[Fedora-directory-commits] adminserver/tests/download - New directory
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/tests/download
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13243/download
Log Message:
Directory /cvs/dirsec/adminserver/tests/download added to the repository
16 years, 11 months
- 1
- 0
[Fedora-directory-commits] adminserver/tests/admpw - New directory
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/tests/admpw
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13243/admpw
Log Message:
Directory /cvs/dirsec/adminserver/tests/admpw added to the repository
16 years, 11 months
- 1
- 0
[Fedora-directory-commits] ldapserver Makefile.am, 1.36, 1.37 Makefile.in, 1.43, 1.44
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/ldapserver
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5289
Modified Files:
Makefile.am Makefile.in
Log Message:
Resolves: #239337
Summary: Change the name and location of template-cl-dump.pl and template-repl-monitor.pl
Description: 1) Removed "template-" from the script name
2) added shell script wrappers cl-dump and repl-monitor
3) moved them to bindir
Index: Makefile.am
===================================================================
RCS file: /cvs/dirsec/ldapserver/Makefile.am,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -r1.36 -r1.37
--- Makefile.am 27 Apr 2007 23:39:59 -0000 1.36
+++ Makefile.am 8 May 2007 17:22:33 -0000 1.37
@@ -159,7 +159,11 @@
wrappers/migratecred \
wrappers/mmldif \
wrappers/pwdhash \
- wrappers/rsearch
+ wrappers/rsearch \
+ wrappers/cl-dump \
+ ldap/admin/src/scripts/cl-dump.pl \
+ wrappers/repl-monitor \
+ ldap/admin/src/scripts/repl-monitor.pl
task_SCRIPTS = ldap/admin/src/scripts/template-bak2db \
ldap/admin/src/scripts/template-db2bak \
@@ -175,7 +179,6 @@
ldap/admin/src/scripts/template-suffix2instance \
ldap/admin/src/scripts/template-vlvindex \
ldap/admin/src/scripts/template-bak2db.pl \
- ldap/admin/src/scripts/template-cl-dump.pl \
ldap/admin/src/scripts/template-db2bak.pl \
ldap/admin/src/scripts/template-db2index.pl \
ldap/admin/src/scripts/template-db2ldif.pl \
@@ -184,7 +187,6 @@
ldap/admin/src/scripts/template-ns-activate.pl \
ldap/admin/src/scripts/template-ns-inactivate.pl \
ldap/admin/src/scripts/template-ns-newpwpolicy.pl \
- ldap/admin/src/scripts/template-repl-monitor.pl \
ldap/admin/src/scripts/template-verify-db.pl \
$(srcdir)/ldap/admin/src/scripts/template-migrate5to7 \
$(srcdir)/ldap/admin/src/scripts/template-migrate6to7 \
Index: Makefile.in
===================================================================
RCS file: /cvs/dirsec/ldapserver/Makefile.in,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -r1.43 -r1.44
--- Makefile.in 27 Apr 2007 23:39:59 -0000 1.43
+++ Makefile.in 8 May 2007 17:22:33 -0000 1.44
@@ -1073,7 +1073,11 @@
wrappers/migratecred \
wrappers/mmldif \
wrappers/pwdhash \
- wrappers/rsearch
+ wrappers/rsearch \
+ wrappers/cl-dump \
+ ldap/admin/src/scripts/cl-dump.pl \
+ wrappers/repl-monitor \
+ ldap/admin/src/scripts/repl-monitor.pl
task_SCRIPTS = ldap/admin/src/scripts/template-bak2db \
ldap/admin/src/scripts/template-db2bak \
@@ -1089,7 +1093,6 @@
ldap/admin/src/scripts/template-suffix2instance \
ldap/admin/src/scripts/template-vlvindex \
ldap/admin/src/scripts/template-bak2db.pl \
- ldap/admin/src/scripts/template-cl-dump.pl \
ldap/admin/src/scripts/template-db2bak.pl \
ldap/admin/src/scripts/template-db2index.pl \
ldap/admin/src/scripts/template-db2ldif.pl \
@@ -1098,7 +1101,6 @@
ldap/admin/src/scripts/template-ns-activate.pl \
ldap/admin/src/scripts/template-ns-inactivate.pl \
ldap/admin/src/scripts/template-ns-newpwpolicy.pl \
- ldap/admin/src/scripts/template-repl-monitor.pl \
ldap/admin/src/scripts/template-verify-db.pl \
$(srcdir)/ldap/admin/src/scripts/template-migrate5to7 \
$(srcdir)/ldap/admin/src/scripts/template-migrate6to7 \
16 years, 11 months
- 1
- 0
[Fedora-directory-commits] ldapserver/wrappers cl-dump.in, NONE, 1.1 repl-monitor.in, NONE, 1.1
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/ldapserver/wrappers
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5289/wrappers
Added Files:
cl-dump.in repl-monitor.in
Log Message:
Resolves: #239337
Summary: Change the name and location of template-cl-dump.pl and template-repl-monitor.pl
Description: 1) Removed "template-" from the script name
2) added shell script wrappers cl-dump and repl-monitor
3) moved them to bindir
--- NEW FILE cl-dump.in ---
#!/bin/sh
# BEGIN COPYRIGHT BLOCK
# This Program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; version 2 of the License.
#
# This Program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
# Place, Suite 330, Boston, MA 02111-1307 USA.
#
# In addition, as a special exception, Red Hat, Inc. gives You the additional
# right to link the code of this Program with code not covered under the GNU
# General Public License ("Non-GPL Code") and to distribute linked combinations
# including the two, subject to the limitations in this paragraph. Non-GPL Code
# permitted under this exception must only link to the code of this Program
# through those well defined interfaces identified in the file named EXCEPTION
# found in the source code files (the "Approved Interfaces"). The files of
# Non-GPL Code may instantiate templates or use macros or inline functions from
# the Approved Interfaces without causing the resulting work to be covered by
# the GNU General Public License. Only Red Hat, Inc. may make changes or
# additions to the list of Approved Interfaces. You must obey the GNU General
# Public License in all respects for all of the Program code and other code used
# in conjunction with the Program except the Non-GPL Code covered by this
# exception. If you modify this file, you may extend this exception to your
# version of the file, but you are not obligated to do so. If you do not wish to
# provide this exception without modification, you must delete this exception
# statement from your version and license this file solely under the GPL without
# exception.
#
#
# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
# Copyright (C) 2007 Red Hat, Inc.
# All rights reserved.
# END COPYRIGHT BLOCK
################################################################################
#
# FILE: cl-dump
#
# wrapper for cl-dump.pl
# set the library paths and call cl-dump.pl
LD_LIBRARY_PATH=@nss_libdir@:/usr/lib
SHLIB_PATH=@nss_libdir@:/usr/lib
export LD_LIBRARY_PATH SHLIB_PATH
@bindir(a)/cl-dump.pl "$@"
--- NEW FILE repl-monitor.in ---
#!/bin/sh
# BEGIN COPYRIGHT BLOCK
# This Program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; version 2 of the License.
#
# This Program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
# Place, Suite 330, Boston, MA 02111-1307 USA.
#
# In addition, as a special exception, Red Hat, Inc. gives You the additional
# right to link the code of this Program with code not covered under the GNU
# General Public License ("Non-GPL Code") and to distribute linked combinations
# including the two, subject to the limitations in this paragraph. Non-GPL Code
# permitted under this exception must only link to the code of this Program
# through those well defined interfaces identified in the file named EXCEPTION
# found in the source code files (the "Approved Interfaces"). The files of
# Non-GPL Code may instantiate templates or use macros or inline functions from
# the Approved Interfaces without causing the resulting work to be covered by
# the GNU General Public License. Only Red Hat, Inc. may make changes or
# additions to the list of Approved Interfaces. You must obey the GNU General
# Public License in all respects for all of the Program code and other code used
# in conjunction with the Program except the Non-GPL Code covered by this
# exception. If you modify this file, you may extend this exception to your
# version of the file, but you are not obligated to do so. If you do not wish to
# provide this exception without modification, you must delete this exception
# statement from your version and license this file solely under the GPL without
# exception.
#
#
# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
# Copyright (C) 2007 Red Hat, Inc.
# All rights reserved.
# END COPYRIGHT BLOCK
##############################################################################
#
# FILE: repl-monitor.pl
#
# wrapper for repl-monitor.pl
# set the library paths and call repl-monitor.pl
LD_LIBRARY_PATH=@nss_libdir@:/usr/lib
SHLIB_PATH=@nss_libdir@:/usr/lib
export LD_LIBRARY_PATH SHLIB_PATH
@bindir(a)/repl-monitor.pl "$@"
16 years, 11 months
- 1
- 0
[Fedora-directory-commits] ldapserver/ldap/admin/src/scripts cl-dump.pl, NONE, 1.1 repl-monitor.pl, NONE, 1.1 template-cl-dump.pl.in, 1.4, NONE template-repl-monitor.pl.in, 1.3, NONE
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5289/ldap/admin/src/scripts
Added Files:
cl-dump.pl repl-monitor.pl
Removed Files:
template-cl-dump.pl.in template-repl-monitor.pl.in
Log Message:
Resolves: #239337
Summary: Change the name and location of template-cl-dump.pl and template-repl-monitor.pl
Description: 1) Removed "template-" from the script name
2) added shell script wrappers cl-dump and repl-monitor
3) moved them to bindir
--- NEW FILE cl-dump.pl ---
#!/usr/bin/env perl
# BEGIN COPYRIGHT BLOCK
# This Program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; version 2 of the License.
#
# This Program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
# Place, Suite 330, Boston, MA 02111-1307 USA.
#
# In addition, as a special exception, Red Hat, Inc. gives You the additional
# right to link the code of this Program with code not covered under the GNU
# General Public License ("Non-GPL Code") and to distribute linked combinations
# including the two, subject to the limitations in this paragraph. Non-GPL Code
# permitted under this exception must only link to the code of this Program
# through those well defined interfaces identified in the file named EXCEPTION
# found in the source code files (the "Approved Interfaces"). The files of
# Non-GPL Code may instantiate templates or use macros or inline functions from
# the Approved Interfaces without causing the resulting work to be covered by
# the GNU General Public License. Only Red Hat, Inc. may make changes or
# additions to the list of Approved Interfaces. You must obey the GNU General
# Public License in all respects for all of the Program code and other code used
# in conjunction with the Program except the Non-GPL Code covered by this
# exception. If you modify this file, you may extend this exception to your
# version of the file, but you are not obligated to do so. If you do not wish to
# provide this exception without modification, you must delete this exception
# statement from your version and license this file solely under the GPL without
# exception.
#
#
# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
# Copyright (C) 2007 Red Hat, Inc.
# All rights reserved.
# END COPYRIGHT BLOCK
###################################################################################
#
# FILE: cl-dump.pl
#
# SYNOPSIS:
# cl-dump.pl [-h host] [-p port] [-D bind-dn] -w bind-password | -P bind-cert
# [-r replica-roots] [-o output-file] [-c] [-v]
#
# cl-dump.pl -i changelog-ldif-file-with-base64encoding [-o output-file] [-c]
#
# DESCRIPTION:
# Dump and decode Directory Server replication change log
#
# OPTIONS:
# -c Dump and interpret CSN only. This option can be used with or
# without -i option.
#
# -D bind-dn
# Directory server's bind DN. Default to "cn=Directory Manager" if
# the option is omitted.
#
# -h host
# Directory server's host. Default to the server where the script
# is running.
#
# -i changelog-ldif-file-with-base64encoding
# If you already have a ldif-like changelog, but the changes
# in that file are encoded, you may use this option to
# decode that ldif-like changelog.
#
# -o output-file
# Path name for the final result. Default to STDOUT if omitted.
#
# -p port
# Directory server's port. Default to 389.
#
# -P bind-cert
# Pathname of binding certificate DB
#
# -r replica-roots
# Specify replica roots whose changelog you want to dump. The replica
# roots may be seperated by comma. All the replica roots would be
# dumped if the option is omitted.
#
# -v Print the version of this script.
#
# -w bind-password
# Password for the bind DN
#
# RESTRICTION:
# If you are not using -i option, the script should be run when the server
# is running, and from where the server's changelog directory is accessible.
#
# DIAGNOSIS:
# For environment variable issues, see script repl-monitor.pl under bindir
#
################################################################################
# enable the use of our bundled perldap with our bundled ldapsdk libraries
# all of this nonsense can be omitted if the mozldapsdk and perldap are
# installed in the operating system locations (e.g. /usr/lib /usr/lib/perl5)
$usage="Usage: $0 [-h host] [-p port] [-D bind-dn] [-w bind-password | -P bind-cert] [-r replica-roots] [-o output-file] [-c] [-v]\n\n $0 -i changelog-ldif-file-with-base64encoding [-o output-file] [-c]\n";
use Getopt::Std; # Parse command line arguments
use Mozilla::LDAP::Conn; # LDAP module for Perl
use Mozilla::LDAP::Utils; # LULU, utilities.
