Changeset 16519


Ignore:
Timestamp:
Aug 10, 2016, 5:11:34 PM (3 years ago)
Author:
dcorreia
Message:

Back-end code refactoring.

Location:
internals/2016/linuxloginsmartcardwizard/trunk/proto1
Files:
1 added
3 edited

Legend:

Unmodified
Added
Removed
  • internals/2016/linuxloginsmartcardwizard/trunk/proto1/cardHelper.py

    r16493 r16519  
    11#!/usr/bin/env python3
    2 
    32import sys
    43
  • internals/2016/linuxloginsmartcardwizard/trunk/proto1/config.py

    r16501 r16519  
    11#!/usr/bin/python3
    22import os
    3 import subprocess
    4 import sys
    5 import shutil
    6 import inspect
    7 import cardHelper
    8 
    9 
    10 INSTALL_COMMAND = "apt-get install "        # Package installation
    11 HASHLINK_COMMAND = "pkcs11_make_hash_link"  # PKCS11 hash links creation
    12 WGET_COMMAND = "wget "                      # Download file with wget
    13 GUNZIP_COMMAND = "gunzip "                  # Extract zipped files with gunzip
    14 MV_COMMAND = "mv "                          # Move/Rename file
    15 INSPECT_COMMAND = "pkcs11_inspect"          # PKCS11 inspect card data
    16 COMMONAUTH = "/etc/pam.d/common-auth"       # PAM file with authentication configurations
     3import cardHelper, fileHelper
     4
     5# Commands
     6INSTALL_COMMAND = "apt-get install "
     7HASHLINK_COMMAND = "pkcs11_make_hash_link"
     8WGET_COMMAND = "wget "
     9GUNZIP_COMMAND = "gunzip "
     10MV_COMMAND = "mv "
     11OPENSSLX509_COMMAND = "openssl x509 -inform der -subject -noout -in "
     12
     13# Temporary output files
    1714TRASH_OUTPUT = open(os.devnull, "wb")       # Send output to trash file
     15TEMP_LOCALUSERS = "/tmp/tmp_localusers"
     16TEMP_CERTDATA = "/tmp/tmp_certdata"
     17
     18# PAM-PKCS#11
     19PAMPKCS11_DIRPATH = "/etc/pam_pkcs11"
     20PAMPKCS11_PACKAGE = "libpam-pkcs11"
     21PAMPKCS11_CONFIG = "/etc/pam_pkcs11/pam_pkcs11.conf"
     22GUNZIP_DIRPATH = "/usr/share/doc/libpam-pkcs11/examples/pam_pkcs11.conf.example.gz"
     23PTEID_MODULE = "pteid.txt"
    1824USEMODULE_OPTION = "use_pkcs11_module"      # Configuration option to choose the active module
    1925USEMAPPERS_OPTION = "use_mappers"           # Configuration option to choose the active mappers
    20 # PKCS11 update for common-auth
     26
     27# Cacerts
     28CACERTS_DIRPATH = "/etc/pam_pkcs11/cacerts"
     29ECRAIZ_CERT = "/usr/local/share/certs/ECRaizEstado_novo_assinado_GTE.der"
     30CC001_CERT = "/usr/local/share/certs/CartaodeCidadao001.der"
     31
     32# Crls
     33CRLS_DIRPATH = "/etc/pam_pkcs11/crls"
     34CRL_FILENAME = "cc_ec_cidadao_crl001_crl.crl"
     35CC_CRL_HTTP = "https://pki.cartaodecidadao.pt/publico/lrc/cc_ec_cidadao_crl001_crl.crl"
     36
     37# Mapping
     38SUBJECTMAPPING_EXAMPLE = "/usr/share/doc/libpam-pkcs11/examples/subject_mapping.example"
     39PAMPKCS11_MAPPING = "/etc/pam_pkcs11/subject_mapping"
     40
     41# Pam-configs
     42PAMCONFIG_EXAMPLE = "pkcs11.example"
     43PAMCONFIG = "/usr/share/pam-configs/pkcs11"
     44
     45# Pam-auth-update
     46COMMONAUTH = "/etc/pam.d/common-auth"       # PAM file with authentication configurations
    2147PKCS11AUTH = "auth\tsufficient\tpam_pkcs11.so config_file=/etc/pam_pkcs11/pam_pkcs11.conf"
    22 REMOVEFILES_COMMAND = "rm "
    23 REMOVEDIRS_COMMAND = "rm -r "
    24 TEMP_LOCALUSERS = "/tmp/tmp_localusers"
    25 TEMP_CERTDATA = "/tmp/tmp_certdata"
    26 OPENSSLX509_COMMAND = "openssl x509 -inform der -subject -noout -in "
    27 
    28 
    29 def executeCommand(command, outputPath=None):
    30     """
    31     Executes a shell command and redirects output (optional)
    32     :param command: command to execute
    33     :param outputPath: path to redirect output (optional)
    34     :return: no return value
    35     """
