpath) |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1722 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1723 |
# Apply_updates validates the newly constructed catalog. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1724 |
# If refresh didn't call apply_updates, arrange to |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1725 |
# have the new catalog validated. |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1726 |
validate = True |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1727 |
|
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1728 |
if validate: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1729 |
try: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1730 |
v1_cat = pkg.catalog.Catalog(meta_root=croot) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1731 |
v1_cat.validate() |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1732 |
except api_errors.BadCatalogSignatures: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1733 |
# If signature validation fails here, that means |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1734 |
# that the attributes and individual parts were |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1735 |
# self-consistent and not corrupt, but that the |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1736 |
# attributes and parts didn't match. This could |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1737 |
# be the result of a broken source providing |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1738 |
# an attributes file that is much older or newer |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1739 |
# than the catalog parts being provided. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1740 |
v1_cat.destroy() |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1741 |
raise api_errors.MismatchedCatalog(self.prefix) |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1742 |
return True, True |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1743 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1744 |
def __refresh_origin(self, croot, full_refresh, immediate, mismatched, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1745 |
origin): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1746 |
"""Private helper method used to refresh catalog data for each |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1747 |
origin. Returns a tuple of (changed, refreshed) where 'changed' |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1748 |
indicates whether new catalog data was found and 'refreshed' |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1749 |
indicates that catalog data was actually retrieved to determine |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1750 |
if there were any updates.""" |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1751 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1752 |
# Create a copy of the current repository object that only |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1753 |
# contains the origin specified. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1754 |
repo = copy.copy(self.repository) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1755 |
repo.origins = [origin] |
2219
60ad60f7592c
2152 standalone package support needed (on-disk format)
Shawn Walker <shawn.walker@oracle.com>
parents:
2215
diff
changeset
|
1756 |
|
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1757 |
# Create temporary directory for assembly of catalog pieces. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1758 |
try: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1759 |
misc.makedirs(croot) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1760 |
tempdir = tempfile.mkdtemp(dir=croot) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1761 |
except EnvironmentError, e: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1762 |
if e.errno == errno.EACCES: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1763 |
raise api_errors.PermissionsException( |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1764 |
e.filename) |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1765 |
if e.errno == errno.EROFS: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1766 |
raise api_errors.ReadOnlyFileSystemException( |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1767 |
e.filename) |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1768 |
raise |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1769 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1770 |
# Ensure that the temporary directory gets removed regardless |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1771 |
# of success or failure. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1772 |
try: |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1773 |
rval = self.__refresh_v1(croot, tempdir, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1774 |
full_refresh, immediate, mismatched, repo) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1775 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1776 |
# Perform publisher metadata sanity checks. |
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1777 |
self.__validate_metadata(croot, repo) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1778 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1779 |
return rval |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1780 |
finally: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1781 |
# Cleanup tempdir. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1782 |
shutil.rmtree(tempdir, True) |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1783 |
|
2352
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1784 |
def __refresh(self, full_refresh, immediate, mismatched=False): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1785 |
"""The method to handle the overall refresh process. It |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1786 |
determines if a refresh is actually needed, and then calls |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1787 |
the first version-specific refresh method in the chain.""" |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1788 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1789 |
assert self.transport |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1790 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1791 |
if full_refresh: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1792 |
immediate = True |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1793 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1794 |
for origin, opath in self.__gen_origin_paths(): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1795 |
misc.makedirs(opath) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1796 |
cat = pkg.catalog.Catalog(meta_root=opath, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1797 |
read_only=True) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1798 |
if not cat.exists: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1799 |
# If a catalog hasn't been retrieved for |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1800 |
# any of the origins, then a refresh is |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1801 |
# needed now. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1802 |
immediate = True |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1803 |
break |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1804 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1805 |
# Ensure consistent directory structure. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1806 |
self.create_meta_root() |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1807 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1808 |
# Check if we already have a v1 catalog on disk. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1809 |
if not full_refresh and self.catalog.exists: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1810 |
# If catalog is on disk, check if refresh is necessary. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1811 |
if not immediate and not self.needs_refresh: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1812 |
# No refresh needed. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1813 |
return False |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1814 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1815 |
any_changed = False |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1816 |
any_refreshed = False |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1817 |
for origin, opath in self.__gen_origin_paths(): |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1818 |
changed, refreshed = self.__refresh_origin(opath, |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1819 |
full_refresh, immediate, mismatched, origin) |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1820 |
if changed: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1821 |
any_changed = True |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1822 |
if refreshed: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1823 |
any_refreshed = True |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1824 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1825 |
if any_refreshed: |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1826 |
# Update refresh time. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1827 |
self.last_refreshed = dt.datetime.utcnow() |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1828 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1829 |
# Finally, build a new catalog for this publisher based on a |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1830 |
# composite of the catalogs from all origins. |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1831 |
self.__rebuild_catalog() |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1832 |
|
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1833 |
return any_changed |
3c17f86cd994
18105 api should support multiple repositories (origins) with different package data
Shawn Walker <shawn.walker@oracle.com>
parents:
2310
diff
changeset
|
1834 |
|
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1835 |
def refresh(self, full_refresh=False, immediate=False): |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1836 |
"""Refreshes the publisher's metadata, returning a boolean |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1837 |
value indicating whether any updates to the publisher's |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1838 |
metadata occurred. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1839 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1840 |
'full_refresh' is an optional boolean value indicating whether |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1841 |
a full retrieval of publisher metadata (e.g. catalogs) or only |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1842 |
an update to the existing metadata should be performed. When |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1843 |
True, 'immediate' is also set to True. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1844 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1845 |
'immediate' is an optional boolean value indicating whether |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1846 |
a refresh should occur now. If False, a publisher's selected |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1847 |
repository will be checked for updates only if needs_refresh |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1848 |
is True.""" |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1849 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1850 |
