URL: https://github.com/freeipa/freeipa/pull/127
Author: tjaalton
Title: #127: Move ipa-otpd to $libexecdir/ipa, purge ffextension
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/127/head:pr127
git checkout pr127
From 5ca9bc72163674deca40c1516ee516f311aa9760 Mon Sep 17 00:00:00 2001
From: Timo Aaltonen <tjaal...@debian.org>
Date: Fri, 30 Sep 2016 01:00:02 +0300
Subject: [PATCH 1/2] Move ipa-otpd to $libexecdir/ipa
This is more consistent with the other daemons.
---
daemons/ipa-otpd/Makefile.am | 3 ++-
daemons/ipa-otpd/ipa-o...@.service.in | 2 +-
freeipa.spec.in | 2 +-
3 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/daemons/ipa-otpd/Makefile.am b/daemons/ipa-otpd/Makefile.am
index 8392174..d2e1679 100644
--- a/daemons/ipa-otpd/Makefile.am
+++ b/daemons/ipa-otpd/Makefile.am
@@ -2,7 +2,8 @@ AM_CFLAGS := @LDAP_CFLAGS@ @LIBVERTO_CFLAGS@
AM_LDFLAGS := @LDAP_LIBS@ @LIBVERTO_LIBS@ @KRAD_LIBS@
noinst_HEADERS = internal.h
-libexec_PROGRAMS = ipa-otpd
+appdir = $(libexecdir)/ipa/
+app_PROGRAMS = ipa-otpd
dist_noinst_DATA = ipa-otpd.socket.in ipa-o...@.service.in test.py
systemdsystemunit_DATA = ipa-otpd.socket ipa-otpd@.service
diff --git a/daemons/ipa-otpd/ipa-o...@.service.in b/daemons/ipa-otpd/ipa-o...@.service.in
index b85d5a1..92afb40 100644
--- a/daemons/ipa-otpd/ipa-o...@.service.in
+++ b/daemons/ipa-otpd/ipa-o...@.service.in
@@ -3,7 +3,7 @@ Description=ipa-otpd service
[Service]
EnvironmentFile=@sysconfdir@/ipa/default.conf
-ExecStart=@libexecdir@/ipa-otpd $ldap_uri
+ExecStart=@libexecdir@/ipa/ipa-otpd $ldap_uri
StandardInput=socket
StandardOutput=socket
StandardError=syslog
diff --git a/freeipa.spec.in b/freeipa.spec.in
index 3b0e4b2..8972cb9 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -1056,13 +1056,13 @@ fi
%{_sbindir}/ipa-winsync-migrate
%{_libexecdir}/certmonger/dogtag-ipa-ca-renew-agent-submit
%{_libexecdir}/certmonger/ipa-server-guard
-%{_libexecdir}/ipa-otpd
%dir %{_libexecdir}/ipa
%{_libexecdir}/ipa/ipa-dnskeysyncd
%{_libexecdir}/ipa/ipa-dnskeysync-replica
%{_libexecdir}/ipa/ipa-ods-exporter
%{_libexecdir}/ipa/ipa-httpd-kdcproxy
%{_libexecdir}/ipa/ipa-pki-retrieve-key
+%{_libexecdir}/ipa/ipa-otpd
%dir %{_libexecdir}/ipa/oddjob
%attr(0755,root,root) %{_libexecdir}/ipa/oddjob/org.freeipa.server.conncheck
%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freeipa.server.conf
From b8c50254e3208b25e746eab6a821b51319e80c63 Mon Sep 17 00:00:00 2001
From: Timo Aaltonen <tjaal...@debian.org>
Date: Tue, 29 Mar 2016 21:33:15 +0300
Subject: [PATCH 2/2] Purge obsolete firefox extension
---
freeipa.spec.in | 12 --
install/Makefile.am | 1 -
install/configure.ac | 5 -
install/ffextension/Makefile.am | 23 ---
install/ffextension/bootstrap.js | 88 ---------
install/ffextension/chrome.manifest | 4 -
install/ffextension/chrome/Makefile.am | 19 --
install/ffextension/chrome/content/Makefile.am | 17 --
install/ffextension/chrome/content/kerberosauth.js | 197 ---------------------
.../chrome/content/kerberosauth_overlay.xul | 9 -