    36     try:
    37         process = subprocess.Popen(command, shell=True, stdout=outputPath, stderr=subprocess.PIPE)
    38         process.wait()
    39         stderrData = process.stderr.read().decode().strip()
    40         if stderrData != "":
    41             print("DEBUG: executeCommand (%s) - %s" % (command, stderrData), file=sys.stderr)
    42         return True
    43     except subprocess.CalledProcessError as error:
    44         print("DEBUG: executeCommand (%s) - %s" % (command, error), file=sys.stderr)
    45         return False
    46 
    47 
    48 def executeCommandInDirectory(command, directoryPath, outputPath=None):
    49     """
    50     Executes a shell command in a specific directory and redirects output (optional)
    51     :param command: command to execute
    52     :param directoryPath: path of the directory
    53     :param outputPath: path to redirect output (optional)
    54     :return: no return value
    55     """
    56     oldDirectory = os.getcwd()
    57     os.chdir(directoryPath)
    58     if executeCommand(command, outputPath):
    59         os.chdir(oldDirectory)
    60         return True
    61     else:
    62         os.chdir(oldDirectory)
    63         return False
    64 
    65 
    66 def printDebugInfo(debugData):
    67     """
    68     Prints debug information
    69     :param debugData: string of debug data
    70     :return: no return value
    71     """
    72     print("DEBUG: %s - %s" % (inspect.stack()[1][3], debugData), file=sys.stderr)
    73 
    74 
    75 def installPackage(packageName):
     48
     49
     50def installPKCS11Package():
    7651    """
    7752    Installs package using apt-get
    78     :param packageName: name of the package
    79     :return: no return value
    80     """
    81     return executeCommand(INSTALL_COMMAND+packageName, TRASH_OUTPUT)
    82 
    83 
    84 def makeDirectory(directoryPath):
    85     """
    86     Creates a new directory
    87     :param directoryPath: path of the new directory
    88     :return: no return value
    89     """
    90     try:
    91         os.mkdir(directoryPath)
    92         printDebugInfo("created directory with path "+directoryPath)
    93     except OSError as error:
    94         printDebugInfo(error)
    95 
    96 
    97 def copyFileToDirectory(filePath, directoryPath):
    98     """
    99     Copy a file to a directory
    100     :param filePath: path of the file to copy
    101     :param directoryPath: path of the directory
    102     :return: no return value
    103     """
    104     try:
    105         shutil.copy2(filePath, directoryPath)
    106         return True
    107     except FileNotFoundError as error:
    108         printDebugInfo(error)
    109         return False
    110 
    111 
    112 def readFileToList(filePath):
    113     """
    114     Reads the file and returns a list with the content
    115     :param filePath: path of the file
    116     :return: list of strings with content of the file
    117     """
    118     return open(filePath, mode="r").readlines()
    119 
    120 
    121 def readFileToString(filePath):
    122     """
    123     Reads a file and returns a string with the content
    124     :param filePath: path of the file
    125     :return: string of content of the file
    126     """
    127     return "".join(readFileToList(filePath))
    128 
    129 
    130 def writeStringToFile(filePath, stringData):
    131     """
    132     Writes input string in the file
    133     :param filePath: path of the file
    134     :param stringData: string to write
    135     :return: no return value
    136     """
    137     open(filePath, mode="w").write(stringData)
    138 
    139 
    140 def writeListToFile(filePath, listData):