use Mozilla::LDAP::API; # Used to parse LDAP URL
use MIME::Base64; # Decode
# Global variables
$version = "Directory Server Changelog Dump - Version 1.0";
#main
{
# Turn off buffered I/O
$| = 1;
# Check for legal options
if (!getopts('h:p:D:w:P:r:o:cvi:')) {
print $usage;
exit -1;
}
exit -1 if &validateArgs;
if ($opt_v) {
print OUTPUT "$version\n";
exit;
}
if (!$opt_i) {
&cl_dump_and_decode;
}
elsif ($opt_c) {
&grep_csn ($opt_i);
}
else {
&cl_decode ($opt_i);
}
close (OUTPUT);
}
# Validate the parameters
sub validateArgs
{
my ($rc) = 0;
%ld = Mozilla::LDAP::Utils::ldapArgs();
chop ($ld{host} = `hostname`) if !$opt_h;
$ld{bind} = "cn=Directory Manager" if !$opt_D;
@allreplicas = ($opt_r) if ($opt_r);
if ($opt_o && ! open (OUTPUT, ">$opt_o")) {
print "Can't create output file $opt_o\n";
$rc = -1;
}
# Open STDOUT if option -o is missing
open (OUTPUT, ">-") if !$opt_o;
return $rc;
}
# Dump and decode changelog
# OUTPUT should have been opened before this call
sub cl_dump_and_decode
{
# Open the connection
my ($conn) = new Mozilla::LDAP::Conn (\%ld);
if (!$conn) {
print OUTPUT qq/Can't connect to $ld{host}:$ld{port} as "$ld{bind}"\n/;
return -1;
}
# Get the changelog dir
my ($changelogdir);
my ($entry) = $conn->search ("cn=changelog5,cn=config", "sub", "(objectClass=*)");
while ($entry) {
$changelogdir = $entry->{"nsslapd-changelogdir"}[0];
last if $changelogdir;
$entry = $conn->nextEntry ();
}
# Get all the replicas on the server if -r option is not specified
if (!$opt_r) {
$entry = $conn->search ("cn=mapping tree,cn=config", "sub",
"(objectClass=nsDS5Replica)");
while ($entry) {
push (@allreplicas, "$entry->{nsDS5ReplicaRoot}[0]");
$entry = $conn->nextEntry ();
}
}
# Dump the changelog for the replica
my (@ldifs);
my ($replica);
my ($gotldif);
my ($ldif);
foreach (@allreplicas) {
# Reset the script's start time
$^T = time;
$replica = $_;
$gotldif = 0;
# Can't move this line before entering the loop:
# no ldif file generated other than for the first
# replica.
$entry = $conn->newEntry();
$entry->setDN ("cn=replica,cn=\"$_\",cn=mapping tree,cn=config");
$entry->setValues('nsDS5Task', 'CL2LDIF');
$conn->update ($entry);
#Decode the dumped changelog
@ldifs = <$changelogdir/*.ldif>;
foreach (@ldifs) {
# Skip older ldif files
next if ($#ldifs > 0 && (-M $_ > 0));
$ldif = $_;
$gotldif = 1;
&print_header ($replica, 0);
if ($opt_c) {
&grep_csn ($_);
}
else {
&cl_decode ($_);
}
# Test op -M doesn't work well so we use rename
# here to avoid reading the same ldif file more
# than once.
rename ($ldif, "$ldif.done");
}
&print_header ($replica, "Not Found") if !$gotldif;
}
$conn->close;
}
sub print_header
{
my ($replica, $ldif) = @_;
print OUTPUT "\n# Replica Root: $replica" if $replica;
print OUTPUT "\n# LDIF File : $ldif\n" if $ldif;
}
# Grep and interpret CSNs
# OUTPUT should have been opened before this call
sub grep_csn
{
open (INPUT, "@_") || return;
&print_header (0, @_);
my ($csn, $maxcsn, $modts);
while (<INPUT>) {
next if ($_ !~ /(csn:)|(ruv:)/i);
if (/ruv:\s*{.+}\s+(\w+)\s+(\w+)\s+(\w*)/i) {
#
# RUV with two CSNs and an optional lastModifiedTime
#
$csn = &csn_to_string($1);
$maxcsn = &csn_to_string($2);
$modts = $3;
if ( $modts =~ /^0+$/ ) {
$modts = "";
}
else {
$modts = &csn_to_string($modts);
}
}
elsif (/csn:\s*(\w+)\s+/i || /ruv:\s*{.+}\s+(\w+)\s+/i) {
#
# Single CSN
#
$csn = &csn_to_string($1);
$maxcsn = "";
$modts = "";
}
else {
printf OUTPUT;
next;
}
chop;
printf OUTPUT "$_ ($csn";
printf OUTPUT "; $maxcsn" if $maxcsn;
printf OUTPUT "; $modts" if $modts;
printf OUTPUT ")\n";
}
}
sub csn_to_string
{
my ($csn, $tm, $seq, $masterid, $subseq);
my ($sec, $min, $hour, $mday, $mon, $year);
$csn = "@_";
return $csn if !$csn;
($tm, $seq, $masterid, $subseq) = unpack("a8 a4 a4 a4", $csn);
$tm = hex($tm);
$seq = hex($seq);
$masterid = hex($masterid);
$subseq = hex($subseq);
($sec, $min, $hour, $mday, $mon, $year) = localtime ($tm);
$mon++;
$year += 1900;
foreach ($sec, $min, $hour, $mday, $mon) {
$_ = "0".$_ if ($_ < 10);
}
$csn = "$mon/$mday/$year $hour:$min:$sec";
$csn .= " $seq $subseq" if ( $seq != 0 || $subseq != 0 );
return $csn;
}
# Decode the changelog
# OUTPUT should have been opened before this call
sub cl_decode
{
open (INPUT, "@_") || return;
&print_header (0, @_);
my ($encoded);
undef $encoded;
while (<INPUT>) {
# Try to accomodate "changes" in 4.X and "change" in 6.X
if (/^changes?::\s*(\S*)/i) {
print OUTPUT "change::\n";
$encoded = $1;
next;
}
if (!defined ($encoded)) {
print OUTPUT;
next;
}
if ($_ eq "\n") {
print OUTPUT MIME::Base64::decode($encoded);
print OUTPUT "\n";
undef $encoded;
next;
}
/^\s*(\S+)\s*\n/;
$encoded .= $1;
}
}
--- NEW FILE repl-monitor.pl ---
#!/usr/bin/env perl
# BEGIN COPYRIGHT BLOCK
# This Program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; version 2 of the License.
#
# This Program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
# Place, Suite 330, Boston, MA 02111-1307 USA.
#
# In addition, as a special exception, Red Hat, Inc. gives You the additional
# right to link the code of this Program with code not covered under the GNU
# General Public License ("Non-GPL Code") and to distribute linked combinations
# including the two, subject to the limitations in this paragraph. Non-GPL Code
# permitted under this exception must only link to the code of this Program
# through those well defined interfaces identified in the file named EXCEPTION
# found in the source code files (the "Approved Interfaces"). The files of
# Non-GPL Code may instantiate templates or use macros or inline functions from
# the Approved Interfaces without causing the resulting work to be covered by
# the GNU General Public License. Only Red Hat, Inc. may make changes or
# additions to the list of Approved Interfaces. You must obey the GNU General
# Public License in all respects for all of the Program code and other code used
# in conjunction with the Program except the Non-GPL Code covered by this
# exception. If you modify this file, you may extend this exception to your
# version of the file, but you are not obligated to do so. If you do not wish to
# provide this exception without modification, you must delete this exception
# statement from your version and license this file solely under the GPL without
# exception.
#
#
# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
# Copyright (C) 2007 Red Hat, Inc.
# All rights reserved.
# END COPYRIGHT BLOCK
##############################################################################
#
# FILE: repl-monitor.pl
#
# SYNOPSIS:
# repl-monitor.pl -f configuration-file [-h host] [-p port] [-r]
# [-u refresh-url] [-t refresh-interval]
#
# repl-monitor.pl -v
#
# DESCRIPTION:
# Given an LDAP replication "supplier" server, crawl over all the ldap
# servers via direct or indirect replication agreements.
# For each master replica discovered, display the maxcsn of the master
# and the replication status of all its lower level replicas.
# All output is in HTML.
#
# OPTIONS:
# -f configuration-file
# The configuration file contains the sections for the connection
# parameters, the server alias, and the thresholds for different colors
# when display the time lags between consumers and master.
# If the Admin Server is running on Windows, the configuration-file
# name may have format "D:/opt/replmon.conf".
#
# The connection parameter section consists of the section name
# followed by one of more connection parameter entries:
#
# [connection]
# host:port:binddn:bindpwd:bindcert
# host:port=shadowport:binddn:bindpwd:bindcert
# ...
#
# where host:port default (*:*) to that in a replication agreement,
# binddn default (*) to "cn=Directory Manager", and bindcert is the
# pathname of cert db if you want the script to connect to the server
# via SSL. If bindcert is omitted, the connection will be simple
# bind.
# "port=shadowport" means to use shadowport instead of port if port
# is specified in the replication agreement. This is useful when
# for example, ssl port is specified in a replication agreement,
# but you can't access the cert db from the machine where this
# script is running. So you could let the script to map the ssl
# port to a non-ssl port and use the simple bind.
#
# A server may have a dedicated or a share entry in the connection
# section. The script will find out the most matched entry for a given
# server. For example, if all the ldap servers except host1 share the
# same binddn and bindpassword, the connection section then just need
# two entries:
#
# [connection]
# *:*:binddn:bindpassword:
# host1:*:binddn:bindpassword:
#
# If a host:port is assigned an alias, then the alias instead of
# host:port will be displayed in The output file. Each host:port
# can have only one alias. But each alias may be used by more than
# one host:port.
#
# [alias]
# alias = host:port
# ...
#
# CSN time lags between masters and consumers might be displayed in
# different colors based on their range. The thresholds for different
# colors may be specified in color section:
#
# [color]
# lowmark (in minutes) = color
# ...
#
# If the color section or color entry is missing, the default color
# set is: green for [0-5) minutes lag, yellow [5-60), and red 60 and more.
#
# -h host
# Initial replication supplier's host. Default to the current host.
#
# -p port
# Initial replication supplier's port. Default to 389.
#
# -r If specified, -r causes the routine to be entered without printing
# HTML header information. This is suitable when making multiple calls
# to this routine (e.g. when specifying multiple, different, "unrelated"
# supplier servers) and expecting a single HTML output.
#
# -t refresh-interval
# Specify the refresh interval in seconds. This option has to be
# jointly used with option -u.
#
# -u refresh-url
# The output HTML file may invoke a CGI program periodically. If
# this CGI program in turn calls this script, the effect is that
# the output HTML file would automatically refresh itself. This
# is useful for continuing monitoring. See also option -t.
#
# -v Print out the version of this script
#
# DIAGNOSTICS:
# There are several ways to invoke this script if you got error
# "Can't locate Mozilla/LDAP/Conn.pm in @INC", or
# "usage: Undefined variable":
#
# 0. Prerequisite: NSPR, NSS, Mozilla LDAP C SDK, PerLDAP
#
# 1. Run this perl script via repl-monitor, which sets up LD_LIBRARY_PATH
# $ repl-monitor
#
# 2. If 1 does not work, try invoking this script as follows.
# Assuming <MYPERLDIR> contains Mozilla/LDAP:
# perl -I <MYPERLDIR> repl-monitor.pl
#
#############################################################################
# enable the use of our bundled perldap with our bundled ldapsdk libraries
# all of this nonsense can be omitted if the mozldapsdk and perldap are
# installed in the operating system locations (e.g. /usr/lib /usr/lib/perl5)
# this script is always invoked by repl-monitor-cgi.pl, which sets all of these
# If using this script standalone, be sure to set the shared lib path and
# the path to the perldap modules.
$usage = "\nusage: $0 -f configuration-file [-h host] [-p port] [-r] [-u refresh-url] [-t refresh-interval]\n\nor : $0 -v\n";
use Getopt::Std; # parse command line arguments
use Mozilla::LDAP::Conn; # LDAP module for Perl
use Mozilla::LDAP::Utils qw(normalizeDN); # LULU, utilities.