install/ffextension/install.rdf | 26 ---
install/ffextension/locale/Makefile.am | 19 --
install/ffextension/locale/en-US/Makefile.am | 16 --
.../locale/en-US/kerberosauth.properties | 4 -
install/share/Makefile.am | 1 -
install/share/krb.js.template | 2 -
ipaplatform/base/paths.py | 4 -
ipaserver/install/httpinstance.py | 42 +----
ipaserver/install/server/replicainstall.py | 4 +-
ipaserver/install/server/upgrade.py | 11 --
20 files changed, 2 insertions(+), 502 deletions(-)
delete mode 100644 install/ffextension/Makefile.am
delete mode 100644 install/ffextension/bootstrap.js
delete mode 100644 install/ffextension/chrome.manifest
delete mode 100644 install/ffextension/chrome/Makefile.am
delete mode 100644 install/ffextension/chrome/content/Makefile.am
delete mode 100644 install/ffextension/chrome/content/kerberosauth.js
delete mode 100644 install/ffextension/chrome/content/kerberosauth_overlay.xul
delete mode 100644 install/ffextension/install.rdf
delete mode 100644 install/ffextension/locale/Makefile.am
delete mode 100644 install/ffextension/locale/en-US/Makefile.am
delete mode 100644 install/ffextension/locale/en-US/kerberosauth.properties
delete mode 100644 install/share/krb.js.template
diff --git a/freeipa.spec.in b/freeipa.spec.in
index 8972cb9..a6cba4f 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -165,7 +165,6 @@ Requires: pki-ca >= 10.3.3-3
Requires: pki-kra >= 10.3.3-3
Requires(preun): python systemd-units
Requires(postun): python systemd-units
-Requires: zip
Requires: policycoreutils >= 2.1.12-5
Requires: tar
Requires(pre): certmonger >= 0.78
@@ -1164,17 +1163,6 @@ fi
%{_usr}/share/ipa/advise/legacy/*.template
%dir %{_usr}/share/ipa/profiles
%{_usr}/share/ipa/profiles/*.cfg
-%dir %{_usr}/share/ipa/ffextension
-%{_usr}/share/ipa/ffextension/bootstrap.js
-%{_usr}/share/ipa/ffextension/install.rdf
-%{_usr}/share/ipa/ffextension/chrome.manifest
-%dir %{_usr}/share/ipa/ffextension/chrome
-%dir %{_usr}/share/ipa/ffextension/chrome/content
-%{_usr}/share/ipa/ffextension/chrome/content/kerberosauth.js
-%{_usr}/share/ipa/ffextension/chrome/content/kerberosauth_overlay.xul
-%dir %{_usr}/share/ipa/ffextension/locale
-%dir %{_usr}/share/ipa/ffextension/locale/en-US
-%{_usr}/share/ipa/ffextension/locale/en-US/kerberosauth.properties
%dir %{_usr}/share/ipa/html
%{_usr}/share/ipa/html/ffconfig.js
%{_usr}/share/ipa/html/ffconfig_page.js
diff --git a/install/Makefile.am b/install/Makefile.am
index ac52ad3..d13ecb7 100644
--- a/install/Makefile.am
+++ b/install/Makefile.am
@@ -7,7 +7,6 @@ NULL =
SUBDIRS = \
certmonger \
conf \
- ffextension \
html \
migration \
share \
diff --git a/install/configure.ac b/install/configure.ac
index 81f17b9..b895933 100644
--- a/install/configure.ac
+++ b/install/configure.ac
@@ -77,11 +77,6 @@ AC_CONFIG_FILES([
Makefile
certmonger/Makefile
conf/Makefile
- ffextension/Makefile
- ffextension/chrome/Makefile
- ffextension/chrome/content/Makefile
- ffextension/locale/Makefile
- ffextension/locale/en-US/Makefile
html/Makefile