try: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1851 |
return self.__refresh(full_refresh, immediate) |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1852 |
except (api_errors.BadCatalogUpdateIdentity, |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1853 |
api_errors.DuplicateCatalogEntry, |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1854 |
api_errors.ObsoleteCatalogUpdate, |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1855 |
api_errors.UnknownUpdateType): |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1856 |
if full_refresh: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1857 |
# Completely unexpected failure. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1858 |
# These exceptions should never |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1859 |
# be raised for a full refresh |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1860 |
# case anyway, so the error should |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1861 |
# definitely be raised. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1862 |
raise |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1863 |
|
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1864 |
# The incremental update likely failed for one or |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1865 |
# more of the following reasons: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1866 |
# |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1867 |
# * The origin for the publisher has changed. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1868 |
# |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1869 |
# * The catalog that the publisher is offering |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1870 |
# is now completely different (due to a restore |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1871 |
# from backup or --rebuild possibly). |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1872 |
# |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1873 |
# * The catalog that the publisher is offering |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1874 |
# has been restored to an older version, and |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1875 |
# packages that already exist in this client's |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1876 |
# copy of the catalog have been re-addded. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1877 |
# |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1878 |
# * The type of incremental update operation that |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1879 |
# that was performed on the catalog isn't supported |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1880 |
# by this version of the client, so a full retrieval |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1881 |
# is required. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1882 |
# |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1883 |
return self.__refresh(True, True) |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1884 |
except api_errors.MismatchedCatalog: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1885 |
if full_refresh: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1886 |
# If this was a full refresh, don't bother |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1887 |
# retrying as it implies that the content |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1888 |
# retrieved wasn't cached. |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1889 |
raise |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1890 |
|
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1891 |
# Retrieval of the catalog attributes and/or parts was |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1892 |
# successful, but the identity (digest or other |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1893 |
# information) didn't match the catalog attributes. |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1894 |
# This could be the result of a misbehaving or stale |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1895 |
# cache. |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1896 |
return self.__refresh(False, True, mismatched=True) |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1897 |
except (api_errors.BadCatalogSignatures, |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1898 |
api_errors.InvalidCatalogFile): |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1899 |
# Assembly of the catalog failed, but this could be due |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1900 |
# to a transient error. So, retry at least once more. |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1901 |
return self.__refresh(True, True) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1902 |
except (api_errors.BadCatalogSignatures, |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1903 |
api_errors.InvalidCatalogFile): |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1904 |
# Assembly of the catalog failed, but this could be due |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1905 |
# to a transient error. So, retry at least once more. |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1906 |
return self.__refresh(True, True) |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1907 |
|
1087
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1908 |
def remove_meta_root(self): |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1909 |
"""Removes the publisher's meta_root.""" |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1910 |
|
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1911 |
if not self.meta_root: |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1912 |
raise api_errors.BadPublisherMetaRoot(self.meta_root, |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1913 |
operation="remove_meta_root") |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1914 |
|
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1915 |
try: |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1916 |
shutil.rmtree(self.meta_root) |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1917 |
except EnvironmentError, e: |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1918 |
if e.errno == errno.EACCES: |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1919 |
raise api_errors.PermissionsException( |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1920 |
e.filename) |
1431
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1921 |
if e.errno == errno.EROFS: |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1922 |
raise api_errors.ReadOnlyFileSystemException( |
62b6033670e4
10416 server catalog v1 support desired
Shawn Walker <srw@sun.com>
parents:
1369
diff
changeset
|
1923 |
e.filename) |
1087
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1924 |
if e.errno not in (errno.ENOENT, errno.ESRCH): |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1925 |
raise |
293c0aa5f32e
8214 load_catalogs should only load catalog data when needed
Shawn Walker <srw@sun.com>
parents:
996
diff
changeset
|
1926 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1927 |
def reset_client_uuid(self): |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1928 |
"""Replaces the current client_uuid with a new UUID.""" |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1929 |
|
1516
8c950a3b4171
10485 move pkg(5) to Python 2.6
Rich Burridge <rich.burridge@sun.com>
parents:
1505
diff
changeset
|
1930 |
self.__client_uuid = str(uuid.uuid1()) |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
1931 |
|
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1932 |
def validate_config(self, repo_uri=None): |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1933 |
"""Verify that the publisher's configuration (such as prefix) |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1934 |
matches that provided by the repository. If the configuration |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1935 |
does not match as expected, an UnknownRepositoryPublishers |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1936 |
exception will be raised. |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1937 |
|
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1938 |
'repo_uri' is an optional RepositoryURI object or URI string |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1939 |
containing the location of the repository. If not provided, |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1940 |
the publisher's repository will be used instead.""" |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1941 |
|
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1942 |
if repo_uri and not isinstance(repo_uri, RepositoryURI): |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1943 |
repo = RepositoryURI(repo_uri) |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1944 |
elif not repo_uri: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1945 |
# Transport actually allows both type of objects. |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1946 |
repo = self |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1947 |
else: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1948 |
repo = repo_uri |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1949 |
|
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1950 |
pubs = None |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1951 |
try: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1952 |
pubs = self.transport.get_publisherdata(repo) |
2028
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
1953 |
except (api_errors.TransportError, |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
1954 |
api_errors.UnsupportedRepositoryOperation): |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
1955 |
# Nothing more can be done (because the target origin |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
1956 |
# can't be contacted, or beacuse it doesn't support |
b2c674e6ee28
16744 repository multi-publisher on-disk format should be formalized and implemented
Shawn Walker <shawn.walker@oracle.com>
parents:
2026
diff
changeset
|
1957 |
# retrievel of publisher configuration data). |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1958 |
return |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1959 |
|
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1960 |
if not pubs: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1961 |
raise api_errors.RepoPubConfigUnavailable( |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1962 |
location=repo_uri, pub=self) |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1963 |
|
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1964 |
if self.prefix not in pubs: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1965 |
known = [p.prefix for p in pubs] |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1966 |
if repo_uri: |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1967 |
raise api_errors.UnknownRepositoryPublishers( |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1968 |
known=known, unknown=[self.prefix], |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1969 |
location=repo_uri) |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1970 |
raise api_errors.UnknownRepositoryPublishers( |
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1971 |
known=known, unknown=[self.prefix], |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1972 |
origins=self.repository.origins) |
2022
40fbda1e14b7
16715 publisher refresh should validate retrieved catalog parts using catalog attributes
Shawn Walker <shawn.walker@oracle.com>
parents:
1968
diff
changeset
|
