* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
import java.net.ConnectException;
import java.net.HttpURLConnection;
import java.net.InetAddress;
import java.net.ConnectException;
import java.net.HttpURLConnection;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.nio.file.Files;
import java.security.KeyPair;
import java.net.UnknownHostException;
import java.nio.file.Files;
import java.security.KeyPair;
public static final String PKCS12 = "pkcs12";
public static final String JKS = "jks";
private static final String SCRIPT="script";
public static final String PKCS12 = "pkcs12";
public static final String JKS = "jks";
private static final String SCRIPT="script";
private static final String CM_VER = "1.0";
public static final int PASS_SIZE = 24;
private static int TIMEOUT;
private static final String CM_VER = "1.0";
public static final int PASS_SIZE = 24;
private static int TIMEOUT;
private static RosettaDF<CertificateRequest> reqDF;
private static RosettaDF<CertInfo> certDF;
private static RosettaDF<Artifacts> artifactsDF;
private static RosettaDF<CertificateRequest> reqDF;
private static RosettaDF<CertInfo> certDF;
private static RosettaDF<Artifacts> artifactsDF;
private static ErrMessage errMsg;
private static Map<String,PlaceArtifact> placeArtifact;
private static RosettaEnv env;
private static ErrMessage errMsg;
private static Map<String,PlaceArtifact> placeArtifact;
private static RosettaEnv env;
private static List<String> CRED_TAGS = Arrays.asList(new String[] {
Config.CADI_KEYFILE,
Config.AAF_APPID, Config.AAF_APPPASS,
private static List<String> CRED_TAGS = Arrays.asList(new String[] {
Config.CADI_KEYFILE,
Config.AAF_APPID, Config.AAF_APPPASS,
if (args.length>0 && "cadi".equals(args[0])) {
String[] newArgs = new String[args.length-1];
System.arraycopy(args, 1, newArgs, 0, newArgs.length);
if (args.length>0 && "cadi".equals(args[0])) {
String[] newArgs = new String[args.length-1];
System.arraycopy(args, 1, newArgs, 0, newArgs.length);
for(Entry<Object, Object> es : System.getProperties().entrySet()) {
if(Config.CADI_PROP_FILES.equals(es.getKey())) {
for(Entry<Object, Object> es : System.getProperties().entrySet()) {
if(Config.CADI_PROP_FILES.equals(es.getKey())) {
}
// When using Config file, check if Cred Exists, and if not, work with Deployer.
if(access!=null && !"config".equals(args[0]) && access.getProperty(Config.AAF_APPPASS)==null && access.getProperty(Config.CADI_ALIAS)==null) {
}
// When using Config file, check if Cred Exists, and if not, work with Deployer.
if(access!=null && !"config".equals(args[0]) && access.getProperty(Config.AAF_APPPASS)==null && access.getProperty(Config.CADI_ALIAS)==null) {
if (args.length>1) {
if (!args[0].equals("keypairgen")) {
props.put(Config.AAF_APPID, args[1]);
if (args.length>1) {
if (!args[0].equals("keypairgen")) {
props.put(Config.AAF_APPID, args[1]);
System.out.println(" update <FQI> [<machine>]");
System.out.println(" delete <FQI> [<machine>]");
System.out.println(" copy <FQI> <machine> <newmachine>[,<newmachine>]*");
System.out.println(" update <FQI> [<machine>]");
System.out.println(" delete <FQI> [<machine>]");
System.out.println(" copy <FQI> <machine> <newmachine>[,<newmachine>]*");
System.out.println(" showpass <FQI> [<machine>]");
System.out.println(" check <FQI> [<machine>]");
System.out.println(" keypairgen <FQI>");
System.out.println(" showpass <FQI> [<machine>]");
System.out.println(" check <FQI> [<machine>]");