use Mozilla::LDAP::API qw(:api :ssl :apiv3 :constant); # Direct access to C API
use Time::Local; # to convert GMT Z strings to localtime
#
# Global variables
#
$product = "Directory Server Replication Monitor";
$version = "Version 1.0";
#
# ldap servers given or discovered from the replication agreements:
# @servers = (host:port=shadowport:binddn:password:cert_db)
#
# entries read from the connection section of the configuration file:
# @allconnections = (host:port=shadowport:binddn:password:cert_db)
#
# aliases of ldap servers read from the configuration file:
# %allaliases{$host:$port}= (alias)
#
# replicas discovered on all ldap servers
# @allreplicas = (server#:replicaroot:replicatype:serverid:replicadn)
#
# ruvs retrieved from all replicas
# @allruvs{replica#:masterid} = (rawcsn:decimalcsn;mon/day/year hh:mi:ss)
#
# agreements discovered on all ldap supplier servers:
# @allagreements = (supplier_replica#:consumer#:conntype:schedule:status)
# the array may take another format after the consumer replicas are located:
# @allagreements = (supplier_replica#:consumer_replica#:conntype:schedule:status)
#
#main
{
# turn off buffered I/O
$| = 1;
# Check for legal options
if (!getopts('h:p:f:ru:t:v')) {
print $usage;
exit -1;
}
if ($opt_v) {
print "$product - $version\n";
exit;
}
$interval = $opt_t;
$interval = 300 if ( !$interval || $interval <= 0 );
# Get current date/time
$nowraw = localtime();
($wday, $mm, $dd, $tt, $yy) = split(/ /, $nowraw);
$now = "$wday $mm $dd $yy $tt";
# if no -r (Reenter and skip html header), print html header
if (!$opt_r) {
# print the HTML header
&print_html_header;
} else {
# print separator for new replication set
print "<hr width=90% size=3><br>\n";
}
exit -1 if &validateArgs < 0;
exit if &read_cfg_file ($opt_f) < 0;
# Start with the given host and port
# The index names in %ld are defined in Mozilla::LDAP::Utils::ldapArgs()
&add_server ("$ld{host}:$ld{port}:$ld{bind}:$ld{pswd}:$ld{cert}");
$serveridx = 0;
while ($serveridx <= $#servers) {
if (&get_replicas ($serveridx) != 0 && $serveridx == 0) {
my ($host, $port, $binddn) = split (/:/, $servers[0]);
print("Login to $host:$port as \"$binddn\" failed\n");
exit;
}
$serveridx++;
}
&find_consumer_replicas;
&process_suppliers;
# All done! - well, for the current invokation only
# print "</body></html>\n";
exit;
}
sub validateArgs
{
my ($rc) = 0;
%ld = Mozilla::LDAP::Utils::ldapArgs();
if (!$opt_v && !$opt_f) {
print "<p>Error: Missing configuration file.\n";
print "<p>If you need help on the configuration file, Please go back and click the Help button.\n";
#print $usage; # Don't show usage in CGI
$rc = -1;
}
elsif (!$opt_h) {
chop ($ld{"host"} = `hostname`);
}
return $rc;
}
sub read_cfg_file
{
my ($fn) = @_;
unless (open(CFGFILEHANDLE, $fn)) {
print "<p>Error: Can't open \"$fn\": $!.\n";
print "<p>If you need help on the configuration file, Please go back and click the Help button.\n";
return -1;
}
$section = 0;
while (<CFGFILEHANDLE>) {
next if (/^\s*\#/ || /^\s*$/);
chop ($_);
if (m/^\[(.*)\]/) {
$section = $1;
}
else {
if ( $section =~ /conn/i ) {
push (@allconnections, $_);
}
elsif ( $section =~ /alias/i ) {
m/^\s*(\S.*)\s*=\s*(\S+)/;
$allaliases {$2} = $1;
}
elsif ( $section =~ /color/i ) {
m/^\s*(-?\d+)\s*=\s*(\S+)/;
$allcolors {$1} = $2;
}
}
}
if ( ! keys (%allcolors) ) {
$allcolors {0} = "#ccffcc"; #apple green
$allcolors {5} = "#ffffcc"; #cream yellow
$allcolors {60} = "#ffcccc"; #pale pink
}
@colorkeys = sort (keys (%allcolors));
close (CFGFILEHANDLE);
return 0;
}
sub get_replicas
{
my ($serveridx) = @_;
my ($conn, $host, $port, $shadowport, $binddn, $bindpwd, $bindcert);
my ($others);
my ($replica, $replicadn);
my ($ruv, $replicaroot, $replicatype, $serverid, $masterid, $maxcsn);
my ($type, $flag, $i);
my ($myridx, $ridx, $cidx);
#
# Bind to the server
#
($host, $port, $binddn, $bindpwd, $bindcert) = split (/:/, "$servers[$serveridx]", 5);
($port, $shadowport) = split (/=/, $port);
$shadowport = $port if !$shadowport;
$conn = new Mozilla::LDAP::Conn ($host, $shadowport, "$binddn", $bindpwd, $bindcert);
return -1 if (!$conn);
#
# Get all the replica on the server
#
$myridx = $#allreplicas + 1;
$replica = $conn->search ("cn=mapping tree,cn=config",
"sub",
"(objectClass=nsDS5Replica)", 0,
qw(nsDS5ReplicaRoot nsDS5ReplicaType nsDS5Flags nsDS5ReplicaId));
while ($replica) {
$replicadn = $replica->getDN;
$replicaroot = normalizeDN ($replica->{nsDS5ReplicaRoot}[0]);
$type = $replica->{nsDS5ReplicaType}[0];
$flag = $replica->{nsDS5Flags}[0];
$serverid = $replica->{nsDS5ReplicaId}[0];
# flag = 0: change log is not created
# type = 2: read only replica
# type = 3: updatable replica
$replicatype = $flag == 0 ? "consumer" : ($type == 2 ? "hub" : "master");
push (@allreplicas, "$serveridx:$replicaroot:$replicatype:$serverid:$replicadn");
$replica = $conn->nextEntry ();
}
#
# Get ruv for each replica
#
for ($ridx = $myridx; $ridx <= $#allreplicas; $ridx++) {
$replicaroot = $1 if ($allreplicas[$ridx] =~ /^\d+:([^:]*)/);
# do a one level search with nsuniqueid in the filter - this will force the use of the
# nsuniqueid index instead of the entry dn index, which seems to be unreliable in
# heavily loaded servers
$ruv = $conn->search($replicaroot, "one",
"(&(nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff)(objectClass=nsTombstone))",
0, qw(nsds50ruv nsruvReplicaLastModified));
next if !$ruv; # this should be an error case . . .
for ($ruv->getValues('nsds50ruv')) {
if (m/\{replica\s+(\d+).+?\}\s*\S+\s*(\S+)/i) {
$masterid = $1;
$maxcsn = &to_decimal_csn ($2);
$allruvs {"$ridx:$masterid"} = "$2:$maxcsn";
}
}
for ($ruv->getValues('nsruvReplicaLastModified')) {
if (m/\{replica\s+(\d+).+?\}\s*(\S+)/i) {
$masterid = $1;
$lastmodifiedat = hex($2);
my ($sec, $min, $hour, $mday, $mon, $year) = localtime ($lastmodifiedat);
$mon++;
$year += 1900;
$hour = "0".$hour if ($hour < 10);
$min = "0".$min if ($min < 10);
$sec = "0".$sec if ($sec < 10);
$allruvs {"$ridx:$masterid"} .= ";$mon/$mday/$year $hour:$min:$sec";
}
}
}
#
# Get all agreements for each supplier replica
#
for ($ridx = $myridx; $ridx <= $#allreplicas; $ridx++) {
$_ = $allreplicas[$ridx];
# Skip consumers
next if m/:consumer:/i;
m/:([^:]*)$/;
$replicadn = $1;
my @attrlist = qw(cn nsds5BeginReplicaRefresh nsds5replicaUpdateInProgress
nsds5ReplicaLastInitStatus nsds5ReplicaLastInitStart
nsds5ReplicaLastInitEnd nsds5replicaReapActive
nsds5replicaLastUpdateStart nsds5replicaLastUpdateEnd
nsds5replicaChangesSentSinceStartup nsds5replicaLastUpdateStatus
nsds5ReplicaHost
nsds5ReplicaPort nsDS5ReplicaBindMethod nsds5ReplicaUpdateSchedule);
$agreement = $conn->search("$replicadn", "sub", "(objectClass=nsDS5ReplicationAgreement)",
0, @attrlist);
while ($agreement) {
my %agmt = ();
# Push consumer to server stack if we have not already
$host = ($agreement->getValues('nsDS5ReplicaHost'))[0];
$port = ($agreement->getValues('nsDS5ReplicaPort'))[0];
$cidx = &add_server ("$host:$port");
for (@attrlist) {
$agmt{$_} = ($agreement->getValues($_))[0];
}
if ($agmt{nsDS5ReplicaBindMethod} =~ /simple/i) {
$agmt{nsDS5ReplicaBindMethod} = 'n';
}
if (!$agmt{nsds5ReplicaUpdateSchedule} ||
($agmt{nsds5ReplicaUpdateSchedule} eq '0000-2359 0123456') ||
($agmt{nsds5ReplicaUpdateSchedule} eq '*') ||
($agmt{nsds5ReplicaUpdateSchedule} eq '* *')) {
$agmt{nsds5ReplicaUpdateSchedule} = 'always in sync';
}
$agmt{ridx} = $ridx;
$agmt{cidx} = $cidx;
push @allagreements, \%agmt;
$agreement = $conn->nextEntry ();
}
}
$conn->close;
}
#
# Initially, the agreements have consumer host:port info instead of
# replica info. This routine will find the consumer replica info
#
sub find_consumer_replicas
{
my ($m_ridx); # index of master's replica
my ($s_ridx); # index of supplier's replica
my ($c_ridx); # index of consumer's replica
my ($c_sidx); # index of consumer server
my ($remainder); #
my ($s_replicaroot); # supplier replica root
my ($c_replicaroot); # consumer replica root
my ($j, $val);
#
# Loop through every agreement defined on the current supplier replica
#
foreach (@allagreements) {
$s_ridx = $_->{ridx};
$c_sidx = $_->{cidx};
$s_replicaroot = $1 if ($allreplicas[$s_ridx] =~ /^\d+:([^:]*)/);
$c_replicaroot = "";
# $c_ridx will be assigned to -$c_sidx
# if the condumer is not accessible
# $c_sidx will not be zero since it's
# not the first server.
$c_ridx = -$c_sidx; # $c_sidx will not be zero
# Loop through consumer's replicas and find
# the counter part for the current supplier
# replica
for ($j = 0; $j <= $#allreplicas; $j++) {
# Get a replica on consumer
# I'm not sure what's going on here, but possibly could be made
# much simpler with normalizeDN and/or ldap_explode_dn
if ($allreplicas[$j] =~ /^$c_sidx:([^:]*)/) {
$val = $1;
# We need to find out the consumer
# replica that matches the supplier
# replicaroot most.
if ($s_replicaroot =~ /^.*$val$/i &&
length ($val) >= length ($c_replicaroot)) {
$c_ridx = $j;
# Avoid case-sensitive comparison
last if (length($s_replicaroot) == length($val));
$c_replicaroot = $val;
}
}
}
$_->{ridx} = $s_ridx;
$_->{cidx} = $c_ridx;
}
}
sub process_suppliers
{
my ($ridx, $mid, $maxcsn);
$mid = "";
$last_sidx = -1; # global variable for print html page
for ($ridx = 0; $ridx <= $#allreplicas; $ridx++) {
# Skip consumers and hubs
next if $allreplicas[$ridx] !~ /:master:(\d+):/i;
$mid = $1;
# Skip replicas without agreements defined yet
next if (! grep {$_->{ridx} == $ridx} @allagreements);
$maxcsn = &print_master_header ($ridx, $mid);
if ( "$maxcsn" != "none" ) {
&print_consumer_header ();
&print_consumers ($ridx, $mid);
}
&print_supplier_end;
}
if ($mid eq "") {
print "<p>The server is not a master or it has no replication agreement\n";
}
}
sub print_master_header
{
my ($ridx, $mid) = @_;
my ($myruv) = $allruvs {"$ridx:$mid"};
my ($maxcsnval) = split ( /;/, "$myruv" );
my ($maxcsn) = &to_string_csn ($maxcsnval);
my ($sidx, $replicaroot, $replicatype, $serverid) = split (/:/, $allreplicas[$ridx]);
# Print the master name
if ( $last_sidx != $sidx ) {
my ($ldapurl) = &get_ldap_url ($sidx, $sidx);
&print_legend if ( $last_sidx < 0);
print "<p><p><hr><p>\n";
print "\n<p><center class=page-subtitle><font color=#0099cc>\n";
print "Master:  $ldapurl</center>\n";
$last_sidx = $sidx;
}
# Print the current replica info onthe master
print "\n<p><table border=0 cellspacing=1 cellpadding=6 cols=10 width=100% class=bgColor9>\n";
print "\n<tr><td colspan=10><center>\n";
print "<font class=areatitle>Replica ID: </font>";
print "<font class=text28>$serverid</font>\n";
print "<font class=areatitle>Replica Root: </font>";
print "<font class=text28>$replicaroot</font>\n";
print "<font class=areatitle>Max CSN: </font>";
print "<font class=text28>$maxcsn</font>\n";
return $maxcsn;
}
sub print_consumer_header
{
#Print the header of consumer
print "\n<tr class=bgColor16>\n";
print "<th nowrap>Receiver</th>\n";
print "<th nowrap>Time Lag</th>\n";
print "<th nowrap>Max CSN</th>\n";
print "<th nowrap>Last Modify Time</th>\n";
print "<th nowrap>Supplier</th>\n";
print "<th nowrap>Sent/Skipped</th>\n";
print "<th nowrap>Update Status</th>\n";
print "<th nowrap>Update Started</th>\n";
print "<th nowrap>Update Ended</th>\n";
print "<th nowrap colspan=2>Schedule</th>\n";
print "<th nowrap>SSL?</th>\n";
print "</tr>\n";
}
sub print_consumers
{
my ($m_ridx, $mid) = @_;
my ($ignore, $m_replicaroot) = split (/:/, $allreplicas[$m_ridx]);
my (@consumers, @ouragreements, @myagreements);