1973 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1974 |
def approve_ca_cert(self, cert): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1975 |
"""Add the cert as a CA for manifest signing for this publisher. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1976 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1977 |
The 'cert' parameter is a string of the certificate to add. |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
1978 |
""" |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1979 |
|
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
1980 |
hsh = self.__add_cert(cert) |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
1981 |
# If the user had previously revoked this certificate, remove |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1982 |
# the certificate from that list. |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
1983 |
if hsh in self.revoked_ca_certs: |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1984 |
t = set(self.revoked_ca_certs) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1985 |
t.remove(hsh) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1986 |
self.revoked_ca_certs = list(t) |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
1987 |
self.approved_ca_certs.append(hsh) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1988 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1989 |
def revoke_ca_cert(self, s): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1990 |
"""Record that the cert with hash 's' is no longer trusted |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1991 |
as a CA. This method currently assumes it's only invoked as |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1992 |
a result of user action.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1993 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1994 |
self.revoked_ca_certs.append(s) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1995 |
self.revoked_ca_certs = list(set( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1996 |
self.revoked_ca_certs)) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1997 |
if s in self.approved_ca_certs: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1998 |
t = set(self.approved_ca_certs) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
1999 |
t.remove(s) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2000 |
self.approved_ca_certs = list(t) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2001 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2002 |
def unset_ca_cert(self, s): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2003 |
"""If the cert with hash 's' has been added or removed by the |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2004 |
user, undo the add or removal.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2005 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2006 |
if s in self.approved_ca_certs: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2007 |
t = set(self.approved_ca_certs) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2008 |
t.remove(s) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2009 |
self.approved_ca_certs = list(t) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2010 |
if s in self.revoked_ca_certs: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2011 |
t = set(self.revoked_ca_certs) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2012 |
t.remove(s) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2013 |
self.revoked_ca_certs = list(t) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2014 |
|
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2015 |
@staticmethod |
2414
ce704b29a50c
18464 revoka-ca-cert needs a rethink
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2408
diff
changeset
|
2016 |
def __hash_cert(c): |
ce704b29a50c
18464 revoka-ca-cert needs a rethink
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2408
diff
changeset
|
2017 |
return hashlib.sha1(c.as_pem()).hexdigest() |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2018 |
|
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2019 |
def __add_cert(self, s): |
2414
ce704b29a50c
18464 revoka-ca-cert needs a rethink
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2408
diff
changeset
|
2020 |
"""Add the pem representation of the certificate stored as a |
ce704b29a50c
18464 revoka-ca-cert needs a rethink
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2408
diff
changeset
|
2021 |
string in 's' to the certificates this publisher knows about.""" |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2022 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2023 |
self.create_meta_root() |
2414
ce704b29a50c
18464 revoka-ca-cert needs a rethink
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2408
diff
changeset
|
2024 |
try: |
ce704b29a50c
18464 revoka-ca-cert needs a rethink
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2408
diff
changeset
|
2025 |
cert = m2.X509.load_cert_string(s) |
ce704b29a50c
18464 revoka-ca-cert needs a rethink
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2408
diff
changeset
|
2026 |
except m2.X509.X509Error, e: |
ce704b29a50c
18464 revoka-ca-cert needs a rethink
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2408
diff
changeset
|
2027 |
raise api_errors.BadFileFormat(_("The file with hash " |
ce704b29a50c
18464 revoka-ca-cert needs a rethink
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2408
diff
changeset
|
2028 |
"%s was expected to be a PEM certificate but it " |
ce704b29a50c
18464 revoka-ca-cert needs a rethink
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2408
diff
changeset
|
2029 |
"could not be read.") % pkg_hash) |
ce704b29a50c
18464 revoka-ca-cert needs a rethink
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2408
diff
changeset
|
2030 |
pkg_hash = self.__hash_cert(cert) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2031 |
pkg_hash_pth = os.path.join(self.cert_root, pkg_hash) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2032 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2033 |
with open(pkg_hash_pth, "wb") as fh: |
2414
ce704b29a50c
18464 revoka-ca-cert needs a rethink
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2408
diff
changeset
|
2034 |
fh.write(cert.as_pem()) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2035 |
except EnvironmentError, e: |
2073
9fcacc9e5eaa
16998 transport should support publisher-specific write and read caches
Shawn Walker <shawn.walker@oracle.com>
parents:
2028
diff
changeset
|
2036 |
raise api_errors._convert_error(e) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2037 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2038 |
# Note that while we store certs by their subject hashes, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2039 |
# M2Crypto's subject hashes differ from what openssl reports |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2040 |
# the subject hash to be. |
2414
ce704b29a50c
18464 revoka-ca-cert needs a rethink
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2408
diff
changeset
|
2041 |
subj_hsh = cert.get_subject().as_hash() |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2042 |
c = 0 |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2043 |
made_link = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2044 |
while not made_link: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2045 |
fn = os.path.join(self.__subj_root, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2046 |
"%s.%s" % (subj_hsh, c)) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2047 |
if os.path.exists(fn): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2048 |
c += 1 |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2049 |
else: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2050 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2051 |
portable.link(pkg_hash_pth, fn) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2052 |
except EnvironmentError, e: |
2073
9fcacc9e5eaa
16998 transport should support publisher-specific write and read caches
Shawn Walker <shawn.walker@oracle.com>
parents:
2028
diff
changeset
|
2053 |
raise api_errors._convert_error(e) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2054 |
made_link = True |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2055 |
return pkg_hash |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2056 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2057 |
def get_cert_by_hash(self, pkg_hash, verify_hash=False, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2058 |
only_retrieve=False): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2059 |
"""Given a pkg5 hash, retrieve the cert that's associated with |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2060 |
it. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2061 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2062 |
The 'pkg_hash' parameter contains the file hash of the |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2063 |
certificate to retrieve. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2064 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2065 |
The 'verify_hash' parameter determines the file that's read |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2066 |
from disk matches the expected hash. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2067 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2068 |
The 'only_retrieve' parameter determines whether a X509 object |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2069 |
is built from the certificate retrieved or if the certificate |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2070 |
is only stored on disk. """ |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2071 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2072 |
assert not (verify_hash and only_retrieve) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2073 |
pth = os.path.join(self.cert_root, pkg_hash) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2074 |
if not os.path.exists(pth): |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2075 |
self.__add_cert(self.transport.get_content(self, |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2076 |
pkg_hash)) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2077 |
if only_retrieve: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2078 |
return None |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2079 |
with open(pth, "rb") as fh: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2080 |
s = fh.read() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2081 |
c = m2.X509.load_cert_string(s) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2082 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2083 |
if verify_hash: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2084 |
h = misc.get_data_digest(cStringIO.StringIO(s), |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2085 |
length=len(s))[0] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2086 |
if h != pkg_hash: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2087 |
raise api_errors.ModifiedCertificateException(c, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2088 |
pth) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2089 |
return c |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2090 |
|
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2091 |
def __get_certs_by_name(self, name): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2092 |
"""Given 'name', a M2Crypto X509_Name, return the certs with |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2093 |
that name as a subject.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2094 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2095 |