System.out.println(" keypairgen <FQI>");
System.out.println(" ** Type with no params for Tool Help");
System.out.println(" ** If using with Agent, preface with \"cadi\"");
System.out.println(" cadi <cadi tool params, see -?>");
System.out.println(" ** Type with no params for Tool Help");
System.out.println(" ** If using with Agent, preface with \"cadi\"");
System.out.println(" cadi <cadi tool params, see -?>");
reqDF = env.newDataFactory(CertificateRequest.class);
artifactsDF = env.newDataFactory(Artifacts.class);
certDF = env.newDataFactory(CertInfo.class);
configDF = env.newDataFactory(Configuration.class);
permDF = env.newDataFactory(Perms.class);
errMsg = new ErrMessage(env);
reqDF = env.newDataFactory(CertificateRequest.class);
artifactsDF = env.newDataFactory(Artifacts.class);
certDF = env.newDataFactory(CertInfo.class);
configDF = env.newDataFactory(Configuration.class);
permDF = env.newDataFactory(Perms.class);
errMsg = new ErrMessage(env);
placeArtifact = new HashMap<>();
placeArtifact.put(JKS, new PlaceArtifactInKeystore(JKS));
placeArtifact.put(PKCS12, new PlaceArtifactInKeystore(PKCS12));
placeArtifact.put(FILE, new PlaceArtifactInFiles());
placeArtifact.put(PRINT, new PlaceArtifactOnStream(System.out));
placeArtifact.put(SCRIPT, new PlaceArtifactScripts());
placeArtifact = new HashMap<>();
placeArtifact.put(JKS, new PlaceArtifactInKeystore(JKS));
placeArtifact.put(PKCS12, new PlaceArtifactInKeystore(PKCS12));
placeArtifact.put(FILE, new PlaceArtifactInFiles());
placeArtifact.put(PRINT, new PlaceArtifactOnStream(System.out));
placeArtifact.put(SCRIPT, new PlaceArtifactScripts());
- config(trans,access,args,cmds);
+ exitCode = config(trans,access,args,cmds);
- try {
- exitCode = check(trans,aafcon(access),cmds);
- } catch (Exception e) {
- exitCode = 1;
- throw e;
- }
+ exitCode = check(trans,aafcon(access),cmds);
lhost=Config.AAF_LOCATE_URL_TAG;
}
value = rph.replacements(AGENT_LOAD_URLS,
lhost=Config.AAF_LOCATE_URL_TAG;
}
value = rph.replacements(AGENT_LOAD_URLS,
- private static void createArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ private static int createArtifact(Trans transitiveInfo, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ boolean success = false;
arti.setMechid(mechID!=null?mechID:AAFSSO.cons.readLine("AppID: "));
arti.setMachine(machine!=null?machine:AAFSSO.cons.readLine("Machine (%s): ",InetAddress.getLocalHost().getHostName()));
arti.setCa(AAFSSO.cons.readLine("CA: (%s): ","aaf"));
arti.setMechid(mechID!=null?mechID:AAFSSO.cons.readLine("AppID: "));
arti.setMachine(machine!=null?machine:AAFSSO.cons.readLine("Machine (%s): ",InetAddress.getLocalHost().getHostName()));
arti.setCa(AAFSSO.cons.readLine("CA: (%s): ","aaf"));
String resp = AAFSSO.cons.readLine("Types [file,pkcs12,jks,script] (%s): ", PKCS12);
for (String s : Split.splitTrim(',', resp)) {
arti.getType().add(s);
String resp = AAFSSO.cons.readLine("Types [file,pkcs12,jks,script] (%s): ", PKCS12);
for (String s : Split.splitTrim(',', resp)) {
arti.getType().add(s);
arti.setOsUser(AAFSSO.cons.readLine("OS User (%s): ", System.getProperty("user.name")));
arti.setRenewDays(Integer.parseInt(AAFSSO.cons.readLine("Renewal Days (%s):", "30")));
arti.setNotification(toNotification(AAFSSO.cons.readLine("Notification (mailto owner):", "")));
arti.setOsUser(AAFSSO.cons.readLine("OS User (%s): ", System.getProperty("user.name")));
arti.setRenewDays(Integer.parseInt(AAFSSO.cons.readLine("Renewal Days (%s):", "30")));
