diff options
author | Alexander Sulfrian <alexander@sulfrian.net> | 2014-10-14 12:38:26 +0200 |
---|---|---|
committer | Alexander Sulfrian <alexander@sulfrian.net> | 2014-10-14 17:22:41 +0200 |
commit | 44a6f8bdbc3fe6ed69ed9c0ca0fe5c05b9794ea8 (patch) | |
tree | eab81b2417a4118f4870ab3e3ef173ff6d208df4 | |
parent | 17e5051d616caca3974ba8662b7cc9441621c2e9 (diff) | |
download | bcfg2-44a6f8bdbc3fe6ed69ed9c0ca0fe5c05b9794ea8.tar.gz bcfg2-44a6f8bdbc3fe6ed69ed9c0ca0fe5c05b9794ea8.tar.bz2 bcfg2-44a6f8bdbc3fe6ed69ed9c0ca0fe5c05b9794ea8.zip |
Options/Common: remove defaults for ssl-key/ssl-cert on the Client
With these default values it is impossible to remove the ssl key and ssl cert
from the configuration and use password auth. Configuration options could not
be condensed in Bcfg2.Options.Common, because Server and Client needs
different default values.
-rw-r--r-- | src/lib/Bcfg2/Client/Proxy.py | 9 | ||||
-rw-r--r-- | src/lib/Bcfg2/Options/Common.py | 10 | ||||
-rw-r--r-- | src/lib/Bcfg2/Server/Core.py | 11 |
3 files changed, 16 insertions, 14 deletions
diff --git a/src/lib/Bcfg2/Client/Proxy.py b/src/lib/Bcfg2/Client/Proxy.py index cf6efac89..0cc479843 100644 --- a/src/lib/Bcfg2/Client/Proxy.py +++ b/src/lib/Bcfg2/Client/Proxy.py @@ -291,9 +291,14 @@ class ComponentProxy(xmlrpclib.ServerProxy): """Constructs proxies to components. """ options = [ - Bcfg2.Options.Common.location, Bcfg2.Options.Common.ssl_key, - Bcfg2.Options.Common.ssl_cert, Bcfg2.Options.Common.ssl_ca, + Bcfg2.Options.Common.location, Bcfg2.Options.Common.ssl_ca, Bcfg2.Options.Common.password, Bcfg2.Options.Common.client_timeout, + Bcfg2.Options.PathOption( + '--ssl-key', cf=('communication', 'key'), dest="key", + help='Path to SSL key'), + Bcfg2.Options.PathOption( + cf=('communication', 'certificate'), dest="cert", + help='Path to SSL certificate'), Bcfg2.Options.Option( "-u", "--user", default="root", cf=('communication', 'user'), help='The user to provide for authentication'), diff --git a/src/lib/Bcfg2/Options/Common.py b/src/lib/Bcfg2/Options/Common.py index 8f5cf8f06..06e2d2914 100644 --- a/src/lib/Bcfg2/Options/Common.py +++ b/src/lib/Bcfg2/Options/Common.py @@ -107,16 +107,6 @@ class Common(object): '-x', '--password', cf=('communication', 'password'), metavar='<password>', help="Communication Password") - #: Path to SSL key - ssl_key = PathOption( - '--ssl-key', cf=('communication', 'key'), dest="key", - help='Path to SSL key', default="/etc/pki/tls/private/bcfg2.key") - - #: Path to SSL certificate - ssl_cert = PathOption( - cf=('communication', 'certificate'), dest="cert", - help='Path to SSL certificate', default="/etc/pki/tls/certs/bcfg2.crt") - #: Path to SSL CA certificate ssl_ca = PathOption( cf=('communication', 'ca'), help='Path to SSL CA Cert') diff --git a/src/lib/Bcfg2/Server/Core.py b/src/lib/Bcfg2/Server/Core.py index a2f9499f2..8cb6eb11b 100644 --- a/src/lib/Bcfg2/Server/Core.py +++ b/src/lib/Bcfg2/Server/Core.py @@ -1370,8 +1370,15 @@ class NetworkCore(Core): daemonized, etc.""" options = Core.options + [ Bcfg2.Options.Common.daemon, Bcfg2.Options.Common.syslog, - Bcfg2.Options.Common.location, Bcfg2.Options.Common.ssl_key, - Bcfg2.Options.Common.ssl_cert, Bcfg2.Options.Common.ssl_ca, + Bcfg2.Options.Common.location, Bcfg2.Options.Common.ssl_ca, + Bcfg2.Options.PathOption( + '--ssl-key', cf=('communication', 'key'), dest="key", + help='Path to SSL key', + default="/etc/pki/tls/private/bcfg2.key"), + Bcfg2.Options.PathOption( + cf=('communication', 'certificate'), dest="cert", + help='Path to SSL certificate', + default="/etc/pki/tls/certs/bcfg2.crt"), Bcfg2.Options.BooleanOption( '--listen-all', cf=('server', 'listen_all'), default=False, help="Listen on all interfaces"), |