res = [] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2096 |
c = 0 |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2097 |
name_hsh = name.as_hash() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2098 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2099 |
while True: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2100 |
pth = os.path.join(self.__subj_root, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2101 |
"%s.%s" % (name_hsh, c)) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2102 |
cert = m2.X509.load_cert(pth) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2103 |
res.append(cert) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2104 |
c += 1 |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2105 |
except EnvironmentError, e: |
2073
9fcacc9e5eaa
16998 transport should support publisher-specific write and read caches
Shawn Walker <shawn.walker@oracle.com>
parents:
2028
diff
changeset
|
2106 |
t = api_errors._convert_error(e, |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2107 |
[errno.ENOENT]) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2108 |
if t: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2109 |
raise t |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2110 |
return res |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2111 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2112 |
def get_ca_certs(self): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2113 |
"""Return a dictionary of the CA certificates for this |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2114 |
publisher.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2115 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2116 |
if self.ca_dict is not None: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2117 |
return self.ca_dict |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2118 |
self.ca_dict = {} |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2119 |
# CA certs approved for this publisher are stored by hash to |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2120 |
# prevent the later substitution or confusion over what certs |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2121 |
# have or have not been approved. |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2122 |
for h in set(self.approved_ca_certs): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2123 |
c = self.get_cert_by_hash(h, verify_hash=True) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2124 |
s = c.get_subject().as_hash() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2125 |
self.ca_dict.setdefault(s, []) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2126 |
self.ca_dict[s].append(c) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2127 |
return self.ca_dict |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2128 |
|
2073
9fcacc9e5eaa
16998 transport should support publisher-specific write and read caches
Shawn Walker <shawn.walker@oracle.com>
parents:
2028
diff
changeset
|
2129 |
def update_props(self, set_props=EmptyI, add_prop_values=EmptyDict, |
9fcacc9e5eaa
16998 transport should support publisher-specific write and read caches
Shawn Walker <shawn.walker@oracle.com>
parents:
2028
diff
changeset
|
2130 |
remove_prop_values=EmptyDict, unset_props=EmptyI): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2131 |
"""Update the properties set for this publisher with the ones |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2132 |
provided as arguments. The order of application is that any |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2133 |
existing properties are unset, then properties are set to their |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2134 |
new values, then values are added to properties, and finally |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2135 |
values are removed from properties.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2136 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2137 |
# Delay validation so that any intermittent inconsistent state |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2138 |
# doesn't cause problems. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2139 |
self.__delay_validation = True |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2140 |
# Remove existing properties. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2141 |
for n in unset_props: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2142 |
self.properties.pop(n, None) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2143 |
# Add or reset new properties. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2144 |
self.properties.update(set_props) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2145 |
# Add new values to properties. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2146 |
for n in add_prop_values.keys(): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2147 |
self.properties.setdefault(n, []) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2148 |
self.properties[n].extend(add_prop_values[n]) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2149 |
# Remove values from properties. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2150 |
for n in remove_prop_values.keys(): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2151 |
if n not in self.properties: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2152 |
raise api_errors.InvalidPropertyValue(_( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2153 |
"Cannot remove a value from the property " |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2154 |
"%(name)s because the property does not " |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2155 |
"exist.") % {"name":n}) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2156 |
if not isinstance(self.properties[n], list): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2157 |
raise api_errors.InvalidPropertyValue(_( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2158 |
"Cannot remove a value from a single " |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2159 |
"valued property, unset must be used. The " |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2160 |
"property name is '%(name)s' and the " |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2161 |
"current value is '%(value)s'") % |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2162 |
{"name":n, "value":self.properties[n]}) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2163 |
for v in remove_prop_values[n]: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2164 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2165 |
self.properties[n].remove(v) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2166 |
except ValueError: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2167 |
raise api_errors.InvalidPropertyValue(_( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2168 |
"Cannot remove the value %(value)s " |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2169 |
"from the property %(name)s " |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2170 |
"because the value is not in the " |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2171 |
"property's list.") % |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2172 |
{"value":v, "name":n}) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2173 |
self.__delay_validation = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2174 |
self.__validate_properties() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2175 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2176 |
def __validate_properties(self): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2177 |
"""Check that the properties set for this publisher are |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2178 |
consistent with each other.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2179 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2180 |
if self.__properties.get(SIGNATURE_POLICY, "") == \ |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2181 |
"require-names": |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2182 |
if not self.__properties.get("signature-required-names", |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2183 |
None): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2184 |
raise api_errors.InvalidPropertyValue(_( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2185 |
"At least one name must be provided for " |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2186 |
"the signature-required-names policy.")) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2187 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2188 |
def __format_safe_read_crl(self, pth): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2189 |
"""CRLs seem to frequently come in DER format, so try reading |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2190 |
the CRL using both of the formats before giving up.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2191 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2192 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2193 |
return m2.X509.load_crl(pth) |
2073
9fcacc9e5eaa
16998 transport should support publisher-specific write and read caches
Shawn Walker <shawn.walker@oracle.com>
parents:
2028
diff
changeset
|
2194 |
except m2.X509.X509Error: |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2195 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2196 |
return m2.X509.load_crl(pth, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2197 |
format=m2.X509.FORMAT_DER) |
2073
9fcacc9e5eaa
16998 transport should support publisher-specific write and read caches
Shawn Walker <shawn.walker@oracle.com>
parents:
2028
diff
changeset
|
2198 |
except m2.X509.X509Error: |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2199 |
raise api_errors.BadFileFormat(_("The CRL file " |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2200 |
"%s is not in a recognized format.") % |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2201 |
pth) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2202 |
|
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2203 |
def __get_crl(self, uri): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2204 |
"""Given a URI (for now only http URIs are supported), return |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2205 |
the CRL object created from the file stored at that uri.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2206 |
|
2263
42b8af0a12a1
17776 Need to update m2crypto to version 0.21.1
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2219
diff
changeset
|
2207 |
uri = uri.strip() |
42b8af0a12a1
17776 Need to update m2crypto to version 0.21.1
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2219
diff
changeset
|
2208 |
if uri.startswith("Full Name:"): |
42b8af0a12a1
17776 Need to update m2crypto to version 0.21.1
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2219
diff
changeset
|
2209 |
uri = uri[len("Full Name:"):] |
42b8af0a12a1
17776 Need to update m2crypto to version 0.21.1
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2219
diff
changeset
|
2210 |
uri = uri.strip() |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2211 |
if uri.startswith("URI:"): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2212 |
uri = uri[4:] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2213 |
if not uri.startswith("http://") and \ |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2214 |
not uri.startswith("file://"): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2215 |
raise api_errors.InvalidResourceLocation(uri.strip()) |
2272
d81ea073d050
3617 Testsuite should allow choice for base port to use