arti.setNotification(toNotification(AAFSSO.cons.readLine("Notification (mailto owner):", "")));
try {
Future<Artifacts> future = aafcon.client(CM_VER).create("/cert/artifacts", artifactsDF, artifacts);
if (future.get(TIMEOUT)) {
try {
Future<Artifacts> future = aafcon.client(CM_VER).create("/cert/artifacts", artifactsDF, artifacts);
if (future.get(TIMEOUT)) {
- trans.info().printf("Call to AAF Certman successful %s, %s",arti.getMechid(), arti.getMachine());
+ transitiveInfo.info().printf("Call to AAF Certman successful %s, %s",arti.getMechid(), arti.getMachine());
+ success = true;
- private static void readArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ /**
+ *
+ * @param transitiveInfo
+ * @param aafcon
+ * @param cmds
+ * @return exit cocde for shell
+ * @throws Exception
+ */
+ private static int readArtifact(Trans transitiveInfo, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF,"Authorization","Bearer " + trans.getProperty("oauth_token"));
-
+ .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF,"Authorization","Bearer " + transitiveInfo.getProperty("oauth_token"));
+
- boolean printed = false;
- for (Artifact a : future.value.getArtifact()) {
- AAFSSO.cons.printf("AppID: %s\n",a.getMechid());
- AAFSSO.cons.printf(" Sponsor: %s\n",a.getSponsor());
- AAFSSO.cons.printf("Machine: %s\n",a.getMachine());
- AAFSSO.cons.printf("CA: %s\n",a.getCa());
+ List<Artifact> artifacts = future.value.getArtifact();
+ for (Artifact a : artifacts) {
+ AAFSSO.cons.printf("AppID: %s\n",a.getMechid());
+ AAFSSO.cons.printf(" Sponsor: %s\n",a.getSponsor());
+ AAFSSO.cons.printf("Machine: %s\n",a.getMachine());
+ AAFSSO.cons.printf("CA: %s\n",a.getCa());
AAFSSO.cons.printf("Directory: %s\n",a.getDir());
AAFSSO.cons.printf("O/S User: %s\n",a.getOsUser());
AAFSSO.cons.printf("Renew Days: %d\n",a.getRenewDays());
AAFSSO.cons.printf("Notification %s\n",a.getNotification());
AAFSSO.cons.printf("Directory: %s\n",a.getDir());
AAFSSO.cons.printf("O/S User: %s\n",a.getOsUser());
AAFSSO.cons.printf("Renew Days: %d\n",a.getRenewDays());
AAFSSO.cons.printf("Notification %s\n",a.getNotification());
-
- private static void copyArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+
+ /**
+ *
+ * @param transitiveInfo
+ * @param aafcon
+ * @param cmds
+ * @return exit code for shell
+ * @throws Exception
+ */
+ private static int copyArtifact(Trans transitiveInfo, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ boolean success = false;
String mechID = fqi(cmds);
String machine = machine(cmds);
String[] newmachs = machines(cmds);
if (machine==null || newmachs == null) {
String mechID = fqi(cmds);
String machine = machine(cmds);
String[] newmachs = machines(cmds);
if (machine==null || newmachs == null) {
try {
Future<Artifacts> future = aafcon.client(CM_VER)
.read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
try {
Future<Artifacts> future = aafcon.client(CM_VER)
.read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
for (Artifact a : future.value.getArtifact()) {
for (String m : newmachs) {
a.setMachine(m);
Future<Artifacts> fup = aafcon.client(CM_VER).update("/cert/artifacts", artifactsDF, future.value);
if (fup.get(TIMEOUT)) {
for (Artifact a : future.value.getArtifact()) {
for (String m : newmachs) {
a.setMachine(m);
Future<Artifacts> fup = aafcon.client(CM_VER).update("/cert/artifacts", artifactsDF, future.value);
if (fup.get(TIMEOUT)) {
- trans.info().printf("Copy of %s %s successful to %s",mechID,machine,m);