migration/Makefile
share/Makefile
diff --git a/install/ffextension/Makefile.am b/install/ffextension/Makefile.am
deleted file mode 100644
index 7a72205..0000000
--- a/install/ffextension/Makefile.am
+++ /dev/null
@@ -1,23 +0,0 @@
-AUTOMAKE_OPTIONS = 1.7
-
-NULL =
-
-SUBDIRS = \
- chrome \
- locale \
- $(NULL)
-
-appdir = $(IPA_DATA_DIR)/ffextension
-app_DATA = \
- bootstrap.js \
- chrome.manifest \
- install.rdf \
- $(NULL)
-
-EXTRA_DIST = \
- $(app_DATA) \
- $(NULL)
-
-MAINTAINERCLEANFILES = \
- *~ \
- Makefile.in
diff --git a/install/ffextension/bootstrap.js b/install/ffextension/bootstrap.js
deleted file mode 100644
index 7e2ae57..0000000
--- a/install/ffextension/bootstrap.js
+++ /dev/null
@@ -1,88 +0,0 @@
-// Heavily inspired by Dave Townsend's post:
-// Playing with windows in restartless (bootstrapped) extensions
-// http://www.oxymoronical.com/blog/2011/01/Playing-with-windows-in-restartless-bootstrapped-extensions
-
-const Cc = Components.classes;
-const Ci = Components.interfaces;
-const Cu = Components.utils;
-
-var WindowListener = {
-
- setupBrowserUI: function(domWindow) {
- var doc = domWindow.document;
- domWindow.kerberosauth_listener = kerberosauth_listener(domWindow);
- doc.addEventListener('kerberos-auth-config', domWindow.kerberosauth_listener, false, true);
- },
-
- tearDownBrowserUI: function(domWindow) {
-
- var doc = domWindow.document;
- doc.removeEventListener('kerberos-auth-config', domWindow.kerberosauth_listener);
- delete domWindow.kerberosauth_listener;
- },
-
- // nsIWindowMediatorListener functions
- onOpenWindow: function(xulWindow) {
- // A new window has opened
- var domWindow = xulWindow.QueryInterface(Ci.nsIInterfaceRequestor).
- getInterface(Ci.nsIDOMWindowInternal);
-
- // Wait for it to finish loading
- domWindow.addEventListener("load", function listener() {
- domWindow.removeEventListener("load", listener, false);
-
- // If this is a browser window then setup its UI
- if (domWindow.document.documentElement.getAttribute("windowtype") === "navigator:browser") {
- WindowListener.setupBrowserUI(domWindow);
- }
- }, false);
- },
-
- onCloseWindow: function(xulWindow) {
- },
-
- onWindowTitleChange: function(xulWindow, newTitle) {
- }
-};
-
-function startup(data, reason) {
- var wm = Cc["@mozilla.org/appshell/window-mediator;1"].getService(Ci.nsIWindowMediator);
-
- Cu['import']("chrome://kerberosauth/content/kerberosauth.js");
-
- // Get the list of browser windows already open
- var windows = wm.getEnumerator("navigator:browser");
- while (windows.hasMoreElements()) {
- var domWindow = windows.getNext().QueryInterface(Ci.nsIDOMWindow);
-
- WindowListener.setupBrowserUI(domWindow);
- }
-
- // Wait for any new browser windows to open
- wm.addListener(WindowListener);
-}
-
-function shutdown(data, reason) {
- // When the application is shutting down we normally don't have to clean
- // up any UI changes made
- if (reason == APP_SHUTDOWN)
- return;
-
- var wm = Cc["@mozilla.org/appshell/window-mediator;1"].