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2263
diff
changeset
|
2216 |
crl_host = DebugValues.get_value("crl_host") |
d81ea073d050
3617 Testsuite should allow choice for base port to use
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2263
diff
changeset
|
2217 |
if crl_host: |
d81ea073d050
3617 Testsuite should allow choice for base port to use
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2263
diff
changeset
|
2218 |
orig = urlparse.urlparse(uri) |
d81ea073d050
3617 Testsuite should allow choice for base port to use
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2263
diff
changeset
|
2219 |
crl = urlparse.urlparse(crl_host) |
d81ea073d050
3617 Testsuite should allow choice for base port to use
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2263
diff
changeset
|
2220 |
uri = urlparse.urlunparse(urlparse.ParseResult( |
d81ea073d050
3617 Testsuite should allow choice for base port to use
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2263
diff
changeset
|
2221 |
scheme=crl.scheme, netloc=crl.netloc, |
d81ea073d050
3617 Testsuite should allow choice for base port to use
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2263
diff
changeset
|
2222 |
path=orig.path, |
d81ea073d050
3617 Testsuite should allow choice for base port to use
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2263
diff
changeset
|
2223 |
params=orig.params, query=orig.params, |
d81ea073d050
3617 Testsuite should allow choice for base port to use
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2263
diff
changeset
|
2224 |
fragment=orig.fragment)) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2225 |
fn = urllib.quote(uri, "") |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2226 |
assert os.path.isdir(self.__crl_root) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2227 |
fpath = os.path.join(self.__crl_root, fn) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2228 |
crl = None |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2229 |
# Check if we already have a CRL for this URI. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2230 |
if os.path.exists(fpath): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2231 |
# If we already have a CRL, check whether it's time |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2232 |
# to retrieve a new one from the location. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2233 |
crl = self.__format_safe_read_crl(fpath) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2234 |
nu = crl.get_next_update().get_datetime() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2235 |
# get_datetime is supposed to return a UTC time, so |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2236 |
# assert that's the case. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2237 |
assert nu.tzinfo.utcoffset(nu) == dt.timedelta(0) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2238 |
# Add timezone info to cur_time so that cur_time and |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2239 |
# nu can be compared. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2240 |
cur_time = dt.datetime.now(nu.tzinfo) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2241 |
if cur_time < nu: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2242 |
return crl |
2408
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2243 |
# If the CRL is already known to be unavailable, don't try |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2244 |
# connecting to it again. |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2245 |
if uri in Publisher.__bad_crls: |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2246 |
return crl |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2247 |
# If no CRL already exists or it's time to try to get a new one, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2248 |
# try to retrieve it from the server. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2249 |
tmp_pth = fpath + ".tmp" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2250 |
with open(tmp_pth, "wb") as fh: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2251 |
hdl = pycurl.Curl() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2252 |
hdl.setopt(pycurl.URL, uri) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2253 |
hdl.setopt(pycurl.WRITEDATA, fh) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2254 |
hdl.setopt(pycurl.FAILONERROR, 1) |
2408
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2255 |
hdl.setopt(pycurl.CONNECTTIMEOUT, |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2256 |
global_settings.PKG_CLIENT_CONNECT_TIMEOUT) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2257 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2258 |
hdl.perform() |
2073
9fcacc9e5eaa
16998 transport should support publisher-specific write and read caches
Shawn Walker <shawn.walker@oracle.com>
parents:
2028
diff
changeset
|
2259 |
except pycurl.error: |
2408
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2260 |
# If the CRL is unavailable, add it to the list |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2261 |
# of bad crls. |
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2262 |
Publisher.__bad_crls.add(uri) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2263 |
# If we should treat failure to get a new CRL |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2264 |
# as a failure, raise an exception here. If not, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2265 |
# if we should use an old CRL if it exists, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2266 |
# return that here. If none is available and |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2267 |
# that means the cert should not be treated as |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2268 |
# revoked, return None here. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2269 |
return crl |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2270 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2271 |
ncrl = self.__format_safe_read_crl(tmp_pth) |
2073
9fcacc9e5eaa
16998 transport should support publisher-specific write and read caches
Shawn Walker <shawn.walker@oracle.com>
parents:
2028
diff
changeset
|
2272 |
except api_errors.BadFileFormat: |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2273 |
portable.remove(tmp_pth) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2274 |
return crl |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2275 |
portable.rename(tmp_pth, fpath) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2276 |
return ncrl |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2277 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2278 |
def __check_crls(self, cert, ca_dict): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2279 |
"""Determines whether the certificate has been revoked by its |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2280 |
CRL. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2281 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2282 |
The 'cert' parameter is the certificate to check for revocation. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2283 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2284 |
The 'ca_dict' is a dictionary which maps subject hashes to |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2285 |
certs treated as trust anchors.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2286 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2287 |
# If the certificate doesn't have a CRL location listed, treat |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2288 |
# it as valid. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2289 |
try: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2290 |
ext = cert.get_ext("crlDistributionPoints") |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2291 |
except LookupError, e: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2292 |
return True |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2293 |
uri = ext.get_value() |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2294 |
crl = self.__get_crl(uri) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2295 |
# If we couldn't retrieve a CRL from the distribution point |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2296 |
# and no CRL is cached on disk, assume the cert has not been |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2297 |
# revoked. It's possible that this should be an image or |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2298 |
# publisher setting in the future. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2299 |
if not crl: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2300 |
return True |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2301 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2302 |
# A CRL has been found, now it needs to be validated like |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2303 |
# a certificate is. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2304 |
verified_crl = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2305 |
crl_issuer = crl.get_issuer() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2306 |
tas = ca_dict.get(crl_issuer.as_hash(), []) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2307 |
for t in tas: |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2308 |
try: |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2309 |
if crl.verify(t.get_pubkey()): |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2310 |
# If t isn't approved for signing crls, |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2311 |
# the exception __check_extensions |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2312 |
# raises will take the code to the |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2313 |
# except below. |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2314 |
self.__check_extensions(t, |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2315 |
CRL_SIGNING_USE, 0) |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2316 |
verified_crl = True |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2317 |
except api_errors.SigningException: |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2318 |
pass |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2319 |
if not verified_crl: |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2320 |
crl_cas = self.__get_certs_by_name(crl_issuer) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2321 |
for c in crl_cas: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2322 |
if crl.verify(c.get_pubkey()): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2323 |
try: |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2324 |
self.verify_chain(c, ca_dict, 0, |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2325 |
usages=CRL_SIGNING_USE,) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2326 |
except api_errors.SigningException: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2327 |
pass |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2328 |
else: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2329 |
verified_crl = True |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2330 |
break |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2331 |
if not verified_crl: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2332 |
return True |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2333 |
# For a certificate to be revoked, its CRL must be validated |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2334 |
# and revoked the certificate. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2335 |
rev = crl.is_revoked(cert) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2336 |