+ transitiveInfo.info().printf("Copy of %s %s successful to %s",mechID,machine,m);
+ success = true;
- private static void updateArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ /**
+ *
+ * @param transitiveInfo
+ * @param aafcon
+ * @param cmds
+ * @return exit code for shell
+ * @throws Exception
+ */
+ private static int updateArtifact(Trans transitiveInfo, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ boolean success = false;
try {
Future<Artifacts> fread = aafcon.client(CM_VER)
.read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
try {
Future<Artifacts> fread = aafcon.client(CM_VER)
.read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
if (fread.get(TIMEOUT)) {
Artifacts artifacts = new Artifacts();
for (Artifact a : fread.value.getArtifact()) {
Artifact arti = new Artifact();
artifacts.getArtifact().add(arti);
if (fread.get(TIMEOUT)) {
Artifacts artifacts = new Artifacts();
for (Artifact a : fread.value.getArtifact()) {
Artifact arti = new Artifact();
artifacts.getArtifact().add(arti);
AAFSSO.cons.printf("For %s on %s\n", a.getMechid(),a.getMachine());
arti.setMechid(a.getMechid());
arti.setMachine(a.getMachine());
AAFSSO.cons.printf("For %s on %s\n", a.getMechid(),a.getMachine());
arti.setMechid(a.getMechid());
arti.setMachine(a.getMachine());
String resp = AAFSSO.cons.readLine("Types [file,jks,pkcs12] (%s): ", sb);
for (String s : Split.splitTrim(',', resp)) {
arti.getType().add(s);
String resp = AAFSSO.cons.readLine("Types [file,jks,pkcs12] (%s): ", sb);
for (String s : Split.splitTrim(',', resp)) {
arti.getType().add(s);
arti.setOsUser(AAFSSO.cons.readLine("OS User (%s): ", a.getOsUser()));
arti.setRenewDays(Integer.parseInt(AAFSSO.cons.readLine("Renew Days (%s):", a.getRenewDays())));
arti.setNotification(toNotification(AAFSSO.cons.readLine("Notification (%s):", a.getNotification())));
arti.setOsUser(AAFSSO.cons.readLine("OS User (%s): ", a.getOsUser()));
arti.setRenewDays(Integer.parseInt(AAFSSO.cons.readLine("Renew Days (%s):", a.getRenewDays())));
arti.setNotification(toNotification(AAFSSO.cons.readLine("Notification (%s):", a.getNotification())));
}
if (artifacts.getArtifact().size()==0) {
AAFSSO.cons.printf("Artifact for %s %s does not exist", mechID, machine);
} else {
Future<Artifacts> fup = aafcon.client(CM_VER).update("/cert/artifacts", artifactsDF, artifacts);
if (fup.get(TIMEOUT)) {
}
if (artifacts.getArtifact().size()==0) {
AAFSSO.cons.printf("Artifact for %s %s does not exist", mechID, machine);
} else {
Future<Artifacts> fup = aafcon.client(CM_VER).update("/cert/artifacts", artifactsDF, artifacts);
if (fup.get(TIMEOUT)) {
- trans.info().printf("Call to AAF Certman successful %s, %s",mechID,machine);
+ transitiveInfo.info().printf("Call to AAF Certman successful %s, %s",mechID,machine);
+ success = true;
- trans.error().printf("Call to AAF Certman failed, %s %s, %s",
+ transitiveInfo.error().printf("Call to AAF Certman failed, %s %s, %s",
-
- private static void deleteArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+
+ /**
+ *
+ * @param transitiveInfo
+ * @param aafcon
+ * @param cmds
+ * @return exit code for shell
+ * @throws Exception
+ */
+ private static int deleteArtifact(Trans transitiveInfo, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ boolean success = false;
try {
Future<Void> future = aafcon.client(CM_VER)
.delete("/cert/artifacts/"+mechid+"/"+machine,"application/json" );
try {