- getService(Ci.nsIWindowMediator);
-
- // Get the list of browser windows already open
- var windows = wm.getEnumerator("navigator:browser");
- while (windows.hasMoreElements()) {
- var domWindow = windows.getNext().QueryInterface(Ci.nsIDOMWindow);
- WindowListener.tearDownBrowserUI(domWindow);
- }
-
- // Stop listening for any new browser windows to open
- wm.removeListener(WindowListener);
-
- Cu.unload("chrome://kerberosauth/content/kerberosauth.js");
-}
-
-function install() {}
-function uninstall() {}
\ No newline at end of file
diff --git a/install/ffextension/chrome.manifest b/install/ffextension/chrome.manifest
deleted file mode 100644
index 775d3a3..0000000
--- a/install/ffextension/chrome.manifest
+++ /dev/null
@@ -1,4 +0,0 @@
-content kerberosauth chrome/content/
-resource kerberosauth chrome/content/
-overlay chrome://browser/content/browser.xul resource://kerberosauth/kerberosauth_overlay.xul
-locale kerberosauth en-US locale/en-US/
\ No newline at end of file
diff --git a/install/ffextension/chrome/Makefile.am b/install/ffextension/chrome/Makefile.am
deleted file mode 100644
index 10d23a7..0000000
--- a/install/ffextension/chrome/Makefile.am
+++ /dev/null
@@ -1,19 +0,0 @@
-AUTOMAKE_OPTIONS = 1.7
-
-NULL =
-
-SUBDIRS = \
- content \
- $(NULL)
-
-appdir = $(IPA_DATA_DIR)/ffextension/chrome
-app_DATA = \
- $(NULL)
-
-EXTRA_DIST = \
- $(app_DATA) \
- $(NULL)
-
-MAINTAINERCLEANFILES = \
- *~ \
- Makefile.in
diff --git a/install/ffextension/chrome/content/Makefile.am b/install/ffextension/chrome/content/Makefile.am
deleted file mode 100644
index 7ff81e5..0000000
--- a/install/ffextension/chrome/content/Makefile.am
+++ /dev/null
@@ -1,17 +0,0 @@
-AUTOMAKE_OPTIONS = 1.7
-
-NULL =
-
-appdir = $(IPA_DATA_DIR)/ffextension/chrome/content
-app_DATA = \
- kerberosauth_overlay.xul \
- kerberosauth.js \
- $(NULL)
-
-EXTRA_DIST = \
- $(app_DATA) \
- $(NULL)
-
-MAINTAINERCLEANFILES = \
- *~ \
- Makefile.in
diff --git a/install/ffextension/chrome/content/kerberosauth.js b/install/ffextension/chrome/content/kerberosauth.js
deleted file mode 100644
index c5afde9..0000000
--- a/install/ffextension/chrome/content/kerberosauth.js
+++ /dev/null
@@ -1,197 +0,0 @@
-/* Authors:
- * Petr Vobornik <pvobo...@redhat.com>
- *
- * Copyright (C) 2012 Red Hat
- * see file 'COPYING' for use and warranty information
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-
-var EXPORTED_SYMBOLS = ["kerberosauth", "kerberosauth_listener"];
-
-var Cc = Components.classes;
-var Ci = Components.interfaces;
-
-var kerberosauth = {
-
- // Dictionary of configuration options this extension can configure.
- // An alias (key) is set for each options. Using a set of aliases limits
- // configuration pages from supplying potential malicious options.
- config_options: {
- referer: ['network.http.sendRefererHeader', 'int'],
- native_gss_lib: ['network.negotiate-auth.using-native-gsslib', 'bool'],
- trusted_uris: ['network.negotiate-auth.trusted-uris', 'str'],
- allow_proxies: ['network.negotiate-auth.allow-proxies', 'bool']
- },
-
- // Some preconfigurations to make things easier. Can be good if UI is added
- // (mostly for future usage).