my ($s_ridx, $c_ridx, $conntype, $schedule, $status);
my ($c_maxcsn_str, $lag, $markcolor);
my ($c_replicaroot, $c_replicatype);
my ($first_entry);
my ($nrows);
my ($found);
undef @ouragreements;
# Collect all the consumer replicas for the current master replica
push (@consumers, $m_ridx);
foreach (@consumers) {
$s_ridx = $_;
for (@allagreements) {
next if ($_->{ridx} != $s_ridx);
$c_ridx = $_->{cidx};
next if $c_ridx == $m_ridx;
push @ouragreements, $_;
$found = 0;
foreach (@consumers) {
if ($_ == $c_ridx) {
$found = 1;
last;
}
}
push (@consumers, $c_ridx) if !$found;
}
}
# Print each consumer replica
my ($myruv) = $allruvs {"$m_ridx:$mid"};
my ($m_maxcsn) = split ( /;/, "$myruv" );
foreach (@consumers) {
$c_ridx = $_;
next if $c_ridx == $m_ridx;
if ($c_ridx >= 0) {
$myruv = $allruvs {"$c_ridx:$mid"};
($c_maxcsn, $c_lastmodified) = split ( /;/, "$myruv" );
($c_maxcsn_str, $lag, $markcolor) = &cacl_time_lag ($m_maxcsn, $c_maxcsn);
$c_maxcsn_str =~ s/ /\<br\>/;
($c_sidx, $c_replicaroot, $c_replicatype) = split (/:/, $allreplicas[$c_ridx]);
$c_replicaroot = "same as master" if $m_replicaroot eq $c_replicaroot;
}
else {
# $c_ridx is actually -$c_sidx when c is not available
$c_sidx = -$c_ridx;
$c_maxcsn_str = "_";
$lag = "n/a";
$markcolor = red;
$c_replicaroot = "_";
$c_replicatype = "_";
}
$nrows = 0;
foreach (@ouragreements) {
next if ($_->{cidx} != $c_ridx);
$nrows++;
}
$first_entry = 1;
foreach (@ouragreements) {
next if ($_->{cidx} != $c_ridx);
$s_ridx = $_->{ridx};
$conntype = $_->{nsDS5ReplicaBindMethod};
$status = $_->{nsds5replicaLastUpdateStatus};
$schedule = $_->{nsds5ReplicaUpdateSchedule};
$s_sidx = $1 if $allreplicas [$s_ridx] =~ /^(\d+):/;
$s_ldapurl = &get_ldap_url ($s_sidx, "n/a");
# Print out the consumer's replica and ruvs
print "\n<tr class=bgColor13>\n";
if ($first_entry) {
$first_entry = 0;
$c_ldapurl = &get_ldap_url ($c_sidx, $conntype);
print "<td rowspan=$nrows width=5% class=bgColor5>$c_ldapurl<BR>Type: $c_replicatype</td>\n";
print "<td rowspan=$nrows width=5% nowrap bgcolor=$markcolor><center>$lag</center></td>\n";
print "<td rowspan=$nrows width=15% nowrap>$c_maxcsn_str</td>\n";
print "<td rowspan=$nrows width=15% nowrap>$c_lastmodified</td>\n";
}
print "<td width=5% nowrap><center>$s_ldapurl</center></td>\n";
my $changecount = $_->{nsds5replicaChangesSentSinceStartup};
if ( $changecount =~ /^$mid:(\d+)\/(\d+) / || $changecount =~ / $mid:(\d+)\/(\d+) / ) {
$changecount = "$1 / $2";
}
elsif ( $changecount =~ /^(\d+)$/ ) {
$changecount = $changecount . " / " . "$_->{nsds5replicaChangesSkippedSinceStartup}";
}
else {
$changecount = "0 / 0";
}
print "<td width=3% nowrap>$changecount</td>\n";
my $redfontstart = "";
my $redfontend = "";
if ($status =~ /error/i) {
$redfontstart = "<font color='red'>";
$redfontend = "</font>";
}
elsif ($status =~ /^(\d+) /) {
if ( $1 != 0 ) {
# warning
$redfontstart = "<font color='#FF7777'>";
$redfontend = "</font>";
}
}
print "<td width=20% nowrap>$redfontstart$status$redfontend</td>\n";
print "<td nowrap>", &format_z_time($_->{nsds5replicaLastUpdateStart}), "</td>\n";
print "<td nowrap>", &format_z_time($_->{nsds5replicaLastUpdateEnd}), "</td>\n";
if ( $schedule =~ /always/i ) {
print "<td colspan=2 width=10% nowrap>$schedule</td>\n";
}
else {
my ($ndays, @days);
$schedule =~ /(\d\d)(\d\d)-(\d\d)(\d\d) (\d+)/;
print "<td width=10% nowrap>$1:$2-$3:$4</td>\n";
$ndays = $5;
$ndays =~ s/(\d)/$1,/g;
@days = (Sun,Mon,Tue,Wed,Thu,Fri,Sat)[eval $ndays];
print "<td width=10% nowrap>@days</td>\n";
}
print "<td width=3% nowrap class=bgColor5>$conntype</td>\n";
}
}
}
sub cacl_time_lag
{
my ($s_maxcsn, $c_maxcsn) = @_;
my ($markcolor);
my ($csn_str);
my ($s_tm, $c_tm, $lag_tm, $lag_str, $hours, $minute);
$csn_str = &to_string_csn ($c_maxcsn);
if ($s_maxcsn && !$c_maxcsn) {
$lag_str = "- ?:??:??";
$markcolor = &get_color (36000); # assume consumer has big latency
}
elsif (!$s_maxcsn && $c_maxcsn) {
$lag_str = "+ ?:??:??";
$markcolor = &get_color (1); # consumer is ahead of supplier
}
elsif ($s_maxcsn le $c_maxcsn) {
$lag_str = "0:00:00";
$markcolor = &get_color (0);
}
else {
my ($rawcsn, $decimalcsn) = split (/:/, $s_maxcsn);
($s_tm) = split(/ /, $decimalcsn);
($rawcsn, $decimalcsn) = split (/:/, $c_maxcsn);
($c_tm) = split(/ /, $decimalcsn);
if ($s_tm > $c_tm) {
$lag_tm = $s_tm - $c_tm;
$lag_str = "- ";
$markcolor = &get_color ($lag_tm);
}
else {
$lag_tm = $c_tm - $s_tm;
$lag_str = "+ ";
$markcolor = $allcolors{ $colorkeys[0] }; # no delay
}
$hours = int ($lag_tm / 3600);
$lag_str .= "$hours:";
$lag_tm = $lag_tm % 3600;
$minutes = int ($lag_tm / 60);
$minutes = "0".$minutes if ($minutes < 10);
$lag_str .= "$minutes:";
$lag_tm = $lag_tm % 60;
$lag_tm = "0".$lag_tm if ($lag_tm < 10);
$lag_str .= "$lag_tm";
}
return ($csn_str, $lag_str, $markcolor);
}
#
# The subroutine would append a new entry to the end of
# @servers if the host and port are new to @servers.
#
sub add_server
{
my ($host, $port, $binddn, $bindpwd, $bindcert) = split (/:/, "@_");
my ($shadowport) = $port;
my ($domainpattern) = '\.[^:]+';
my ($i);
# Remove the domain name from the host name
my ($hostnode) = $host;
$hostnode = $1 if $host =~ /^(\w+)\./;
# new host:port
if ($binddn eq "" || $bindpwd eq "" && $bindcert eq "") {
#
# Look up connection parameter in the order of
# host:port
# host:*
# *:port
# *:*
#
my (@myconfig, $h, $p, $d, $w, $c);
(@myconfig = grep (/^$hostnode($domainpattern)*:$port\D/i, @allconnections)) ||
(@myconfig = grep (/^$hostnode($domainpattern)*:\*:/i, @allconnections)) ||
(@myconfig = grep (/^\*:$port\D/, @allconnections)) ||
(@myconfig = grep (/^\*:\*\D/, @allconnections));
if ($#myconfig >= 0) {
($h, $p, $d, $w, $c) = split (/:/, $myconfig[0]);
($p, $shadowport) = split (/=/, $p);
$p = "" if $p eq "*";
$c = "" if $c eq "*";
}
if ($binddn eq "" || $binddn eq "*") {
if ($d eq "" || $d eq "*") {
$binddn = "cn=Directory Manager";
}
else {
$binddn = $d;
}
}
$bindpwd = $w if ($bindpwd eq "" || $bindpwd eq "*");
$bindcert = $c if ($bindcert eq "" || $bindcert eq "*");
}
for ($i = 0; $i <= $#servers; $i++) {
return $i if ($servers[$i] =~ /$hostnode($domainpattern)*:\d*=$shadowport\D/i);
}
push (@servers, "$host:$port=$shadowport:$binddn:$bindpwd:$bindcert");
return $i;
}
sub get_ldap_url
{
my ($sidx, $conntype) = @_;
my ($host, $port) = split(/:/, $servers[$sidx]);
my ($shadowport);
($port, $shadowport) = split (/=/, $port);
my ($protocol, $ldapurl);
if ($port eq 636 && $conntype eq "0" || $conntype =~ /SSL/i) {
$protocol = ldaps;
}
else {
$protocol = ldap;
}
my ($instance) = $allaliases { "$host:$port" };
$instance = "$host:$port" if !$instance;
if ($conntype eq "n/a") {
$ldapurl = $instance;
}
else {
$ldapurl = "<a href=\"$protocol://$host:$port/\">$instance</a>";
}
return $ldapurl;
}
sub to_decimal_csn
{
my ($maxcsn) = @_;
if (!$maxcsn || $maxcsn eq "") {
return "none";
}
my ($tm, $seq, $masterid, $subseq) = unpack("a8 a4 a4 a4", $maxcsn);
$tm = hex($tm);
$seq = hex($seq);
$masterid = hex($masterid);
$subseq = hex($subseq);
return "$tm $seq $masterid $subseq";
}
sub to_string_csn
{
my ($rawcsn, $decimalcsn) = split(/:/, "@_");
if (!$rawcsn || $rawcsn eq "") {
return "none";
}
my ($tm, $seq, $masterid, $subseq) = split(/ /, $decimalcsn);
my ($sec, $min, $hour, $mday, $mon, $year) = localtime($tm);
$mon++;
$year += 1900;
foreach ($sec, $min, $hour, $mday, $mon) {
$_ = "0".$_ if ($_ < 10);
}
my ($csnstr) = "$mon/$mday/$year $hour:$min:$sec";
$csnstr .= " $seq $subseq" if ( $seq != 0 || $subseq != 0 );
return "$rawcsn ($csnstr)";
}
sub get_color
{
my ($lag_minute) = @_;
$lag_minute /= 60;
my ($color) = $allcolors { $colorkeys[0] };
foreach (@colorkeys) {
last if ($lag_minute < $_);
$color = $allcolors {$_};
}
return $color;
}
# subroutine to remove escaped encoding
sub unescape
{
#my ($_) = @_;
tr/+/ /;
s/%(..)/pack("c",hex($1))/ge;
$_;
}
sub print_html_header
{
# print the HTML header
print "Content-type: text/html\n\n";
print "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2//EN\"><html>\n";
print "<head><title>Replication Status</title>\n";
# print "<link type=text/css rel=stylesheet href=\"master-style.css\">\n";
print "<style text/css>\n";
print "Body, p, table, td, ul, li {color: #000000; font-family: Arial, Helvetica, sans-serif; font-size: 12px;}\n";
print "A {color:blue; text-decoration: none;}\n";
print "BODY {font-family: arial, helvetica, sans-serif}\n";
print "P {font-family: arial, helvetica, sans-serif}\n";
print "TH {font-weight: bold; font-family: arial, helvetica, sans-serif}\n";
print "TD {font-family: arial, helvetica, sans-serif}\n";
print ".bgColor1 {background-color: #003366;}\n";
print ".bgColor4 {background-color: #cccccc;}\n";
print ".bgColor5 {background-color: #999999;}\n";
print ".bgColor9 {background-color: #336699;}\n";
print ".bgColor13 {background-color: #ffffff;}\n";
print ".bgColor16 {background-color: #6699cc;}\n";
print ".text8 {color: #0099cc; font-size: 11px; font-weight: bold;}\n";
print ".text28 {color: #ffcc33; font-size: 12px; font-weight: bold;}\n";
print ".areatitle {font-weight: bold; color: #ffffff; font-family: arial, helvetica, sans-serif}\n";
print ".page-title {font-weight: bold; font-size: larger; font-family: arial, helvetica, sans-serif}\n";
print ".page-subtitle {font-weight: bold; font-family: arial, helvetica, sans-serif}\n";
print "</style></head>\n<body class=bgColor4>\n";
if ($opt_u) {
print "<meta http-equiv=refresh content=$interval; URL=$opt_u>\n";
}
print "<table border=0 cellspacing=0 cellpadding=10 width=100% class=bgColor1>\n";
print "<tr><td><font class=text8>$now</font></td>\n";
print "<td align=center class=page-title><font color=#0099CC>";
print "Directory Server Replication Status</font>\n";
if ($opt_u) {
print "<br><font class=text8>(This page updates every $interval seconds)</font>\n";
}
print "</td><td align=right valign=center width=25%><font class=text8>$version";
print "</font></td></table>\n";
}
sub print_legend
{
my ($nlegends) = $#colorkeys + 1;
print "\n<center><p><font class=page-subtitle color=#0099cc>Time Lag Legend:</font><p>\n";
print "<table cellpadding=6 cols=$nlegends width=40%>\n<tr>\n";
my ($i, $j);
for ($i = 0; $i < $nlegends - 1; $i++) {
$j = $colorkeys[$i];
print "\n<td bgcolor=$allcolors{$j}><center>within $colorkeys[$i+1] min</center></td>\n";
}
$j = $colorkeys[$i];
print "\n<td bgcolor=$allcolors{$j}><center>over $colorkeys[$i] min</center></td>\n";
print "\n<td bgcolor=red><center>server n/a</center></td>\n";
print "</table></center>\n";
}
sub print_supplier_end
{
print "</table>\n";
}
# given a string in generalized time format, convert to ascii time
sub format_z_time
{
my $zstr = shift;
return "n/a" if (! $zstr);
my ($year, $mon, $day, $hour, $min, $sec) =
($zstr =~ /(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})/);
my $time = timegm($sec, $min, $hour, $day, ($mon-1), $year);
($sec, $min, $hour, $day, $mon, $year) = localtime($time);
$mon++;
$year += 1900;
foreach ($sec, $min, $hour, $day, $mon) {
$_ = "0".$_ if ($_ < 10);
}
return "$mon/$day/$year $hour:$min:$sec";
}
--- template-cl-dump.pl.in DELETED ---
--- template-repl-monitor.pl.in DELETED ---
16 years, 11 months
- 1
- 0
[Fedora-directory-commits] esc/src/app/xul/esc/chrome/content/esc GenericAuth.js, 1.3, 1.4
by Doctor Conrad
Author: jmagne
Update of /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8081
Modified Files:
GenericAuth.js
Log Message:
Give input field focus.