Future<Void> future = aafcon.client(CM_VER)
.delete("/cert/artifacts/"+mechid+"/"+machine,"application/json" );
- trans.info().printf("Call to AAF Certman successful %s, %s",mechid,machine);
+ transitiveInfo.info().printf("Call to AAF Certman successful %s, %s",mechid,machine);
+ success = true;
- trans.error().printf("Call to AAF Certman failed, %s %s, %s",
+ transitiveInfo.error().printf("Call to AAF Certman failed, %s %s, %s",
- private static boolean placeCerts(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- boolean rv = false;
+ /**
+ *
+ * @param transitiveInfo
+ * @param aafcon
+ * @param cmds
+ * @return exit code for shell
+ * @throws Exception
+ */
+ private static int placeCerts(Trans transitiveInfo, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ boolean success = false;
String mechID = fqi(cmds);
String machine = machine(cmds);
String[] fqdns = Split.split(':', machine);
String mechID = fqi(cmds);
String machine = machine(cmds);
String[] fqdns = Split.split(':', machine);
try {
Future<Artifacts> acf = aafcon.client(CM_VER)
.read("/cert/artifacts/"+mechID+'/'+key, artifactsDF);
try {
Future<Artifacts> acf = aafcon.client(CM_VER)
.read("/cert/artifacts/"+mechID+'/'+key, artifactsDF);
CertificateRequest cr = new CertificateRequest();
cr.setMechid(a.getMechid());
cr.setSponsor(a.getSponsor());
CertificateRequest cr = new CertificateRequest();
cr.setMechid(a.getMechid());
cr.setSponsor(a.getSponsor());
}
Future<String> f = aafcon.client(CM_VER)
.updateRespondString("/cert/" + a.getCa()+"?withTrust",reqDF, cr);
}
Future<String> f = aafcon.client(CM_VER)
.updateRespondString("/cert/" + a.getCa()+"?withTrust",reqDF, cr);
- if (rv = pa.place(trans, capi, a,machine)) {
- notifyPlaced(a,rv);
- }
+ pa.place(transitiveInfo, capi, a,machine);
+ success = true;
- private static void showPass(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+
+ /**
+ *
+ * @param transitiveInfo
+ * @param aafcon
+ * @param cmds
+ * @return exit code for shell
+ * @throws Exception
+ */
+ private static int showPass(Trans transitiveInfo, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ boolean success = false;
try {
Future<Artifacts> acf = aafcon.client(CM_VER)
.read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
try {
Future<Artifacts> acf = aafcon.client(CM_VER)
.read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
File f = new File(dir,a.getNs()+".keyfile");
if (f.exists()) {
Symm symm = ArtifactDir.getSymm(f);
File f = new File(dir,a.getNs()+".keyfile");
if (f.exists()) {
Symm symm = ArtifactDir.getSymm(f);
for (Iterator<Entry<Object,Object>> iter = props.entrySet().iterator(); iter.hasNext();) {
Entry<Object,Object> en = iter.next();
if (en.getValue().toString().startsWith("enc:")) {
System.out.printf("%s=%s\n", en.getKey(), symm.depass(en.getValue().toString()));
}
}
for (Iterator<Entry<Object,Object>> iter = props.entrySet().iterator(); iter.hasNext();) {
Entry<Object,Object> en = iter.next();
if (en.getValue().toString().startsWith("enc:")) {
System.out.printf("%s=%s\n", en.getKey(), symm.depass(en.getValue().toString()));
}
}
-
- private static void keypairGen(final Trans trans, final PropAccess access, final Deque<String> cmds) throws IOException {
+
+
+ /**
+ *
+ * @param transitiveInfo
+ * @param aafcon
+ * @param cmds
+ * @return exit code for shell
+ * @throws IOException
+ */
+ private static int keypairGen(final Trans transitiveInfo, final PropAccess access, final Deque<String> cmds) throws IOException {