- predefined_configurations: {
- ipa: {
- referer: '2',
- native_gss_lib: 'true',
- trusted_uris: '',
- allow_proxies: 'true',
- append: ['trusted_uris']
- }
- },
-
- page_listener: function(event, dom_window) {
-
- var self = this;
-
- var conf = {
- event: event,
- window: dom_window || window,
- element: event.target
- };
-
- if (!conf.element.hasAttribute('method')) return;
-
- var method = conf.element.getAttribute('method');
-
- if (method === 'configure') self.configure(conf);
- if (method === 'can_configure') self.send_response(conf.element, { answer: 'true' });
- },
-
- send_response: function(element, options) {
-
- options = options || {};
-
- var doc = element.ownerDocument;
-
- for (var opt in options) {
- element.setAttribute(opt, options[opt]);
- }
-
- var answer_event = doc.createEvent("HTMLEvents");
- answer_event.initEvent("kerberos-auth-answer", true, false);
- element.dispatchEvent(answer_event);
- },
-
- notify_installed: function(window) {
- var doc = window.document;
- var event = doc.createEvent("HTMLEvents");
- event.initEvent("kerberos-auth-installed", true, false);
- doc.dispatchEvent(event);
- },
-
- configure: function(conf) {
- var self = this;
-
- var options = {}; // options to be configured
- var opt;
-
- // use predefined configuration if supplied
- if (conf.element.hasAttribute('predefined')) {
- var predefined = conf.element.getAttribute('predefined');
-
- var pconfig = self.predefined_configurations[predefined];
- if (pconfig) {
- for (opt in pconfig) {
- options[opt] = pconfig[opt];
- }
- }
- }
-
- // overwrite predefined with supplied and only supported options
- for (var i=0; i < conf.element.attributes.length; i++) {
- var attr = conf.element.attributes[i].name;
- if (attr in self.config_options) {
- options[attr] = conf.element.getAttribute(attr);
- }
- }
-
- if (self.prompt(conf, options)) {
- self.configure_core(conf, options);
- self.send_response(conf.element, { answer: 'configured' });
- } else {
- self.send_response(conf.element, { answer: 'aborted' });
- }
- },
-
- configure_core: function(conf, options) {
-
- var self = this;
-
- var prefs = Cc["@mozilla.org/preferences-service;1"].getService(Ci.nsIPrefBranch);
- var append_opts = options.append || [];
-
- for (var opt in options) {
-
- if (!self.config_options[opt]) continue;
-
- var name = self.config_options[opt][0];
- var type = self.config_options[opt][1];
- var value = options[opt];
-
- if (type === 'str') {
- if (value && append_opts.indexOf(opt) > -1) {
- var current = prefs.getCharPref(name) || '';
- if (this.str_contains(current, value)) {
- continue;
- } else if (current) {
- value = current + ', ' + value;
- }
- }
- prefs.setCharPref(name, value);
- } else if (type ==='int') {
- prefs.setIntPref(name, Number(value));
- } else if (type === 'bool') {
- prefs.setBoolPref(name, value === 'true');
- }
- }
- },
-
- str_contains: function(str, value) {
-
- if (!str) return false;
- var vals = str.split(',');
- for (var i=0, l=vals.length; i<l; i++) {
- if (vals[i].trim() === value) return true;
- }
- return false;
- },
-
- prompt: function(conf, options) {
- var strs = Cc["@mozilla.org/intl/stringbundle;1"].
- getService(Ci.nsIStringBundleService).
- createBundle("chrome://kerberosauth/locale/kerberosauth.properties");
-
- var prompts = Cc["@mozilla.org/embedcomp/prompt-service;1"].