Index: GenericAuth.js
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/GenericAuth.js,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- GenericAuth.js 27 Sep 2006 17:31:51 -0000 1.3
+++ GenericAuth.js 8 May 2007 00:24:09 -0000 1.4
@@ -529,6 +529,7 @@
}
var i = 0;
+ var first_box = 1;
for(i = 0 ; i < len ; i ++)
{
@@ -594,6 +595,11 @@
if(field)
{
row.appendChild(field);
+ if(first_box)
+ {
+ field.focus();
+ first_box = 0;
+ }
}
}
@@ -602,19 +608,20 @@
}
- var last_row = AddRowToGrid(grid);
-
- if(last_row)
+ var ui_hbox = document.createElement("hbox");
+ if(ui_hbox)
{
- AddSpacerToNode(last_row,"1","min-height: 20px");
- AddSpacerToNode(last_row,"1","min-height: 20px");
- var button = AddButton("","Submit");
+ box.appendChild(ui_hbox);
+ AddSpacerToNode(ui_hbox,"1","");
+ var button = AddButton("",getBundleString("authSubmit"));
if(button)
+ {
button.setAttribute("oncommand" , "FormSubmit();");
-
+ button.setAttribute("accesskey", getBundleString("authSubmitAccessKey"));
+ }
if(button)
- last_row.appendChild(button);
+ ui_hbox.appendChild(button);
}
}
16 years, 11 months
- 1
- 0
[Fedora-directory-commits] esc/src/app/xul/esc/chrome/content/esc password.xul, 1.2, 1.3
by Doctor Conrad
Author: jmagne
Update of /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv735
Modified Files:
password.xul
Log Message:
Latest bug fixes.
Index: password.xul
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/password.xul,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- password.xul 25 Oct 2006 04:03:35 -0000 1.2
+++ password.xul 7 May 2007 23:53:27 -0000 1.3
@@ -26,6 +26,7 @@
onunload="cleanup();"
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
+<stringbundle id="esc_strings" src="chrome://esc/locale/esc.properties"/>
<script src="password.js"/>
<script src="ESC.js"/>
<script src="TRAY.js"/>
@@ -50,7 +51,7 @@
<vbox id="standalone-password-area-id">
<grid>
<columns>
- <column flex="0"/>
+ <column flex="1"/>
</columns>
<rows>
<row>
@@ -70,7 +71,7 @@
<label value="&passwordQuality;"/>
</row>
<row>
- <image id="password-image" src="1-none.png"/>
+ <progressmeter id="pass-progress-id" value="0"/>
<spacer flex = "1"/>
</row>
<row>
@@ -82,8 +83,8 @@
<hbox>
<spacer flex="1"/>
- <button id="okbtn" label ="&escOK;" oncommand="doOperation();"/>
- <button id="cancel" label ="&escCancel;" oncommand ="window.close();"/>
+ <button id="okbtn" label ="&escOK;" oncommand="doOperation();" accesskey="&OK.accesskey;" />
+ <button id="cancel" label ="&escCancel;" oncommand ="window.close();" accesskey="&Cancel.accesskey;"/>
<spacer flex = "1"/>
</hbox>
</groupbox>
16 years, 11 months
- 1
- 0
[Fedora-directory-commits] esc/src/lib/coolkey CoolKey.cpp, 1.5, 1.6 CoolKey.h, 1.4, 1.5 NSSManager.cpp, 1.3, 1.4 NSSManager.h, 1.2, 1.3
by Doctor Conrad
Author: jmagne
Update of /cvs/dirsec/esc/src/lib/coolkey
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv687
Modified Files:
CoolKey.cpp CoolKey.h NSSManager.cpp NSSManager.h
Log Message:
Latest bug fixes.
Index: CoolKey.cpp
===================================================================
RCS file: /cvs/dirsec/esc/src/lib/coolkey/CoolKey.cpp,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- CoolKey.cpp 24 Feb 2007 02:14:07 -0000 1.5
+++ CoolKey.cpp 7 May 2007 23:51:46 -0000 1.6
@@ -844,6 +844,16 @@
return NSSManager::GetKeyIssuedTo(aKey,aBuf,aBufLength);
}
+HRESULT
+CoolKeyGetIssuer(const CoolKey *aKey, char *aBuf, int aBufLength)
+{
+ if (!aKey || !aKey->mKeyID || !aBuf || aBufLength < 1)
+ return E_FAIL;
+
+ return NSSManager::GetKeyIssuer(aKey,aBuf,aBufLength);
+}
+
+
HRESULT CoolKeyGetATR(const CoolKey *aKey, char *aBuf, int aBufLen)
{
char tBuff[56];
Index: CoolKey.h
===================================================================
RCS file: /cvs/dirsec/esc/src/lib/coolkey/CoolKey.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- CoolKey.h 24 Feb 2007 02:15:00 -0000 1.4
+++ CoolKey.h 7 May 2007 23:51:46 -0000 1.5
@@ -134,6 +134,7 @@
COOLKEY_API HRESULT CoolKeyGetCertInfo(const CoolKey *aKey, char *aCertNickname, std::string & aCertInfo);
COOLKEY_API HRESULT CoolKeyGetIssuedTo(const CoolKey *aKey, char *aBuf, int aBufLength);
+COOLKEY_API HRESULT CoolKeyGetIssuer(const CoolKey *aKey, char *aBuf, int aBufLength);
COOLKEY_API bool CoolKeyRequiresAuthentication(const CoolKey *aKey);
COOLKEY_API bool CoolKeyIsAuthenticated(const CoolKey *aKey);
Index: NSSManager.cpp
===================================================================
RCS file: /cvs/dirsec/esc/src/lib/coolkey/NSSManager.cpp,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- NSSManager.cpp 24 Feb 2007 02:20:22 -0000 1.3
+++ NSSManager.cpp 7 May 2007 23:51:46 -0000 1.4
@@ -51,6 +51,9 @@
char tBuff[56];
PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::NSSManager:\n",GetTStamp(tBuff,56)));
mpSCMonitoringThread = NULL;
+#ifdef LINUX
+ systemCertDB = NULL;
+#endif
}
NSSManager::~NSSManager()
@@ -61,6 +64,7 @@
delete mpSCMonitoringThread;
mpSCMonitoringThread = NULL;
}
+
}
HRESULT NSSManager::InitNSS(const char *aAppDir)
@@ -110,6 +114,21 @@
return E_FAIL;
}
+#ifdef LINUX
+
+ // Load our Linux only database
+
+
+ const char *modspec = "configdir='/etc/pki/nssdb' tokenDescripton='SystemDB' flags='readOnly'";
+ PK11SlotInfo *systemCertDB = SECMOD_OpenUserDB(modspec);
+
+ if(!systemCertDB)
+ {
+ PR_LOG( coolKeyLogNSS, PR_LOG_ALWAYS, ("%s NSSManager::InitNSS problem loading Linux System Cert Database!\n",GetTStamp(tBuff,56)));
+ }
+
+#endif
+
mpSCMonitoringThread = new SmartCardMonitoringThread(userModule);
if (!mpSCMonitoringThread) {
SECMOD_UnloadUserModule(userModule);
@@ -132,6 +151,17 @@
// Logout all tokens.
PK11_LogoutAll();
+
+#ifdef LINUX
+ if(systemCertDB)
+ {
+ SECMOD_CloseUserDB(systemCertDB);
+
+ PK11_FreeSlot(systemCertDB);
+ systemCertDB = NULL;
+ }
+
+#endif
}
bool
@@ -326,7 +356,7 @@
return S_OK;
}
-HRESULT NSSManager::GetKeyIssuedTo(const CoolKey *aKey, char *aBuf, int aBufLength)
+HRESULT NSSManager::GetKeyIssuer(const CoolKey *aKey, char *aBuf, int aBufLength)
{
char tBuff[56];
if(!aBuf)
@@ -337,17 +367,89 @@
PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyIssuedTo \n",GetTStamp(tBuff,56)));
if(!aKey )
- {
return E_FAIL;
- }
PK11SlotInfo *slot = GetSlotForKeyID(aKey);
if (!slot)
+ return E_FAIL;
+
+ CERTCertList *certs = PK11_ListCerts(PK11CertListAll,NULL);
+
+ if (!certs)
{
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%sNSSManager::GetKeyIssuer no certs found! \n",GetTStamp(tBuff,56)));
+ PK11_FreeSlot(slot);
return E_FAIL;
}
+ CERTCertListNode *node= NULL;
+
+ char *orgID = NULL;
+
+ for( node = CERT_LIST_HEAD(certs);
+ ! CERT_LIST_END(node, certs);
+ node = CERT_LIST_NEXT(node))
+ {
+ if(node->cert)
+ {
+ CERTCertificate *cert = node->cert;
+
+ if(cert)
+ {
+ if(cert->slot == slot)
+ {
+ if(IsCACert(cert))
+ {
+ continue;
+ }
+ orgID = CERT_GetOrgName(&cert->subject);
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyIssuedTo ourSlot %p curSlot %p org %s \n",GetTStamp(tBuff,56),slot,cert->slot,orgID));
+
+ }
+
+ if(orgID)
+ break;
+ }
+ }
+
+ }
+
+ if(orgID && ((int)strlen(orgID) < aBufLength))
+ {
+ strcpy(aBuf,orgID);
+ }
+
+ if(certs)
+ CERT_DestroyCertList(certs);
+
+ if(slot)
+ PK11_FreeSlot(slot);
+
+ if(orgID)
+ PORT_Free(orgID);
+
+ return S_OK;
+}
+
+HRESULT NSSManager::GetKeyIssuedTo(const CoolKey *aKey, char *aBuf, int aBufLength)
+{
+ char tBuff[56];
+ if(!aBuf)
+ return E_FAIL;
+
+ aBuf[0]=0;
+
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyIssuedTo \n",GetTStamp(tBuff,56)));
+
+ if(!aKey )
+ return E_FAIL;
+
+ PK11SlotInfo *slot = GetSlotForKeyID(aKey);
+
+ if (!slot)
+ return E_FAIL;
+
CERTCertList *certs = PK11_ListCerts(PK11CertListAll,NULL);
if (!certs)
@@ -373,8 +475,14 @@
{
if(cert->slot == slot)
{
+ if(IsCACert(cert))
+ {
+ continue;
+ }
+
certID = CERT_GetCommonName(&cert->subject);
- PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyIssuedTo ourSlot %p curSlot %p certID %s \n",GetTStamp(tBuff,56),slot,cert->slot,certID));
+
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyIssuedTo ourSlot %p curSlot %p certID %s \n",GetTStamp(tBuff,56),slot,cert->slot,certID));
}
@@ -627,3 +735,41 @@
return isAuthenticated;
}
+
+bool
+NSSManager::IsCACert(CERTCertificate *cert)
+{
+ char tBuff[56];
+ bool isCA = false;
+
+ if(!cert)
+ return isCA;
+
+ SECItem basicItem;
+ basicItem.data = 0;
+
+ SECStatus s = CERT_FindCertExtension(cert, SEC_OID_X509_BASIC_CONSTRAINTS, &basicItem);
+
+ if(s != SECSuccess || !basicItem.data)
+ return isCA;
+
+ CERTBasicConstraints basic_value;
+
+ s = CERT_DecodeBasicConstraintValue(&basic_value,&basicItem);
+
+ if(s != SECSuccess)
+ return isCA;
+
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%sNSSManager::GetKeyIssuedTo isCA %d \n",GetTStamp(tBuff,56),basic_value.isCA));
+
+ if(basic_value.isCA)
+ {
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%sNSSManager::GetKeyIssuedTo found a CA cert , skipping! \n",GetTStamp(tBuff,56)));
+ isCA = true;
+ }
+
+ PORT_Free(basicItem.data);
+ basicItem.data = NULL;
+
+ return isCA;
+}
Index: NSSManager.h
===================================================================
RCS file: /cvs/dirsec/esc/src/lib/coolkey/NSSManager.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- NSSManager.h 27 Sep 2006 17:47:46 -0000 1.2
+++ NSSManager.h 7 May 2007 23:51:46 -0000 1.3
@@ -68,11 +68,16 @@
static HRESULT GetKeyIssuedTo(const CoolKey *aKey, char *aBuf, int aBufLength);
-
+ static HRESULT GetKeyIssuer(const CoolKey *aKey, char *aBuf, int aBufLength);
private:
+ static bool IsCACert(CERTCertificate *cert);
+
+#ifdef LINUX
+ PK11SlotInfo *systemCertDB;
+#endif
SmartCardMonitoringThread *mpSCMonitoringThread;
};
16 years, 11 months
- 1
- 0
[Fedora-directory-commits] esc/src/app/xul/esc/chrome/locale/en-US esc.dtd, 1.5, 1.6 esc.properties, 1.5, 1.6
by Doctor Conrad
Author: jmagne
Update of /cvs/dirsec/esc/src/app/xul/esc/chrome/locale/en-US
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv650
Modified Files:
esc.dtd esc.properties
Log Message:
New key states, and hot keys.