if rev: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2337 |
raise api_errors.RevokedCertificate(cert, rev[1]) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2338 |
|
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2339 |
def __check_revocation(self, cert, ca_dict): |
2414
ce704b29a50c
18464 revoka-ca-cert needs a rethink
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2408
diff
changeset
|
2340 |
hsh = self.__hash_cert(cert) |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2341 |
if hsh in self.revoked_ca_certs: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2342 |
raise api_errors.RevokedCertificate(cert, |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2343 |
"User manually revoked certificate.") |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2344 |
self.__check_crls(cert, ca_dict) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2345 |
|
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2346 |
def __check_extensions(self, cert, usages, cur_pathlen): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2347 |
"""Check whether the critical extensions in this certificate |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2348 |
are supported and allow the provided use(s).""" |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2349 |
|
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2350 |
def check_values(vs): |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2351 |
for v in vs: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2352 |
if v in supported_vs: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2353 |
continue |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2354 |
if v.startswith("PATHLEN:") and \ |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2355 |
"PATHLEN:" in supported_vs: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2356 |
try: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2357 |
cert_pathlen = int(v[len("PATHLEN:"):]) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2358 |
except ValueError, e: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2359 |
raise api_errors.UnsupportedExtensionValue(cert, ext, v) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2360 |
if cur_pathlen > cert_pathlen: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2361 |
raise api_errors.PathlenTooShort(cert, cur_pathlen, cert_pathlen) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2362 |
continue |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2363 |
if len(vs) < 2: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2364 |
raise api_errors.UnsupportedExtensionValue(cert, ext) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2365 |
else: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2366 |
raise api_errors.UnsupportedExtensionValue(cert, ext, v) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2367 |
|
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2368 |
|
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2369 |
for i in range(0, cert.get_ext_count()): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2370 |
ext = cert.get_ext_at(i) |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2371 |
name = ext.get_name() |
2378
b8e3f6867b6c
18324 pkg needs to not traceback if m2crypto can't understand an x509 extension
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2352
diff
changeset
|
2372 |
if name == "UNDEF": |
b8e3f6867b6c
18324 pkg needs to not traceback if m2crypto can't understand an x509 extension
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2352
diff
changeset
|
2373 |
continue |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2374 |
v = ext.get_value().upper() |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2375 |
# Check whether the extension name is recognized. |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2376 |
if name in SUPPORTED_EXTENSION_VALUES: |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2377 |
supported_vs = \ |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2378 |
SUPPORTED_EXTENSION_VALUES[name] |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2379 |
vs = [s.strip() for s in v.split(",")] |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2380 |
# Check whether the values for the extension are |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2381 |
# recognized. |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2382 |
check_values(vs) |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2383 |
uses = usages.get(name, []) |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2384 |
if isinstance(uses, basestring): |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2385 |
uses = [uses] |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2386 |
# For each use, check to see whether it's |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2387 |
# permitted by the certificate's extension |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2388 |
# values. |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2389 |
for u in uses: |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2390 |
if u not in vs: |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2391 |
raise api_errors.InappropriateCertificateUse(cert, ext, u) |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2392 |
# If the extension name is unrecognized and critical, |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2393 |
# then the chain cannot be verified. |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2394 |
elif ext.get_critical(): |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2395 |
raise api_errors.UnsupportedCriticalExtension( |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2396 |
cert, ext) |
2408
6424614c2ed1
18463 bad crl urls shouldn't bring pkg to a halt
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2378
diff
changeset
|
2397 |
|
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2398 |
def verify_chain(self, cert, ca_dict, cur_pathlen, required_names=None, |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2399 |
usages=None): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2400 |
"""Validates the certificate against the given trust anchors. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2401 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2402 |
The 'cert' parameter is the certificate to validate. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2403 |
|
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2404 |
The 'ca_dict' parameter is a dictionary which maps subject |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2405 |
hashes to certs treated as trust anchors. |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2406 |
|
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2407 |
The 'cur_pathlen' parameter is an integer indicating how many |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2408 |
certificates have been found between cert and the leaf cert. |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2409 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2410 |
The 'required_names' parameter is a set of strings that must |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2411 |
be seen as a CN in the chain of trust for the certificate.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2412 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2413 |
if required_names is None: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2414 |
required_names = set() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2415 |
verified = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2416 |
continue_loop = True |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2417 |
certs_with_problems = [] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2418 |
|
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2419 |
ca_dict = copy.copy(ca_dict) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2420 |
for k, v in self.get_ca_certs().iteritems(): |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2421 |
if k in ca_dict: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2422 |
ca_dict[k].extend(v) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2423 |
else: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2424 |
ca_dict[k] = v |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2425 |
|
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2426 |
def merge_dicts(d1, d2): |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2427 |
"""Function for merging usage dictionaries.""" |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2428 |
res = copy.deepcopy(d1) |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2429 |
for k in d2: |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2430 |
if k in res: |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2431 |
res[k].extend(d2[k]) |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2432 |
else: |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2433 |
res[k] = d2[k] |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2434 |
return res |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2435 |
|
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2436 |
def discard_names(cert, required_names): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2437 |
for cert_cn in [ |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2438 |
str(c.get_data()) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2439 |
for c |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2440 |
in cert.get_subject().get_entries_by_nid( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2441 |
m2.X509.X509_Name.nid["CN"]) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2442 |
]: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2443 |
required_names.discard(cert_cn) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2444 |
|
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2445 |
if not usages: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2446 |
usages = {} |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2447 |
for u in POSSIBLE_USES: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2448 |
usages = merge_dicts(usages, u) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2449 |
|
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2450 |
# Check whether we can validate this certificate. |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2451 |
self.__check_extensions(cert, usages, cur_pathlen) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2452 |
|
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2453 |
# Check whether this certificate has been revoked. |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2454 |
self.__check_revocation(cert, ca_dict) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2455 |
|
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2456 |
while continue_loop: |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2457 |
# If this certificate's CN is in the set of required |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2458 |
# names, remove it. |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2459 |
discard_names(cert, required_names) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2460 |
|
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2461 |
# Find the certificate that issued this certificate. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2462 |
issuer = cert.get_issuer() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2463 |
issuer_hash = issuer.as_hash() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2464 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2465 |