- getService(Ci.nsIPromptService);
-
- var title = strs.GetStringFromName('prompt_title');
- var text = strs.GetStringFromName('prompt_topic');
-
- if (options.trusted_uris) {
- text += strs.GetStringFromName('prompt_domain').replace('${domain}', options.trusted_uris);
- }
- text += strs.GetStringFromName('prompt_question');
-
- var flags = prompts.STD_YES_NO_BUTTONS;
-
- var confirmed = prompts.confirmEx(conf.window, title, text, flags, "","","",
- null,{value: false}) === 0;
- return confirmed;
- }
-};
-
-var kerberosauth_listener = function(window) {
-
- return function(event) {
-
- kerberosauth.page_listener(event, window);
- };
-};
\ No newline at end of file
diff --git a/install/ffextension/chrome/content/kerberosauth_overlay.xul b/install/ffextension/chrome/content/kerberosauth_overlay.xul
deleted file mode 100644
index acad079..0000000
--- a/install/ffextension/chrome/content/kerberosauth_overlay.xul
+++ /dev/null
@@ -1,9 +0,0 @@
-<?xml version="1.0"?>
-
-<overlay id="kerberosauthOverlay" xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul";>
-
- <script type="application/x-javascript">
- Components.utils['import']("resource://kerberosauth/kerberosauth.js");
- window.addEventListener('kerberos-auth-config', kerberosauth_listener(window), false, true);
- </script>
-</overlay>
\ No newline at end of file
diff --git a/install/ffextension/install.rdf b/install/ffextension/install.rdf
deleted file mode 100644
index d931f19..0000000
--- a/install/ffextension/install.rdf
+++ /dev/null
@@ -1,26 +0,0 @@
-<?xml version="1.0"?>
-<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#";
- xmlns:em="http://www.mozilla.org/2004/em-rdf#";>
-
- <Description about="urn:mozilla:install-manifest">
-
- <em:id>kerberosa...@redhat.com</em:id>
- <em:name>Kerberos Configuration</em:name>
- <em:version>0.1</em:version>
- <em:description>Configures browser to use negotiate authentication</em:description>
- <em:type>2</em:type>
- <em:creator>Red Hat, Inc.</em:creator>
- <em:developer>Petr Vobornik</em:developer>
- <em:homepageURL>http://www.redhat.com/</em:homepageURL>
- <em:bootstrap>true</em:bootstrap>
-
- <!-- Firefox -->
- <em:targetApplication>
- <Description>
- <em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id>
- <em:minVersion>10.0</em:minVersion>
- <em:maxVersion>15.0.*</em:maxVersion>
- </Description>
- </em:targetApplication>
- </Description>
-</RDF>
\ No newline at end of file
diff --git a/install/ffextension/locale/Makefile.am b/install/ffextension/locale/Makefile.am
deleted file mode 100644
index 7e64536..0000000
--- a/install/ffextension/locale/Makefile.am
+++ /dev/null
@@ -1,19 +0,0 @@
-AUTOMAKE_OPTIONS = 1.7
-
-NULL =
-
-SUBDIRS = \
- en-US \
- $(NULL)
-
-appdir = $(IPA_DATA_DIR)/ffextension/locale
-app_DATA = \
- $(NULL)
-
-EXTRA_DIST = \
- $(app_DATA) \
- $(NULL)
-
-MAINTAINERCLEANFILES = \
- *~ \
- Makefile.in
diff --git a/install/ffextension/locale/en-US/Makefile.am b/install/ffextension/locale/en-US/Makefile.am
deleted file mode 100644
index d19e8c7..0000000
--- a/install/ffextension/locale/en-US/Makefile.am
+++ /dev/null
@@ -1,16 +0,0 @@
-AUTOMAKE_OPTIONS = 1.7
-
-NULL =
-
-appdir = $(IPA_DATA_DIR)/ffextension/locale/en-US
-app_DATA = \
- kerberosauth.properties \
- $(NULL)
-
-EXTRA_DIST = \
- $(app_DATA) \
- $(NULL)
-
-MAINTAINERCLEANFILES = \
- *~ \
- Makefile.in
diff --git a/install/ffextension/locale/en-US/kerberosauth.properties b/install/ffextension/locale/en-US/kerberosauth.properties
deleted file mode 100644
index b822535..0000000
--- a/install/ffextension/locale/en-US/kerberosauth.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-prompt_title=Kerberos configuration confirmation
-prompt_topic=The page you are visiting is trying to configure Firefox for Kerberos authentication.
