← Back to branch summary

~benji/landscape-client/better-self-signed-cert-ux

« back to all changes in this revision

Viewing changes to landscape/configuration.py

  • Committer: Benji York
  • Date: 2015-02-10 17:37:28 UTC
  • Revision ID: benji.york@canonical.com-20150210173728-vtcplbw9bpnwrquc
checkpoint

Show diffs side-by-side

added added

removed removed

Lines of Context:
landscape/configuration.py
29
29
from landscape.broker.config import BrokerConfiguration
30
30
from landscape.broker.amp import RemoteBrokerConnector
31
31
 
 
32
SELF_SIGNED_CERT_WARNING = """\
 
33
SELF-SIGNED CERTIFICATE
 
34
=======================
 
35
 
 
36
The certificate of the Landscape server could not be validated.  Please
 
37
confirme the fingerprint below by logging into the server hosting the SSL
 
38
frontend (e.g., Apache) and running a command like this:
 
39
 
 
40
openssl x509 -fingerprint -subject -noout -in /etc/ssl/certs/landscape_server.pem
 
41
 
 
42
The output should match this:
 
43
 
 
44
%s
 
45
 
 
46
Are you sure you want to continue?"""
32
47
 
33
48
class ConfigurationError(Exception):
34
49
    """Raised when required configuration values are missing."""
183
198
    def __init__(self, config):
184
199
        self.config = config
185
200
 
 
201
    # TODO Refactor this crap
186
202
    def show_help(self, text):
187
203
        lines = text.strip().splitlines()
188
204
        print_text("\n" + "".join([line.strip() + "\n" for line in lines]))
249
265
                self.show_help("This option is required to configure "
250
266
                               "Landscape.")
251
267
 
 
268
    # TODO test this crap
252
269
    def prompt_yes_no(self, message, default=True):
253
270
        if default:
254
271
            default_msg = " [Y/n]"
588
605
    return key_filename
589
606
 
590
607
 
 
608
def prompt_for_yes_no(raw_input=raw_input):
 
609
    """Ask the user if they want to, or not."""
 
610
    while True:
 
611
        answer = raw_input('[y/n]').upper()
 
612
        if answer in ("Y", "YES"):
 
613
            return True
 
614
        if answer in ("N", "NO"):
 
615
            return False
 
616
 
 
617
 
591
618
def exchange_failure(config, on_message, try_again, ssl_error=False,
592
619
        cert_path='/etc/landscape/server.pem', raw_input=raw_input,
593
620
        subprocess=subprocess):
620
647
            "openssl", "x509", "-fingerprint", "-subject", "-noout"],
621
648
            shell=True)
622
649
 
623
 
        on_message(textwrap.dedent("""\
624
 
            SELF-SIGNED CERTIFICATE
625
 
            =======================
626
 
 
627
 
            The certificate of the Landscape server could not be validated.  Please
628
 
            confirme the fingerprint below by logging into the server hosting the SSL
629
 
            frontend (e.g., Apache) and running a command like this:
630
 
 
631
 
            openssl x509 -fingerprint -subject -noout -in /etc/ssl/certs/landscape_server.pem
632
 
 
633
 
            The output should match this:
634
 
 
635
 
            %s
636
 
 
637
 
            Are you sure you want to continue?
638
 
            """) % fingerprint_etc, error=True)
 
650
        on_message(SELF_SIGNED_CERT_WARNING % fingerprint_etc, error=True)
639
651
 
640
652
        # TODO: extract the code below and use it for the other prompt(s)
641
653
        # in this file.
643
655
        # We're committing a minor async sin by blocking during a
644
656
        # callback, but we know nothing else is going to be happening and
645
657
        # the alternative is worse.
646
 
        while True:
647
 
            answer = raw_input('[y/N]').upper()
648
 
            if answer.startswith("Y"):
649
 
                break
650
 
            elif answer.startswith("N"):
651
 
                return 2
 
658
        should_continue = prompt_for_yes_no(raw_input=raw_input)
 
659
        if not should_continue:
 
660
            return 2
652
661
 
653
662
        # If the user says yes, move the temporary cert into the
654
663
        # well-known location.