# See whether this certificate was issued by any of the |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2466 |
# given trust anchors. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2467 |
for c in ca_dict.get(issuer_hash, []): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2468 |
if cert.verify(c.get_pubkey()): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2469 |
verified = True |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2470 |
# Remove any required names found in the |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2471 |
# trust anchor. |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2472 |
discard_names(c, required_names) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2473 |
# If there are more names to check for |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2474 |
# continue up the chain of trust to look |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2475 |
# for them. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2476 |
if not required_names: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2477 |
continue_loop = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2478 |
break |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2479 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2480 |
# If the subject and issuer for this certificate are |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2481 |
# identical and the certificate hasn't been verified |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2482 |
# then this is an untrusted self-signed cert and should |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2483 |
# be rejected. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2484 |
if cert.get_subject().as_hash() == issuer_hash: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2485 |
if not verified: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2486 |
raise \ |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2487 |
api_errors.UntrustedSelfSignedCert( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2488 |
cert) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2489 |
# This break should break the |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2490 |
# while continue_loop loop. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2491 |
break |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2492 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2493 |
# If the certificate hasn't been issued by a trust |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2494 |
# anchor or more names need to be found, continue |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2495 |
# looking up the chain of trust. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2496 |
if continue_loop: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2497 |
up_chain = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2498 |
# Keep track of certs that would have verified |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2499 |
# this certificate but had critical extensions |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2500 |
# we can't handle yet for error reporting. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2501 |
certs_with_problems = [] |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2502 |
for c in self.__get_certs_by_name(issuer): |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2503 |
# If the certificate is approved to |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2504 |
# sign another certificate, verifies |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2505 |
# the current certificate, and hasn't |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2506 |
# been revoked, consider it as the |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2507 |
# next link in the chain. check_ca |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2508 |
# checks both the basicConstraints |
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2509 |
# extension and the keyUsage extension. |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2510 |
if c.check_ca() and \ |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2511 |
cert.verify(c.get_pubkey()): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2512 |
problem = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2513 |
# Check whether this certificate |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2514 |
# has a critical extension we |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2515 |
# don't understand. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2516 |
try: |
2215
b4355e8c5097
16856 need to check keyUsage for leaf certs
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2100
diff
changeset
|
2517 |
self.__check_extensions( |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2518 |
c, CERT_SIGNING_USE, |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2519 |
cur_pathlen) |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2520 |
self.__check_revocation(c, |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2521 |
ca_dict) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2522 |
except (api_errors.UnsupportedCriticalExtension, api_errors.RevokedCertificate), e: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2523 |
certs_with_problems.append(e) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2524 |
problem = True |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2525 |
# If this certificate has no |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2526 |
# problems with it, it's the |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2527 |
# next link in the chain so make |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2528 |
# it the current certificate and |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2529 |
# add one to cur_pathlen since |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2530 |
# there's one more chain cert |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2531 |
# between the code signing cert |
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2532 |
# and the root of the chain. |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2533 |
if not problem: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2534 |
up_chain = True |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2535 |
cert = c |
2286
938fbb350ad2
16867 pkgsign should handle existing signatures better
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2272
diff
changeset
|
2536 |
cur_pathlen += 1 |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2537 |
break |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2538 |
# If there's not another link in the chain to be |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2539 |
# found, stop the iteration. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2540 |
if not up_chain: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2541 |
continue_loop = False |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2542 |
# If the certificate wasn't verified against a trust anchor, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2543 |
# raise an exception. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2544 |
if not verified: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2545 |
raise api_errors.BrokenChain(cert, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2546 |
certs_with_problems) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2547 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2548 |
alias = property(lambda self: self.__alias, __set_alias, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2549 |
doc="An alternative name for a publisher.") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2550 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2551 |
client_uuid = property(lambda self: self.__client_uuid, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2552 |
__set_client_uuid, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2553 |
doc="A Universally Unique Identifier (UUID) used to identify a " |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2554 |
"client image to a publisher.") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2555 |
|
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2556 |
disabled = property(lambda self: self.__disabled, __set_disabled, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2557 |
doc="A boolean value indicating whether the publisher should be " |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2558 |
"used for packaging operations.") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2559 |
|
996
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
2560 |
last_refreshed = property(__get_last_refreshed, __set_last_refreshed, |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
2561 |
doc="A datetime object representing the time (in UTC) the " |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
2562 |
"publisher's selected repository was last refreshed for new " |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
2563 |
"metadata (such as catalog updates). 'None' if the publisher " |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
2564 |
"hasn't been refreshed yet or the time is not available.") |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
2565 |
|
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
2566 |
meta_root = property(lambda self: self.__meta_root, __set_meta_root, |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
2567 |
doc="The absolute pathname of the directory where the publisher's " |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
2568 |
"metadata should be written to and read from.") |
31d152a5212b
7582 pkg set-publisher --no-refresh will delete catalogs
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
926
diff
changeset
|
2569 |
|
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2570 |
prefix = property(lambda self: self.__prefix, __set_prefix, |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2571 |
doc="The name of the publisher.") |
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2572 |
|
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2573 |
repository = property(lambda self: self.__repository, |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2574 |
__set_repository, |
926
6ee411c9026a
5871 publisher apis desired
Shawn Walker <Shawn.Walker@Sun.COM>
parents:
diff
changeset
|
2575 |
doc="A reference to the selected repository object.") |
1505
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
2576 |
|
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
2577 |
sticky = property(lambda self: self.__sticky, __set_stickiness, |
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
2578 |
doc="Whether or not installed packages from this publisher are" |
cc598d70bbbe
4425 pkg install should deal w/ complex dependency changes in one install
Bart Smaalders <Bart.Smaalders@Sun.COM>
parents:
1449
diff
changeset
|
2579 |
" always preferred to other publishers.") |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2580 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2581 |
def __get_prop(self, name): |
2097
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2582 |
"""Accessor method for properties dictionary""" |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2583 |
return self.__properties[name] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2584 |
|
2097
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2585 |
@staticmethod |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2586 |
def __read_list(list_str): |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2587 |
"""Take a list in string representation and convert it back |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2588 |
to a Python list.""" |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2589 |