Index: esc.dtd
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/locale/en-US/esc.dtd,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- esc.dtd 9 Feb 2007 21:54:22 -0000 1.5
+++ esc.dtd 7 May 2007 23:50:39 -0000 1.6
@@ -86,3 +86,14 @@
<!ENTITY tpsConfigDesc3 "Enter the location of the smart card server (such as https://smartcardserver.example.com:7888)">
<!ENTITY diagnosticsMessage "The information below is diagnostic information that your system generates as you use your smart card. If you are having smart card problems, you may be asked by your support engineer to send this information for analysis.">
<!ENTITY dontLaunchBrowser "Don't launch the default browser when enrolled card is inserted.">
+<!ENTITY Close.accesskey "C">
+<!ENTITY OK.accesskey "O">
+<!ENTITY Format.accesskey "F">
+<!ENTITY Enroll.accesskey "E">
+<!ENTITY ResetPin.accesskey "R">
+<!ENTITY Test.accesskey "T">
+<!ENTITY Diagnostics.accesskey "D">
+<!ENTITY Cancel.accesskey "C">
+<!ENTITY Submit.accesskey "S">
+<!ENTITY ViewCerts.accesskey "V">
+<!ENTITY CopyClip.accesskey "T">
Index: esc.properties
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/locale/en-US/esc.properties,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- esc.properties 28 Feb 2007 19:13:52 -0000 1.5
+++ esc.properties 7 May 2007 23:50:39 -0000 1.6
@@ -23,12 +23,13 @@
noKeysPresent=No Cards Present
blankKey=Blank
uninitializedKey=Uninitialized
-statusEnrolled=ENROLLED
-statusUnavailable=UNAVAILABLE
-statusNoApplet=NO APPLET
-statusUninitialized=UNINITIALIZED
-statusUnknown=UNKNOWN
-statusBusy=BUSY
+statusEnrolled=Enrolled
+statusUnavailable=Unavailable
+statusNoApplet=Unformatted
+statusUninitialized=Formatted
+statusLoggedIn=Logged In
+statusUnknown=Unknown
+statusBusy=Busy
unknownIssuer=Unknown
redHatUser=User
statusUnknown=Unknown
@@ -79,8 +80,8 @@
keyRemovedComputer=smart card removed.
diagnosticsMessage=The information below is diagnostic information that your system generates as you use your smart card. If you are having smart card problems, you may be asked by your support engineer to send this information for analysis.
-menuManageKeys=Manage Smart Cards
-menuExit=Exit Smart Card Manager
+menuManageKeys=Manage Smart Cards...
+menuExit=Quit
#ESC Error Messages from TPS
errorNone=Operation Completed Successfully.
serverError=Smart Card Server error.
@@ -165,7 +166,7 @@
errorValidUserPassword=You must provide a valid user password!
errorSelectKey=Please select a smart card.
errorEnrolledFirst=Smart card must be enrolled first! Enroll card and try again.
-enrollmentFor=Enrollment for
+enrollmentFor=Enrollment of your
errorNeedKeyForSecMode=Please insert enrolled smart card before attempting secure mode.
wasSuccessful=was successful.
pinResetSuccessful=Password Reset was successfull!
@@ -201,3 +202,5 @@
mustHaveValue=Must have value set for field:
noParentWindow=No parent window.
authDialogNoParent=Auth dialog has no parent!
+authSubmit=Submit
+authSubmitAccessKey=S
16 years, 11 months
- 1
- 0
[Fedora-directory-commits] esc/src/app/xul/esc/chrome/content/esc ESC.js, 1.13, 1.14 GenericAuth.xul, 1.3, 1.4 advancedinfo.xul, 1.2, 1.3 config.xul, 1.4, 1.5 esc.css, 1.4, 1.5 esc.png, 1.1, 1.2 esc.xul, 1.5, 1.6 password.js, 1.2, 1.3 security.xul, 1.1, 1.2 settings.xul, 1.5, 1.6
by Doctor Conrad
Author: jmagne
Update of /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv602
Modified Files:
ESC.js GenericAuth.xul advancedinfo.xul config.xul esc.css
esc.png esc.xul password.js security.xul settings.xul
Log Message:
Latest bug fixes.
Index: ESC.js
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/ESC.js,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- ESC.js 5 Apr 2007 18:39:52 -0000 1.13
+++ ESC.js 7 May 2007 23:49:23 -0000 1.14
@@ -229,9 +229,10 @@
var issuer = "";
if(aResult == true)
{
- issuer = GetCachedIssuer(keyID);
+ issuer = GetCoolKeyIssuer(keyType,keyID);
if(!issuer)
issuer = getBundleString("unknownIssuer");
+ recordMessage("In DoPhoneHome callback success issuer " + issuer);
TraySendNotificationMessage(getBundleString("keyInserted"),"\"" + issuer +"\"" + " " + getBundleString("keyInsertedComputer"),3,4000,GetESCNotifyIconPath(keyType,keyID));
LogKeyInfo(keyType,keyID,"Key Inserted ...");
UpdateRowWithPhoneHomeData(keyType,keyID);
@@ -248,7 +249,11 @@
}
else
{
- issuer = getBundleString("unknownIssuer");
+
+ issuer = GetCoolKeyIssuer(keyType,keyID);
+ if(!issuer)
+ issuer = getBundleString("unknownIssuer");
+ recordMessage("Phone home callback failed , issuer " + issuer);
TraySendNotificationMessage(getBundleString("keyInserted"),"\"" + issuer +"\"" + " " + getBundleString("keyInsertedComputer"),3,4000,GetESCNotifyIconPath(keyType,keyID));
LogKeyInfo(keyType,keyID,"Key Inserted ...");
}
@@ -265,7 +270,7 @@
var phoneHomeURI = GetCachedPhoneHomeURL(keyID);
recordMessage("Phone home info cached...");
- issuer = GetCachedIssuer(keyID);
+ issuer = GetCoolKeyIssuer(keyType,keyID);
TraySendNotificationMessage(getBundleString("keyInserted"),"\"" + issuer +"\"" + " " + getBundleString("keyInsertedComputer"),3,4000,GetESCNotifyIconPath(keyType,keyID));
LogKeyInfo(keyType,keyID,"Key Inserted ...");
@@ -415,6 +420,11 @@
function InitializePhoneHomeConfigUI()
{
+ var uri_box = document.getElementById("phonehomeuri");
+
+ if(uri_box)
+ uri_box.focus();
+
window.sizeToContent();
}
@@ -666,8 +676,24 @@
issuer = GetCachedIssuer(keyID);
- if(!issuer)
- issuer = getBundleString("unknownIssuer");
+
+ // Now try to read off the certs if applicable
+
+ if(!issuer && (GetStatusForKeyID(keyType, keyID) == getBundleString("statusEnrolled")))
+ {
+ try {
+ netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+ issuer = netkey.GetCoolKeyIssuer(keyType,keyID);
+
+ } catch (e)
+ {
+ issuer = null;
+ }
+ }
+
+
+ if(!issuer)
+ issuer = getBundleString("unknownIssuer");
return issuer;
}
@@ -719,11 +745,16 @@
var appletVerMaj = DoGetCoolKeyGetAppletVer(keyType, keyID , true);
var appletVerMin = DoGetCoolKeyGetAppletVer(keyType, keyID, false);
- var issuer = GetCachedIssuer(keyID);
+ var issuer = GetCoolKeyIssuer(keyType,keyID);
if(!issuer)
issuer = getBundleString("unknownIssuer");
- textDump += getBundleString("smartCardU") + " " + i + ":" + "\n\n";
+ var cardName = DoCoolKeyGetTokenName(keyType,keyID);
+
+ if(!cardName)
+ cardName = i;
+
+ textDump += getBundleString("smartCardU") + " " + cardName + ":" + "\n\n";
textDump += " " + getBundleString("appletVersion") + " " + appletVerMaj + "." + appletVerMin + "\n";
@@ -1008,24 +1039,24 @@
{
var image_src = "";
- if(observeBusy && (keyStatus == "BUSY" ))
+ if(observeBusy && (keyStatus == getBundleString("statusBusy")))
{
return "throbber-anim5.gif";
}
- if(keyStatus == "UNAVAILABLE")
+ if(keyStatus == getBundleString("statusUnavailable"))
{
return "";
}
- if(keyStatus == "ENROLLED")
+ if(keyStatus == getBundleString("statusEnrolled"))
{
image_src = "enrolled-key";
}
else
{
- if(keyStatus == "UNINITIALIZED")
+ if(keyStatus == getBundleString("statusUninitialized"))
image_src = "initializecard";
else
- if(keyStatus == "NO APPLET")
+ if(keyStatus == getBundleString("statusNoApplet"))
image_src = "blank-card";
}
@@ -1205,6 +1236,7 @@
function UpdateEnrollmentArea(keyType,keyID,inserted,showFullUI,showExternalUI)
{
+
if(!gEnrollmentPage)
return;
@@ -1215,12 +1247,11 @@
{
alreadyEnrolled = true;
}
- var arr = GetAvailableCoolKeys();
- var numKeys = arr.length;
- //alert("inserted " + inserted + " showFulUI " + showFullUI + " showExternalUI " + showExternalUI + " already enrolled " + alreadyEnrolled);
+ var numUnenrolledKeys = DoGetNumUnenrolledCoolKeys();
+
+ //alert("inserted " + inserted + " showFulUI " + showFullUI + " showExternalUI " + showExternalUI + " already enrolled " + alreadyEnrolled + " numUnenrolledKeys " + numUnenrolledKeys);
- //If we already have external UI and keys left, don't mess it up
var ui_id = document.getElementById("esc-ui");
@@ -1232,7 +1263,7 @@
if(!inserted)
{
- if(!numKeys)
+ if(!numUnenrolledKeys)
{
ui_id.setAttribute("src",null);
}
@@ -1389,6 +1420,9 @@
var pw = document.getElementById("pintf").value;
var pwlength = 0;
+ var qualityMeter = document.getElementById("pass-progress-id");
+
+
if(pw)
pwlength = pw.length;
@@ -1422,6 +1456,11 @@
if ( pwstrength > 100 ) {
pwstrength = 100;
}
+ if(qualityMeter)
+ {
+ qualityMeter.setAttribute("value", pwstrength);
+
+ }
if(qualityImage)
{
if(pwlength==0)
@@ -1522,13 +1561,14 @@
break;
case 4: // Available
case 6: // UnblockInProgress
- case 7: // PINResetInProgress
case 8: // RenewInProgress
keyStatus = PolicyToKeyType(GetCoolKeyPolicy(keyType, keyID));
break;
- case 5: // EnrollmentInProgress
+ case 7: // PINResetInProgress
keyStatus = getBundleString("statusBusy");
break;
+ case 5: // EnrollmentInProgress
+ keyStatus = getBundleString("statusBusy");
break;
case 9: // FormatInProgress
keyStatus = getBundleString("statusBusy");
@@ -1604,7 +1644,7 @@
function UpdateCoolKeyAvailabilityForEnrollment()
{
//Here we only allow ONE key
- //Take the first one that shows up.
+ //Take the first unenrolled one that shows up.