final String fqi = fqi(cmds);
final String ns = FQI.reverseDomain(fqi);
File dir = new File(access.getProperty(Config.CADI_ETCDIR,".")); // default to current Directory
File f = new File(dir,ns+".key");
final String fqi = fqi(cmds);
final String ns = FQI.reverseDomain(fqi);
File dir = new File(access.getProperty(Config.CADI_ETCDIR,".")); // default to current Directory
File f = new File(dir,ns+".key");
if (f.exists()) {
String line = AAFSSO.cons.readLine("%s exists. Overwrite? (y/n): ", f.getCanonicalPath());
if (!"Y".equalsIgnoreCase(line)) {
System.out.println("Canceling...");
if (f.exists()) {
String line = AAFSSO.cons.readLine("%s exists. Overwrite? (y/n): ", f.getCanonicalPath());
if (!"Y".equalsIgnoreCase(line)) {
System.out.println("Canceling...");
-
- KeyPair kp = Factory.generateKeyPair(trans);
- ArtifactDir.write(f, Chmod.to400, Factory.toString(trans, kp.getPrivate()));
+
+ KeyPair kp = Factory.generateKeyPair(transitiveInfo);
+ ArtifactDir.write(f, Chmod.to400, Factory.toString(transitiveInfo, kp.getPrivate()));
System.out.printf("Wrote %s\n", f.getCanonicalFile());
f=new File(dir,ns+".pubkey");
System.out.printf("Wrote %s\n", f.getCanonicalFile());
f=new File(dir,ns+".pubkey");
- ArtifactDir.write(f, Chmod.to644, Factory.toString(trans, kp.getPublic()));
+ ArtifactDir.write(f, Chmod.to644, Factory.toString(transitiveInfo, kp.getPublic()));
-
- private static void config(Trans trans, PropAccess propAccess, String[] args, Deque<String> cmds) throws Exception {
- TimeTaken tt = trans.start("Get Configuration", Env.REMOTE);
+
+ /**
+ *
+ * @param transitiveInfo
+ * @param propAccess
+ * @param args
+ * @param cmds
+ * @return exit code for shell
+ * @throws Exception
+ */
+ private static int config(Trans transitiveInfo, PropAccess propAccess, String[] args, Deque<String> cmds) throws Exception {
+ boolean success = true;
+ TimeTaken tt = transitiveInfo.start("Get Configuration", Env.REMOTE);
app.add(Config.CADI_PROP_FILES, loc.getPath()+':'+cred.getPath());
for (String tag : LOC_TAGS) {
app.add(Config.CADI_PROP_FILES, loc.getPath()+':'+cred.getPath());
for (String tag : LOC_TAGS) {
- loc.add(tag, getProperty(propAccess, trans, false, tag, "%s: ",tag));
+ loc.add(tag, getProperty(propAccess, transitiveInfo, false, tag, "%s: ",tag));
// load all properties that are already setup.
Map<String, String> aaf_urls = loadURLs(propAccess);
for(Entry<String, String> es : aaf_urls.entrySet()) {
app.add(es.getKey(), es.getValue());
}
// load all properties that are already setup.
Map<String, String> aaf_urls = loadURLs(propAccess);
for(Entry<String, String> es : aaf_urls.entrySet()) {
app.add(es.getKey(), es.getValue());
}
app.add(Config.AAF_LOCATE_URL, Config.getAAFLocateUrl(propAccess));
app.add(Config.AAF_ENV,propAccess, "DEV");
String release = propAccess.getProperty(Config.AAF_DEPLOYED_VERSION);
app.add(Config.AAF_LOCATE_URL, Config.getAAFLocateUrl(propAccess));
app.add(Config.AAF_ENV,propAccess, "DEV");
String release = propAccess.getProperty(Config.AAF_DEPLOYED_VERSION);
app.add(Config.AAF_APPID, fqi);
String cts = propAccess.getProperty(Config.CADI_TRUSTSTORE);
app.add(Config.AAF_APPID, fqi);
String cts = propAccess.getProperty(Config.CADI_TRUSTSTORE);
if (fcpf.exists()) {
int lastSep = cts.lastIndexOf(File.pathSeparator);
origTruststore = new File(fcpf.getParentFile(),lastSep>=0?cts.substring(lastSep):cts);
if (fcpf.exists()) {