|
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2590 |
list_str = list_str.encode("utf-8") |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2591 |
# Strip brackets and any whitespace |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2592 |
list_str = list_str.strip("][ ") |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2593 |
# Strip comma and any whitespeace |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2594 |
lst = list_str.split(", ") |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2595 |
# Strip empty whitespace, single, and double quotation marks |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2596 |
lst = [ s.strip("' \"") for s in lst ] |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2597 |
# Eliminate any empty strings |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2598 |
lst = [ s for s in lst if s != '' ] |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2599 |
|
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2600 |
return lst |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2601 |
|
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2602 |
def __set_prop(self, name, values): |
2097
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2603 |
"""Accessor method to add a property""" |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2604 |
if self.sys_pub: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2605 |
raise api_errors.ModifyingSyspubException(_("Cannot " |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2606 |
"set a property for a system publisher. The " |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2607 |
"property was:%s") % name) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2608 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2609 |
if name == SIGNATURE_POLICY: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2610 |
self.__sig_policy = None |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2611 |
if isinstance(values, basestring): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2612 |
values = [values] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2613 |
policy_name = values[0] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2614 |
if policy_name not in sigpolicy.Policy.policies(): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2615 |
raise api_errors.InvalidPropertyValue(_( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2616 |
"%(val)s is not a valid value for this " |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2617 |
"property:%(prop)s") % {"val": policy_name, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2618 |
"prop": SIGNATURE_POLICY}) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2619 |
if policy_name == "require-names": |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2620 |
if self.__delay_validation: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2621 |
# If __delay_validation is set, then |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2622 |
# it's possible that |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2623 |
# signature-required-names was |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2624 |
# set by a previous call to set_prop |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2625 |
# file. If so, don't overwrite the |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2626 |
# values that have already been read. |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2627 |
self.__properties.setdefault( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2628 |
"signature-required-names", []) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2629 |
self.__properties[ |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2630 |
"signature-required-names"].extend( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2631 |
values[1:]) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2632 |
else: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2633 |
self.__properties[ |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2634 |
"signature-required-names"] = \ |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2635 |
values[1:] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2636 |
self.__validate_properties() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2637 |
else: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2638 |
if len(values) > 1: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2639 |
raise api_errors.InvalidPropertyValue(_( |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2640 |
"The %s signature-policy takes no " |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2641 |
"argument.") % policy_name) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2642 |
self.__properties[SIGNATURE_POLICY] = policy_name |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2643 |
return |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2644 |
if name == "signature-required-names": |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2645 |
if isinstance(values, basestring): |
2097
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2646 |
values = self.__read_list(values) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2647 |
self.__properties[name] = values |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2648 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2649 |
def __del_prop(self, name): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2650 |
"""Accessor method for properties""" |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2651 |
if self.sys_pub: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2652 |
raise api_errors.ModifyingSyspubException(_("Cannot " |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2653 |
"unset a property for a system publisher. The " |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2654 |
"property was:%s") % name) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2655 |
del self.__properties[name] |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2656 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2657 |
def __prop_iter(self): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2658 |
return self.__properties.__iter__() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2659 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2660 |
def __prop_iteritems(self): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2661 |
"""Support iteritems on properties""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2662 |
return self.__properties.iteritems() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2663 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2664 |
def __prop_keys(self): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2665 |
"""Support keys() on properties""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2666 |
return self.__properties.keys() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2667 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2668 |
def __prop_values(self): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2669 |
"""Support values() on properties""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2670 |
return self.__properties.values() |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2671 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2672 |
def __prop_getdefault(self, name, value): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2673 |
"""Support getdefault() on properties""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2674 |
return self.__properties.get(name, value) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2675 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2676 |
def __prop_setdefault(self, name, value): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2677 |
"""Support setdefault() on properties""" |
2097
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2678 |
# Must set it this way so that the logic in __set_prop is used. |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2679 |
try: |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2680 |
return self.__properties[name] |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2681 |
except KeyError: |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2682 |
self.properties[name] = value |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2683 |
return value |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2684 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2685 |
def __prop_update(self, d): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2686 |
"""Support update() on properties""" |
2097
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2687 |
|
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2688 |
for k, v in d.iteritems(): |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2689 |
# Must iterate through each value and |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2690 |
# set it this way so that the logic |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2691 |
# in __set_prop is used. |
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2692 |
self.properties[k] = v |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2693 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2694 |
def __prop_pop(self, d, default): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2695 |
"""Support pop() on properties""" |
2310
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2696 |
if self.sys_pub: |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2697 |
raise api_errors.ModifyingSyspubException(_("Cannot " |
ce10607d5332
11684 desire option to not propagate certs to non-global zones
Brock Pytlik <brock.pytlik@oracle.com>
parents:
2286
diff
changeset
|
2698 |
"unset a property for a system publisher.")) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2699 |
return self.__properties.pop(d, default) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2700 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2701 |
properties = DictProperty(__get_prop, __set_prop, __del_prop, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2702 |
__prop_iteritems, __prop_keys, __prop_values, __prop_iter, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2703 |
doc="A dict holding the properties for an image.", |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2704 |
fgetdefault=__prop_getdefault, fsetdefault=__prop_setdefault, |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2705 |
update=__prop_update, pop=__prop_pop) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2706 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2707 |
@property |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2708 |
def signature_policy(self): |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2709 |
"""Return the signature policy for the publisher.""" |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2710 |
|
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2711 |
if self.__sig_policy is not None: |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2712 |
return self.__sig_policy |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2713 |
txt = self.properties.get(SIGNATURE_POLICY, |
2097
068cc63b4d6e
17055 image configuration should use pkg.config classes
Shawn Walker <shawn.walker@oracle.com>
parents:
2073
diff
changeset
|
2714 |
sigpolicy.DEFAULT_POLICY) |
2026
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2715 |
names = self.properties.get("signature-required-names", []) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2716 |
self.__sig_policy = sigpolicy.Policy.policy_factory(txt, names) |
d1b30615bc99
9196 pkg(5) should have support for cryptographic manifest signatures
Brock Pytlik <bpytlik@sun.com>
parents:
2022
diff
changeset
|
2717 |
return self.__sig_policy |