var arr = GetAvailableCoolKeys();
@@ -1616,17 +1656,24 @@
var i=0;
- for (i=0; i < 1; i++)
+ for (i=0; i < arr.length; i++)
{
- var row = InsertCoolKeyIntoEnrollmentPage(arr[i][0],arr[i][1]);
+ var status = GetStatusForKeyID(arr[i][0],arr[i][1]);
- if(row)
- gCurrentSelectedRow = row;
+ if(status != getBundleString("statusEnrolled"))
+ {
+ var row = InsertCoolKeyIntoEnrollmentPage(arr[i][0],arr[i][1]);
- var keyInserted = 1;
- var showFullUI = 0;
+ if(row)
+ gCurrentSelectedRow = row;
+
+ var keyInserted = 1;
+ var showFullUI = 0;
- UpdateEnrollmentArea(arr[i][0],arr[i][1],keyInserted,showFullUI);
+ UpdateEnrollmentArea(arr[i][0],arr[i][1],keyInserted,showFullUI);
+
+ break;
+ }
}
UpdateESCSize();
@@ -1660,6 +1707,8 @@
{
UpdateESCSize();
}
+
+ window.focus();
}
function SetCurrentSelectedRowForEnrollment()
@@ -1703,6 +1752,9 @@
DoSetEnrolledBrowserLaunchState();
DoHandleEnrolledBrowserLaunch();
+
+ window.setTimeout('ShowWindow()',250);
+
}
//Window related functions
@@ -2039,11 +2091,15 @@
if(!gAdminPage)
return;
- var isCool = DoGetCoolKeyIsReallyCoolKey(keyType, keyID);
+ var isCool = null;
+
+ //alert("blub " + " keyType " + keyType + " keyID " + keyID);
+
+ isCool = DoGetCoolKeyIsReallyCoolKey(keyType, keyID);
var noKey = 0;
- if(!keyType || !keyID)
+ if(!keyType && !keyID)
{
noKey = 1;
}
@@ -2053,7 +2109,6 @@
if(!noKey)
keyStatus = GetStatusForKeyID(keyType, keyID);
-
recordMessage("No Key: " + noKey + " status " + keyStatus);
var passwordArea = document.getElementById("password-area-id");
@@ -2101,11 +2156,6 @@
if(!viewcertsbtn)
return;
- //hack for CAC cards that now have no CUID reported
-
- if(!isCool && !noKey)
- keyStatus = "ENROLLED";
-
var image_src = SelectImageForKeyStatus(keyStatus,1,1);
recordMessage("image_src " + image_src);
@@ -2116,13 +2166,38 @@
ShowItem(detailsImage);
detailsImage.setAttribute("src", image_src);
}
+
+ // Now take care of the right click context menu that is
+ // Invisible at this point
+
+ var adminkeymenu = document.getElementById("adminkeymenu");
+ var menu_format = null;
+ var menu_enroll = null;
+ var menu_resetpassword = null;
+
+ if(adminkeymenu)
+ {
+ menu_format = document.getElementById("menu-format");
+ menu_enroll = document.getElementById("menu-enroll");
+ menu_resetpassword = document.getElementById("menu-resetpassword");
+
+ if(!menu_format || !menu_enroll || !menu_resetpassword)
+ {
+ menu_format = null;
+ menu_enroll = null;
+ menu_resetpassword = null;
+ adminkeymenu = null;
+ }
+ }
+
+ recordMessage("Obtained admin popup menu object.");
ShowItem(advancedbtn);
EnableItem(advancedbtn);
var isBusy = 0;
var operationLabel = null;
- if(keyStatus == "BUSY" || keyStatus == "UNAVAILABLE")
+ if(keyStatus == getBundleString("statusBusy") || keyStatus == getBundleString("statusUnavailable"))
isBusy = 1;
if(isBusy)
@@ -2132,9 +2207,15 @@
if(!keyStatus)
{
-
DisableItem(viewcertsbtn);
DisableItem(enrollbtn);
+ if(adminkeymenu)
+ {
+ DisableItem(menu_enroll);
+ DisableItem(menu_resetpassword);
+ DisableItem(menu_format);
+ }
+
DisableItem(resetpinbtn);
DisableItem(formatbtn);
@@ -2144,21 +2225,44 @@
return;
}
- if(keyStatus == "ENROLLED")
+ if(keyStatus == getBundleString("statusEnrolled"))
{
+ var isLoginKey = IsKeyLoginKey(keyType,keyID);
EnableItem(viewcertsbtn);
DisableItem(enrollbtn);
+ if(adminkeymenu)
+ DisableItem(menu_enroll);
if(isCool)
{
+ if(adminkeymenu)
+ EnableItem(menu_resetpassword);
+
EnableItem(resetpinbtn);
- EnableItem(formatbtn);
+
+ if(!isLoginKey)
+ {
+ EnableItem(formatbtn);
+ if(adminkeymenu)
+ EnableItem(menu_format);
+ }
+ else
+ {
+ DisableItem(formatbtn);
+ if(adminkeymenu)
+ DisableItem(menu_format);
+ }
}
else
{
DisableItem(resetpinbtn);
DisableItem(formatbtn);
+ if(adminkeymenu)
+ {
+ DisableItem(menu_format);
+ DisableItem(menu_resetpassword);
+ }
}
if(!isBusy)
@@ -2167,51 +2271,75 @@
return;
}
- if(keyStatus == "UNINITIALIZED")
+ if(keyStatus == getBundleString("statusUninitialized"))
{
DisableItem(viewcertsbtn);
if(isCool)
{
EnableItem(enrollbtn);
+ if(adminkeymenu)
+ EnableItem(menu_enroll);
}
else
{
+ if(adminkeymenu)
+ DisableItem(menu_enroll);
+
DisableItem(enrollbtn);
}
DisableItem(resetpinbtn);
+ if(adminkeymenu)
+ DisableItem(menu_resetpassword);
+
if(!isBusy)
- detailsKeyLabel.setAttribute("value",getBundleString("uninitializedKey"));
+ detailsKeyLabel.setAttribute("value",getBundleString("statusUninitialized"));
if(isCool)
{
EnableItem(formatbtn);
-
+ if(adminkeymenu)
+ EnableItem(menu_format);
}
else
{
+ if(adminkeymenu)
+ DisableItem(menu_format);
+
DisableItem(formatbtn);
}
return;
}
- if(keyStatus == "NO APPLET")
+ if(keyStatus == getBundleString("statusNoApplet"))
{
DisableItem(viewcertsbtn);
DisableItem(enrollbtn);
DisableItem(resetpinbtn);
+ if(adminkeymenu)
+ {
+ DisableItem(menu_enroll);
+ DisableItem(menu_resetpassword);
+ }
+
if(!isBusy)
- detailsKeyLabel.setAttribute("value",getBundleString("blankKey"));
+ detailsKeyLabel.setAttribute("value",getBundleString("statusNoApplet"));
if(isCool)
{
+ if(adminkeymenu)
+ EnableItem(menu_format);
+
EnableItem(formatbtn);
}
else
{
+ if(adminkeymenu)
+ DisableItem(menu_format);
+
DisableItem(formatbtn);
}
@@ -2229,6 +2357,12 @@
if(operationLabel)
detailsKeyLabel.setAttribute("value",operationLabel);
+ if(adminkeymenu)
+ {
+ DisableItem(menu_enroll);
+ DisableItem(menu_format);
+ DisableItem(menu_resetpassword);
+ }
}
}
@@ -2249,7 +2383,6 @@
}
function UpdateAdminListRow( keyType, keyID)
{
-
if(!gAdminPage)
return;
@@ -2262,6 +2395,8 @@
if(!listbox)
return;
+ var isLoginKey = IsKeyLoginKey(keyType,keyID);
+
var issuer = GetCoolKeyIssuer(keyType,keyID);
var issuedTo = GetCoolKeyIssuedTo(keyType,keyID);
var keyStatus = GetStatusForKeyID(keyType, keyID);
@@ -2278,7 +2413,13 @@
issuedToCell.setAttribute("label",issuedTo);
if(statusCell)
- statusCell.setAttribute("label",keyStatus);
+ {
+ if(!isLoginKey)
+ statusCell.setAttribute("label",keyStatus);
+ else
+ statusCell.setAttribute("label",getBundleString("statusLoggedIn"));
+
+ }
if(imageCell)
imageCell.setAttribute("image",SelectImageForKeyStatus(keyStatus,1,0));
@@ -2332,7 +2473,13 @@
return null;
status.setAttribute("class","rowLabelText");
- status.setAttribute("label",keyStatus);
+
+ var isLoginKey = IsKeyLoginKey(keyType,keyID);
+ if(!isLoginKey)
+ status.setAttribute("label",keyStatus);
+ else
+ status.setAttribute("label",getBundleString("statusLoggedIn"));
+
status.setAttribute("id",KeyToCellID(keyType,keyID,"status"));
var progressCell = InsertListCell(listrow);
@@ -2351,9 +2498,12 @@
progressMeter.setAttribute("value", "0%");
progressMeter.setAttribute("class","progressMeter");
+ HideItem(progressMeter);
}
listrow.setAttribute("onclick","DoSelectAdminListRow(this);");
+ listrow.setAttribute("ondblclick","launchCertViewerIfCerts();");
+ listrow.setAttribute("context","adminkeymenu");
adminListBox.appendChild(listrow);
return listrow;
@@ -2396,6 +2546,12 @@
{
SetProgressMeterValue(progMeterID, 0);
SetProgressMeterStatus(progMeterID, "");
+
+ var meter = document.getElementById(progMeterID);
+ if(meter)
+ HideItem(meter);
+
+
}
function KeyToProgressBarID(keyType, keyID)
@@ -2504,6 +2660,8 @@
var screennamepwd = null;
var tokencode = null;
+
+ var failed = 0;
if (type == "userKey")
{
@@ -2526,6 +2684,7 @@
if (!EnrollCoolKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
{
+ failed = 1;
recordMessage("EnrollCoolKey failed.");
}
@@ -2533,7 +2692,11 @@
{
UpdateAdminListRow(keyType,keyID);
UpdateAdminKeyDetailsArea(keyType,keyID);
- UpdateAdminKeyAreaDetailsLabel(getBundleString("enrollingToken"));
+ if(!failed)
+ {
+ AdminToggleStatusProgress(1,keyType,keyID);
+ UpdateAdminKeyAreaDetailsLabel(getBundleString("enrollingToken"));
+ }
}
}
@@ -2558,16 +2721,20 @@
var pin = GetPINValue();
var screennamepwd = null;
+ var failed = 0;
+
if (GetCoolKeyIsEnrolled(keyType, keyID))
{
if (!ResetCoolKeyPIN(keyType, keyID, screenname, pin,screennamepwd))
{
+ failed = 1;
recordMessage("ResetCoolKeyPIN failed.");
}
}
else
{
+ failed = 1;
MyAlert(getBundleString("errorEnrolledFirst"));
}
@@ -2575,7 +2742,12 @@
{
UpdateAdminListRow(keyType,keyID);
UpdateAdminKeyDetailsArea(keyType,keyID);
- UpdateAdminKeyAreaDetailsLabel(getBundleString("resettingTokenPIN"));
+
+ if(!failed)
+ {
+ AdminToggleStatusProgress(1,keyType,keyID);
+ UpdateAdminKeyAreaDetailsLabel(getBundleString("resettingTokenPIN"));
+ }
}
}
@@ -2590,6 +2762,7 @@
var keyType = keyInfo[0];
var keyID = keyInfo[1];
+ var failed = 0;
var globalType = GetCachedTokenType(keyID);
if(!type)
@@ -2609,6 +2782,7 @@
if (!FormatCoolKey(keyType, keyID, lType, screenname, pin,screennamepwd,tokencode))
{
+ failed = 1;
recordMessage("FormatCoolKey failed.");
}
@@ -2616,7 +2790,11 @@
{
UpdateAdminListRow(keyType,keyID);
UpdateAdminKeyDetailsArea(keyType,keyID);
- UpdateAdminKeyAreaDetailsLabel(getBundleString("formatingToken"));
+ if(!failed)
+ {
+ AdminToggleStatusProgress(1,keyType,keyID);
+ UpdateAdminKeyAreaDetailsLabel(getBundleString("formatingToken"));
+ }
}
}
function DoCancelOperation()
@@ -2677,18 +2855,25 @@
{
var phoneHomeSuccess = 1;
if(DoGetCoolKeyIsReallyCoolKey(keyType, keyID))
+ {
phoneHomeSuccess = DoPhoneHome(keyType,keyID);
+ }
+ else
+ {
+ var issuer = GetCoolKeyIssuer(keyType,keyID);
+ if(!issuer )
+ issuer = getBundleString("unknownIssuer");
+
+ TraySendNotificationMessage(getBundleString("keyInserted"),"\"" + issuer +"\"" + " " + getBundleString("keyInsertedComputer"),3,4000,GetESCNotifyIconPath(keyType,keyID));
+
+ }
+
ShowAllWindows();
if(!CheckForSecurityMode())
{
SelectESCPage(keyType,keyID,1 - phoneHomeSuccess);
}
- var issuer = GetCachedIssuer(keyID);
- if(!issuer )
- {
- issuer = getBundleString("unknownIssuer");
- }
}
}
@@ -2699,7 +2884,6 @@
var row = GetRowForKey(keyType, keyID);
-
if(gHiddenPage)
{
if(curChildWindow)
@@ -2707,7 +2891,7 @@
curChildWindow.close();
curChildWindow = null;
}
- var issuer = GetCachedIssuer(keyID);
+ var issuer = GetCoolKeyIssuer(keyType,keyID);
if(!issuer)
issuer = getBundleString("unknownIssuer");
TraySendNotificationMessage(getBundleString("keyRemoved"),"\"" + issuer + "\"" + " " + getBundleString("keyRemovedComputer"),1,4000,GetESCNotifyIconPath(keyType,keyID));
@@ -2723,9 +2907,17 @@
{
RemoveAdminRow(row);
if (row == gCurrentSelectedRow)
+ {
gCurrentSelectedRow = null;
-
- UpdateAdminKeyDetailsArea(null,null);
+ UpdateAdminBindingListAvailability();
+ }
+ else
+ {
+ if(DoGetNumCoolKeys() == 0)
+ {
+ UpdateAdminKeyDetailsArea(null,null);
+ }
+ }
}
}
@@ -2765,6 +2957,7 @@
{
UpdateAdminKeyDetailsArea(keyType,keyID);
UpdateAdminListRow(keyType,keyID);
+ AdminToggleStatusProgress(0,keyType,keyID);
}
ClearProgressBar(KeyToProgressBarID(keyType, keyID));
@@ -2789,6 +2982,7 @@
{
UpdateAdminKeyDetailsArea(keyType,keyID);
UpdateAdminListRow(keyType,keyID);
+ AdminToggleStatusProgress(0,keyType,keyID);
}
}
@@ -2812,6 +3006,7 @@
{
UpdateAdminKeyDetailsArea(keyType,keyID);
UpdateAdminListRow(keyType,keyID);
+ AdminToggleStatusProgress(0,keyType,keyID);
}
}
@@ -2858,6 +3053,7 @@
{
UpdateAdminKeyDetailsArea(keyType,keyID);
UpdateAdminListRow(keyType,keyID);
+ AdminToggleStatusProgress(0,keyType,keyID);
}
if(!CheckForSecurityMode())
@@ -3319,9 +3515,35 @@
return num;
}
+
+//Return how many unenrolled cards are plugged in.