-prompt_domain=\n\nDomain: ${domain}
-prompt_question=\n\nDo you want to configure the browser?
\ No newline at end of file
diff --git a/install/share/Makefile.am b/install/share/Makefile.am
index d8845ee..32cf364 100644
--- a/install/share/Makefile.am
+++ b/install/share/Makefile.am
@@ -51,7 +51,6 @@ app_DATA = \
krb5.conf.template \
krb5.ini.template \
krb.con.template \
- krb.js.template \
krbrealm.con.template \
smb.conf.template \
smb.conf.empty \
diff --git a/install/share/krb.js.template b/install/share/krb.js.template
deleted file mode 100644
index e7ea055..0000000
--- a/install/share/krb.js.template
+++ /dev/null
@@ -1,2 +0,0 @@
-var IPA_REALM = "$REALM";
-var IPA_DOMAIN = "$DOMAIN";
\ No newline at end of file
diff --git a/ipaplatform/base/paths.py b/ipaplatform/base/paths.py
index 025bed6..bbf6b53 100644
--- a/ipaplatform/base/paths.py
+++ b/ipaplatform/base/paths.py
@@ -184,7 +184,6 @@ class BasePathNamespace(object):
BIN_TIMEOUT = "/usr/bin/timeout"
UPDATE_CA_TRUST = "/usr/bin/update-ca-trust"
BIN_CURL = "/usr/bin/curl"
- ZIP = "/usr/bin/zip"
BIND_LDAP_SO = "/usr/lib/bind/ldap.so"
BIND_LDAP_DNS_IPA_WORKDIR = "/var/named/dyndb-ldap/ipa/"
BIND_LDAP_DNS_ZONE_WORKDIR = "/var/named/dyndb-ldap/ipa/master/"
@@ -231,12 +230,9 @@ class BasePathNamespace(object):
USERADD = "/usr/sbin/useradd"
USR_SHARE_IPA_DIR = "/usr/share/ipa/"
CA_TOPOLOGY_ULDIF = "/usr/share/ipa/ca-topology.uldif"
- FFEXTENSION = "/usr/share/ipa/ffextension"
IPA_HTML_DIR = "/usr/share/ipa/html"
CA_CRT = "/usr/share/ipa/html/ca.crt"
- KERBEROSAUTH_XPI = "/usr/share/ipa/html/kerberosauth.xpi"
KRB_CON = "/usr/share/ipa/html/krb.con"
- KRB_JS = "/usr/share/ipa/html/krb.js"
HTML_KRB5_INI = "/usr/share/ipa/html/krb5.ini"
HTML_KRBREALM_CON = "/usr/share/ipa/html/krbrealm.con"
NIS_ULDIF = "/usr/share/ipa/nis.uldif"
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
index 00f8901..d8df9c3 100644
--- a/ipaserver/install/httpinstance.py
+++ b/ipaserver/install/httpinstance.py
@@ -21,9 +21,7 @@
import os
import os.path
-import tempfile
import pwd
-import shutil
import re
import dbus
import shlex
@@ -130,7 +128,7 @@ def __init__(self, fstore=None, cert_nickname='Server-Cert'):
subject_base = ipautil.dn_attribute_property('_subject_base')
def create_instance(self, realm, fqdn, domain_name, dm_password=None,
- autoconfig=True, pkcs12_info=None,
+ pkcs12_info=None,
subject_base=None, auto_redirect=True, ca_file=None,
ca_is_configured=None, promote=False):
self.fqdn = fqdn
@@ -173,8 +171,6 @@ def create_instance(self, realm, fqdn, domain_name, dm_password=None,
self.step("setting up httpd keytab", self.__create_http_keytab)
self.step("setting up ssl", self.__setup_ssl)
self.step("importing CA certificates from LDAP", self.__import_ca_certs)
- if autoconfig:
- self.step("setting up browser autoconfig", self.__setup_autoconfig)
if not self.promote:
self.step("publish CA cert", self.__publish_ca_cert)
self.step("clean up any existing httpd ccache", self.remove_httpd_ccache)