int lastSep = cts.lastIndexOf(File.pathSeparator);
origTruststore = new File(fcpf.getParentFile(),lastSep>=0?cts.substring(lastSep):cts);
}
if (!newTruststore.exists() && origTruststore.exists()) {
Files.copy(origTruststore.toPath(), newTruststore.toPath());
}
if (!newTruststore.exists() && origTruststore.exists()) {
Files.copy(origTruststore.toPath(), newTruststore.toPath());
System.out.println("New Truststore is " + newTruststore);
cred.add(Config.CADI_TRUSTSTORE, newTruststore.getCanonicalPath());
cred.add(Config.CADI_TRUSTSTORE_PASSWORD, "changeit" /* Java default */);
System.out.println("New Truststore is " + newTruststore);
cred.add(Config.CADI_TRUSTSTORE, newTruststore.getCanonicalPath());
cred.add(Config.CADI_TRUSTSTORE_PASSWORD, "changeit" /* Java default */);
for (int pfi = propFiles.length-1;pfi>=0;--pfi) {
String f = propFiles[pfi];
System.out.format("Reading %s\n",f);
for (int pfi = propFiles.length-1;pfi>=0;--pfi) {
String f = propFiles[pfi];
System.out.format("Reading %s\n",f);
- for (Props props : aafProps(trans,aafcon,getProperty(propAccess,aafcon.env,false,Config.AAF_LOCATE_URL,"AAF Locator URL: "),fqi)) {
+ for (Props props : aafProps(transitiveInfo,aafcon,getProperty(propAccess,aafcon.env,false,Config.AAF_LOCATE_URL,"AAF Locator URL: "),fqi)) {
PropHolder ph = CRED_TAGS.contains(props.getTag())?cred:app;
if(props.getTag().endsWith("_password")) {
ph.addEnc(props.getTag(), props.getValue());
PropHolder ph = CRED_TAGS.contains(props.getTag())?cred:app;
if(props.getTag().endsWith("_password")) {
ph.addEnc(props.getTag(), props.getValue());
- public static List<Props> aafProps(Trans trans, AAFCon<?> aafcon, String locator, String fqi) throws CadiException, APIException, LocatorException {
+ public static List<Props> aafProps(Trans transitiveInfo, AAFCon<?> aafcon, String locator, String fqi) throws CadiException, APIException, LocatorException {
Future<Configuration> acf = aafcon.client(new SingleEndpointLocator(locator))
.read("/configure/"+fqi+"/aaf", configDF);
if (acf.get(TIMEOUT)) {
return acf.value.getProps();
} else if (acf.code()==401){
Future<Configuration> acf = aafcon.client(new SingleEndpointLocator(locator))
.read("/configure/"+fqi+"/aaf", configDF);
if (acf.get(TIMEOUT)) {
return acf.value.getProps();
} else if (acf.code()==401){
- private static void validate(final PropAccess pa) throws LocatorException, CadiException, APIException {
+ /**
+ *
+ * @param pa
+ * @return exit code for shell
+ * @throws LocatorException
+ * @throws CadiException
+ * @throws APIException
+ */
+ private static int validate(final PropAccess pa) throws LocatorException, CadiException, APIException {
System.out.println("Validating Configuration...");
final AAFCon<?> aafcon = new AAFConHttp(pa,Config.AAF_URL,new SecurityInfoC<HttpURLConnection>(pa));
System.out.println("Validating Configuration...");
final AAFCon<?> aafcon = new AAFConHttp(pa,Config.AAF_URL,new SecurityInfoC<HttpURLConnection>(pa));
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ public Integer code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ boolean success = false;
Future<Perms> fc = client.read("/authz/perms/user/"+aafcon.defID(),permDF);
if (fc.get(aafcon.timeout)) {
System.out.print("Success connecting to ");
Future<Perms> fc = client.read("/authz/perms/user/"+aafcon.defID(),permDF);
if (fc.get(aafcon.timeout)) {
System.out.print("Success connecting to ");
- *
- * 0 - Check Complete, nothing to do
- * 1 - General Error