+function DoGetNumUnenrolledCoolKeys()
+{
+ var num = 0;
+ var arr = GetAvailableCoolKeys();
+ if (arr && arr.length )
+ {
+ for (i=0; i < arr.length; i++)
+ {
+ var status = GetStatusForKeyID(arr[i][0],arr[i][1]);
+
+ if(status != getBundleString("statusEnrolled"))
+ num++;
+
+ }
+ }
+
+ return num;
+
+}
+
+
//Is this really a CoolKey and not a CAC card?
function DoGetCoolKeyIsReallyCoolKey(keyType,keyID)
{
+ if(!keyType && !keyID)
+ return 0;
+
try {
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
var isCool = netkey.GetCoolKeyIsReallyCoolKey(keyType, keyID);
@@ -3415,6 +3637,24 @@
return atr;
}
+
+//Get Token Name of card
+function DoCoolKeyGetTokenName(keyType,keyID)
+{
+ if(!keyType && !keyID)
+ return null;
+
+ var name = null;
+ try {
+ netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+ name = netkey.GetCoolKeyTokenName(keyType, keyID);
+ } catch (e) {
+ return name;
+ }
+
+ return name;
+}
+
//Get applet version of card
function DoGetCoolKeyGetAppletVer(keyType, keyID , isMajor)
{
@@ -3452,6 +3692,13 @@
MyAlert(usageStr);
}
+function ShowVersion()
+{
+ var verStr = getBundleString("coolkeyComponentVersion") + "\n\n";
+
+ MyAlert(verStr + " " + GetCoolKeyVersion());
+
+}
//Is the security mode up?
function CheckForSecurityMode()
@@ -3492,6 +3739,33 @@
}
}
+//Launch cert viewer if key has certs
+
+function launchCertViewerIfCerts()
+{
+ var row = null;
+
+ if(gCurrentSelectedRow)
+ row = gCurrentSelectedRow;
+
+ if(!row)
+ return;
+
+ var theID = row.getAttribute("id");
+
+ if (!theID)
+ return;
+
+ var keyInfo = RowIDToKeyInfo(theID);
+
+ var status = GetStatusForKeyID(keyInfo[0],keyInfo[1]);
+
+ if(status == getBundleString("statusEnrolled"))
+ {
+ launchCertViewer();
+ }
+}
+
//Launch page to view card's certificates
function launchCertViewer()
{
@@ -3507,7 +3781,6 @@
if(!adminWnd)
{
var wind = window.open("chrome://esc/content/settings.xul","","chrome,resizable,centerscreen,dialog");
-
} else
{
adminWnd.focus();
@@ -3780,7 +4053,7 @@
function LogKeyInfo(aKeyType,aKeyID,aMessage)
{
- var issuer = GetCachedIssuer(aKeyID);
+ var issuer = GetCoolKeyIssuer(aKeyType,aKeyID);
var status = GetStatusForKeyID(aKeyType, aKeyID);
var atr = DoCoolKeyGetATR(aKeyType,aKeyID);
var tpsURI = GetCachedTPSURL(aKeyID);
@@ -4130,3 +4403,84 @@
if(consoleService)
consoleService.logStringMessage("esc: " + message + "\n");
}
+
+function GetEnvironmentVar(aVar)
+{
+ if(!aVar)
+ return null;
+
+ var environ = Components.classes["@mozilla.org/process/environment;1"]
+ .getService(Components.interfaces.nsIEnvironment);
+
+
+ var retVar = null;
+
+ if(environ)
+ retVar = environ.get(aVar);
+
+ //alert("var: " + aVar + " value: " + retVar);
+
+ return retVar;
+}
+
+function SetEnvironmentVar(aVar,aValue)
+{
+ if(!aVar || !aValue)
+ return ;
+
+ var environ = Components.classes["@mozilla.org/process/environment;1"]
+ .getService(Components.interfaces.nsIEnvironment);
+
+ if(environ)
+ retVar = environ.set(aVar,aValue);
+}
+
+function IsKeyLoginKey(keyType,keyID)
+{
+ var result = 0;
+
+ var token_name = DoCoolKeyGetTokenName(keyType,keyID);
+ var login_token_name = GetEnvironmentVar("PKCS11_LOGIN_TOKEN_NAME");
+
+ if(token_name == login_token_name)
+ {
+ result = 1;
+ }
+
+ return result;
+}
+
+function AdminToggleStatusProgress(aOn,keyType,keyID)
+{
+ if(!gAdminPage)
+ return;
+
+ var statusCell = document.getElementById(KeyToCellID(keyType,keyID,"status"));
+
+ if(!statusCell)
+ return;
+
+ var progMeterID = KeyToProgressBarID(keyType, keyID);
+ if(!progMeterID)
+ return;
+
+ var meter = document.getElementById(progMeterID);
+
+ if(!meter)
+ return;
+
+ if(aOn)
+ {
+ HideItem(statusCell);
+ ShowItem(meter);
+ }
+ else
+ {
+ HideItem(meter);
+ ShowItem(statusCell);
+
+ var adminList = document.getElementById("AdminBindingList");
+ if(adminList)
+ adminList.focus();
+ }
+}
Index: GenericAuth.xul
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/GenericAuth.xul,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- GenericAuth.xul 25 Oct 2006 04:03:35 -0000 1.3
+++ GenericAuth.xul 7 May 2007 23:49:23 -0000 1.4
@@ -1,5 +1,4 @@
<?xml version="1.0"?>
-<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
<?xml-stylesheet href="esc.css" type="text/css"?>
<!-- ***** BEGIN COPYRIGHT BLOCK *****
* This Program is free software; you can redistribute it and/or modify it under
Index: advancedinfo.xul
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/advancedinfo.xul,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- advancedinfo.xul 25 Oct 2006 04:03:35 -0000 1.2
+++ advancedinfo.xul 7 May 2007 23:49:23 -0000 1.3
@@ -55,8 +55,8 @@
</groupbox>
<hbox >
<spacer flex = "1"/>
-<button id="copytocp" label = "©ToClipboard;" oncommand="DoCopyAdvancedInfoToClipBoard();"/>
-<button id="closebtn" label="&closeNow;" oncommand="window.close();" />
+<button id="copytocp" label = "©ToClipboard;" oncommand="DoCopyAdvancedInfoToClipBoard();" accesskey="&CopyClip.accesskey;"/>
+<button id="closebtn" label="&closeNow;" oncommand="window.close();" accesskey="&Close.accesskey;" />
</hbox>
Index: config.xul
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/config.xul,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- config.xul 25 Oct 2006 04:03:35 -0000 1.4
+++ config.xul 7 May 2007 23:49:23 -0000 1.5
@@ -67,14 +67,14 @@
<row pack="center">
<label class="titleText" value="&tpsURIHeader;" />
<textbox size="70" class="configTextBox" id="phonehomeuri" value="" />
- <button class="mediumButon" id="testtpsurl" label="&doTest;" oncommand="DoPhoneHomeTest();"/>
+ <button class="mediumButon" id="testtpsurl" label="&doTest;" oncommand="DoPhoneHomeTest();" accesskey="&Test.accesskey;"/>
</row>
</rows>
</grid>
<hbox flex="1">
<spacer flex ="1"/>
- <button label="&escOK;" oncommand="DoPhoneHomeConfigClose();" />
+ <button label="&escOK;" oncommand="DoPhoneHomeConfigClose();" accesskey="&OK.accesskey;" />
</hbox>
<spacer flex="1" style="min-height: 20px" />
</groupbox>
Index: esc.css
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/esc.css,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- esc.css 9 Feb 2007 21:46:47 -0000 1.4
+++ esc.css 7 May 2007 23:49:23 -0000 1.5
@@ -40,7 +40,7 @@
#logoImage {
- list-style-image: url(logo.gif);
+ list-style-image: url(esc.png);
}
#cylonImage {
Index: esc.xul
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/esc.xul,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- esc.xul 9 Feb 2007 21:42:19 -0000 1.5
+++ esc.xul 7 May 2007 23:49:23 -0000 1.6
@@ -151,8 +151,8 @@
</groupbox>
<hbox id = "enrollment_button_box">
<spacer flex = "4"/>
- <button id="closebtn" label ="&closeNow;" oncommand="HideEnrollmentPage()"/>
- <button id="enrollbtn" label = "&enrollKeyNow;" oncommand="DoShowFullEnrollmentUI();" hidden="true" disabled="false"/>
+ <button id="closebtn" label ="&closeNow;" oncommand="HideEnrollmentPage()" accesskey="&Close.accesskey;"/>
+ <button id="enrollbtn" label = "&enrollKeyNow;" oncommand="DoShowFullEnrollmentUI();" hidden="true" disabled="false" accesskey="&Enroll.accesskey;"/>
<spacer class="horSpacerShort"/>
</hbox>
</vbox>
Index: password.js
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/password.js,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- password.js 27 Sep 2006 17:30:36 -0000 1.2
+++ password.js 7 May 2007 23:49:23 -0000 1.3
@@ -16,6 +16,9 @@
* END COPYRIGHT BLOCK **/
var parentWindow = window.opener;
+var gStringBundle=null;
+
+loadStringBundle();
function doOperation()
{
@@ -57,16 +60,16 @@
if(reenterpintf_obj)
rpinVal = reenterpintf_obj.value;
- if (! pinVal && pintf_obj)
+ if (!pinVal && pintf_obj)
{
- MyAlert("You must provide a valid Token PIN!");
- return null;
+ MyAlert(getBundleString("errorProvideTokenPIN"));
+ return null;
}
- if ( pinVal != rpinVal && reenterpintf_obj)
+ if ( pinVal != rpinVal )
{
- MyAlert("The PIN values you entered don't match!");
- return null;
+ MyAlert(getBundleString("errorMatchPinValues"));
+ return null;
}
return pinVal;
@@ -75,4 +78,27 @@
function PasswordLoad()
{
window.sizeToContent();
+ var pintf_obj = document.getElementById("pintf");
+ if(pintf_obj)
+ pintf_obj.focus();
+}
+
+//String bundling related functions
+
+function loadStringBundle()
+{
+ gStringBundle = document.getElementById("esc_strings");
+}
+
+function getBundleString(string_id)
+{
+ var str = null;
+
+ if(!string_id || !gStringBundle)
+ return null;
+
+ str = gStringBundle.getString(string_id);
+
+ return str;
}
+
Index: security.xul
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/security.xul,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- security.xul 9 Feb 2007 21:49:03 -0000 1.1
+++ security.xul 7 May 2007 23:49:23 -0000 1.2
@@ -38,6 +38,6 @@
</groupbox>
<hbox >
<spacer flex="3"/>
- <button id="closebtn" label ="&closeNow;" oncommand="window.close();"/>
+ <button id="closebtn" label ="&closeNow;" oncommand="window.close();" accesskey="&Close.accesskey;"/>
</hbox>
</window>
Index: settings.xul
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/settings.xul,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- settings.xul 9 Feb 2007 21:39:22 -0000 1.5
+++ settings.xul 7 May 2007 23:49:23 -0000 1.6
@@ -72,14 +72,14 @@
<listcol flex="1"/>
<listcol flex="1"/>
<listcol flex="1"/>
- <listcol flex="1"/>
+ <!-- <listcol flex="1"/> -->
</listcols>
<listhead>
<listheader />
<listheader flex="3" class="headerText" label="&keyIssuer;"/>
<listheader flex="4" class="headerText" label="&keyIssuedTo;"/>
<listheader flex="3" class="headerText" label="&keyStatus;"/>
- <listheader flex="1" class="headerText" label="&keyProgress;"/>
+ <!-- <listheader flex="1" class="headerText" label="&keyProgress;"/> -->
</listhead>
</listbox>
</groupbox>
@@ -132,31 +132,34 @@
<spacer class="verticalSpacer"/>
</description>
- <button class="buttonText" id="formatbtn" label="&doFormat;" oncommand="DoFormatCoolKey('userKey')" disabled="true" hidden = "false"/>
+ <button class="buttonText" id="formatbtn" label="&doFormat;" oncommand="DoFormatCoolKey('userKey')" disabled="true" hidden = "false" accesskey="&Format.accesskey;"/>
- <button class="buttonText" id="enrollbtn" label="&doEnroll;" oncommand="DoCollectPassword('enroll');" disabled="true" hidden="false"/>
+ <button class="buttonText" id="enrollbtn" label="&doEnroll;" oncommand="DoCollectPassword('enroll');" disabled="true" hidden="false" accesskey="&Enroll.accesskey;"/>
- <button class="buttonText" id="resetpinbtn" label="&doResetPin;" oncommand="DoCollectPassword('resetpin');" disabled="true" hidden="false"/>
+ <button class="buttonText" id="resetpinbtn" label="&doResetPin;" oncommand="DoCollectPassword('resetpin');" disabled="true" hidden="false" accesskey="&ResetPin.accesskey;"/>
-
-<!-- <button class="buttonText" id="viewcertsbtn" label="&doViewCerts;" oncommand="launchCertViewer()" disabled="true" hidden="false"/>
-
- <button class="buttonText" id="advancedbtn" label="&advancedInfo;" disabled="true" hidden="false" oncommand="DoShowAdvancedInfo();"/>
--->
</vbox>
</groupbox>
</hbox>
<hbox id = "enrollment_button_box" >
- <button class="buttonText" id="viewcertsbtn" label="&doViewCerts;" oncommand="launchCertViewer()" disabled="true" hidden="false"/>
- <button class="buttonText" id="advancedbtn" label="&advancedInfo;" disabled="true" hidden="false" oncommand="DoShowAdvancedInfo();"/>
+ <button class="buttonText" id="viewcertsbtn" label="&doViewCerts;" oncommand="launchCertViewer()" disabled="true" hidden="false" accesskey="&ViewCerts.accesskey;"/>
+ <button class="buttonText" id="advancedbtn" label="&advancedInfo;" disabled="true" hidden="false" oncommand="DoShowAdvancedInfo();" accesskey="&Diagnostics.accesskey;"/>
<spacer flex = "1"/>
<checkbox id="enrolled_key_browser" label="&dontLaunchBrowser;" checked="false" oncommand="DoHandleEnrolledBrowserLaunch(); " hidden="true" disabled="false" />
<spacer flex = "1"/>
- <button class="buttonText" id="closebtn" label ="&closeAdminLater;" oncommand="HideAdminPage();"/>
+ <button class="buttonText" id="closebtn" label ="&closeAdminLater;" oncommand="HideAdminPage();" accesskey="&Close.accesskey;"/>
<spacer class="horSpacerShort"/>
</hbox>
<!-- </groupbox> -->
+
+ <popupset>
+ <menupopup id="adminkeymenu">
+ <menuitem label="&doFormat;" id="menu-format" oncommand="DoFormatCoolKey('userKey');"/>
+ <menuitem label="&doEnroll;" id="menu-enroll" oncommand="DoCollectPassword('enroll');"/>
+ <menuitem label="&doResetPin;" id="menu-resetpassword" oncommand="DoCollectPassword('resetpin');"/>
+ </menupopup>
+</popupset>
</window>
16 years, 11 months
- 1
- 0