@@ -373,42 +369,6 @@ def __import_ca_certs(self):
db = certs.CertDB(self.realm, subject_base=self.subject_base)
self.import_ca_certs(db, self.ca_is_configured)
- def __setup_autoconfig(self):
- self.setup_firefox_extension(self.realm, self.domain)
-
- def setup_firefox_extension(self, realm, domain):
- """Set up the signed browser configuration extension
- """
-
- target_fname = paths.KRB_JS
- sub_dict = dict(REALM=realm, DOMAIN=domain)
- db = certs.CertDB(realm)
- with open(db.passwd_fname) as pwdfile:
- pwd = pwdfile.read()
-
- ipautil.copy_template_file(ipautil.SHARE_DIR + "krb.js.template",
- target_fname, sub_dict)
- os.chmod(target_fname, 0o644)
-
- # Setup extension
- tmpdir = tempfile.mkdtemp(prefix="tmp-")
- extdir = tmpdir + "/ext"
- target_fname = paths.KERBEROSAUTH_XPI
- shutil.copytree(paths.FFEXTENSION, extdir)
- if db.has_nickname('Signing-Cert'):
- db.run_signtool(["-k", "Signing-Cert",
- "-p", pwd,
- "-X", "-Z", target_fname,
- extdir])
- else:
- root_logger.warning('Object-signing certificate was not found. '
- 'Creating unsigned Firefox configuration extension.')
- filenames = os.listdir(extdir)
- ipautil.run([paths.ZIP, '-r', target_fname] + filenames,
- cwd=extdir)
- shutil.rmtree(tmpdir)
- os.chmod(target_fname, 0o644)
-
def __publish_ca_cert(self):
ca_db = certs.CertDB(self.realm)
ca_db.publish_ca_cert(paths.CA_CRT)
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index 27e9f57..4ec4512 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -188,12 +188,10 @@ def install_http(config, auto_redirect, ca_is_configured, promote=False,
http = httpinstance.HTTPInstance()
http.create_instance(
config.realm_name, config.host_name, config.domain_name,
- config.dirman_password, False, pkcs12_info,
+ config.dirman_password, pkcs12_info,
auto_redirect=auto_redirect, ca_file=ca_file,
ca_is_configured=ca_is_configured, promote=promote)
- http.setup_firefox_extension(config.realm_name, config.domain_name)
-
return http
diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py
index 2893a29..7111feb 100644
--- a/ipaserver/install/server/upgrade.py
+++ b/ipaserver/install/server/upgrade.py
@@ -271,16 +271,6 @@ def cleanup_adtrust(fstore):
root_logger.debug('Removing %s from backup', backed_up_file)
-def setup_firefox_extension(fstore):
- """Set up the Firefox configuration extension, if it's not set up yet
- """
- root_logger.info('[Setting up Firefox extension]')
- http = httpinstance.HTTPInstance(fstore)
- realm = api.env.realm
- domain = api.env.domain
- http.setup_firefox_extension(realm, domain)
-
-
def ca_configure_profiles_acl(ca):
root_logger.info('[Authorizing RA Agent to modify profiles]')
@@ -1718,7 +1708,6 @@ def upgrade_configuration():
cleanup_kdc(fstore)
cleanup_adtrust(fstore)
- setup_firefox_extension(fstore)
bind = bindinstance.BindInstance(fstore)
if bind.is_configured() and not bind.is_running():
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