- * 2 - Error for specific Artifact - read check.msg
- * 10 - Certificate Updated - check.msg is email content
- *
- * @param trans
+ *
+ * <ul>0 - Check Complete, nothing to do</ul>
+ * <ul>1 - General Error</ul>
+ * <ul>2 - Error for specific Artifact - read check.msg</ul>
+ * <ul>10 - Certificate Updated - check.msg is email content</ul>
+ *
+ * @param transitiveInfo
- private static int check(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ private static int check(Trans transitiveInfo, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
Future<Artifacts> acf = aafcon.client(CM_VER)
.read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
if (acf.get(TIMEOUT)) {
Future<Artifacts> acf = aafcon.client(CM_VER)
.read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
if (acf.get(TIMEOUT)) {
- String ksf = trans.getProperty(Config.CADI_KEYSTORE);
- String ksps = trans.getProperty(Config.CADI_KEYSTORE_PASSWORD);
+ String ksf = transitiveInfo.getProperty(Config.CADI_KEYSTORE);
+ String ksps = transitiveInfo.getProperty(Config.CADI_KEYSTORE_PASSWORD);
Config.CADI_KEYSTORE, Config.CADI_KEYSTORE_PASSWORD,a.getMechid(), a.getMachine());
} else {
Symm symm = ArtifactDir.getSymm(f);
KeyStore ks = KeyStore.getInstance("JKS");
Config.CADI_KEYSTORE, Config.CADI_KEYSTORE_PASSWORD,a.getMechid(), a.getMachine());
} else {
Symm symm = ArtifactDir.getSymm(f);
KeyStore ks = KeyStore.getInstance("JKS");
fis = new FileInputStream(ksf);
try {
ks.load(fis,symm.depass(ksps).toCharArray());
fis = new FileInputStream(ksf);
try {
ks.load(fis,symm.depass(ksps).toCharArray());
if (cert==null) {
msg = String.format("X509Certificate does not exist for %s on %s in %s",
a.getMechid(), a.getMachine(), ksf);
if (cert==null) {
msg = String.format("X509Certificate does not exist for %s on %s in %s",
a.getMechid(), a.getMachine(), ksf);
exitCode = 2;
} else {
GregorianCalendar renew = new GregorianCalendar();
renew.setTime(cert.getNotAfter());
renew.add(GregorianCalendar.DAY_OF_MONTH,-1*a.getRenewDays());
if (renew.after(now)) {
exitCode = 2;
} else {
GregorianCalendar renew = new GregorianCalendar();
renew.setTime(cert.getNotAfter());
renew.add(GregorianCalendar.DAY_OF_MONTH,-1*a.getRenewDays());
if (renew.after(now)) {
a.getMechid(), a.getMachine(),Chrono.dateOnlyStamp(now),cert.getNotAfter(),Chrono.dateOnlyStamp(renew));
a.getMechid(), a.getMachine(),Chrono.dateOnlyStamp(now),cert.getNotAfter(),Chrono.dateOnlyStamp(renew));
- trans.info().printf("X509Certificate for %s on %s expiration, %s, needs Renewal.\n",
+ transitiveInfo.info().printf("X509Certificate for %s on %s expiration, %s, needs Renewal.\n",
- if (placeCerts(trans,aafcon,cmds)) {
- msg = String.format("X509Certificate for %s on %s has been renewed. Ensure services using are refreshed.\n",
+ if (placeCerts(transitiveInfo,aafcon,cmds) == 0) {
+ msg = String.format("X509Certificate for %s on %s has been renewed. Ensure services using are refreshed.\n",
a.getMechid(), a.getMachine());
exitCode = 10; // Refreshed
} else {
a.getMechid(), a.getMachine());
exitCode = 10; // Refreshed
} else {
- msg = String.format("X509Certificate for %s on %s attempted renewal, but failed. Immediate Investigation is required!\n",
+ msg = String.format("X509Certificate for %s on %s attempted renewal, but failed. Immediate Investigation is required!\n",
a.getMechid(), a.getMachine());
exitCode = 1; // Error Renewing
}
a.getMechid(), a.getMachine());
exitCode = 1; // Error Renewing
}