    141     """
    142     Write input list of data in the file
    143     :param filePath: path of the file
    144     :param listData: list of data to write
    145     :return: no return value
    146     """
    147     writeStringToFile(filePath, "".join(listData))
    148 
    149 
    150 def appendStringToFile(filePath, stringData):
    151     """
    152     Append input string to the end of the file
    153     :param filePath: path of the file
    154     :param stringData: string of data to write
    155     :return: no return value
    156     """
    157     open(filePath, mode="a").write(stringData)
    158 
    159 
    160 def makeHashLinks(directoryPath):
    161     """
    162     Make pkcs11 hash links in a directory
    163     :param directoryPath: path of directory
    164     :return: no return value
    165     """
    166     return executeCommandInDirectory(HASHLINK_COMMAND, directoryPath)
    167 
    168 
    169 def getCRLFile(crlWebLink, directoryPath):
     53    :return: no return value
     54    """
     55    return fileHelper.executeCommand(INSTALL_COMMAND + PAMPKCS11_PACKAGE, TRASH_OUTPUT)
     56
     57
     58def createConfigurationDirectories():
     59    fileHelper.makeDirectory(PAMPKCS11_DIRPATH)
     60    fileHelper.makeDirectory(CACERTS_DIRPATH)
     61    fileHelper.makeDirectory(CRLS_DIRPATH)
     62    # Copy pteid module data file to general directory
     63    return fileHelper.copyFileToDirectory(PTEID_MODULE, PAMPKCS11_DIRPATH)
     64
     65
     66def getCRLFile(crlWebLink):
    17067    """
    17168    Download crl file into a directory
    17269    :param crlWebLink: link of the crl file
    173     :param directoryPath: path of the directory
    174     :return: no return value
    175     """
    176     executeCommandInDirectory(WGET_COMMAND+crlWebLink, directoryPath)
    177 
    178 
    179 def makeConfigFile(configZipPath, configPath, directoryPath):
     70    :return: no return value
     71    """
     72    fileHelper.executeCommandInDirectory(WGET_COMMAND + crlWebLink, CRLS_DIRPATH)
     73
     74
     75def copyCacertsAndCrls():
     76    fileHelper.copyFileToDirectory(ECRAIZ_CERT, CACERTS_DIRPATH)
     77    fileHelper.copyFileToDirectory(CC001_CERT, CACERTS_DIRPATH)
     78
     79    # Get crl file from web link
     80    if not os.path.exists(os.path.join(CRLS_DIRPATH, CRL_FILENAME)):
     81        getCRLFile(CC_CRL_HTTP)
     82
     83
     84def makeHashLinks():
     85    """
     86    Make pkcs11 hash links in a directory
     87    :return: True on success and False otherwise
     88    """
     89    return fileHelper.executeCommandInDirectory(HASHLINK_COMMAND, CACERTS_DIRPATH)
     90
     91
     92def makeConfigFile():
    18093    """
    18194    Make pam_pkcs11.conf configuration file
    182     :param configZipPath: path of the configuration file example zip archive
    183     :param configPath: path to store the configuration file
    184     :param directoryPath: path of the directory for shell commands execution
    185     :return: no return value
    186     """
    187     copyFileToDirectory(configZipPath, directoryPath)
    188     executeCommandInDirectory(GUNZIP_COMMAND+"pam_pkcs11.conf.example.gz", directoryPath)
    189     executeCommandInDirectory(MV_COMMAND+"pam_pkcs11.conf.example "+configPath, directoryPath)
    190 
    191 
    192 def addConfigModule(moduleFileName, configPath):
     95    :return: no return value
     96    """
     97    fileHelper.copyFileToDirectory(GUNZIP_DIRPATH, PAMPKCS11_DIRPATH)
     98    fileHelper.executeCommandInDirectory(GUNZIP_COMMAND + "pam_pkcs11.conf.example.gz", PAMPKCS11_DIRPATH)
     99    fileHelper.executeCommandInDirectory(MV_COMMAND + "pam_pkcs11.conf.example " + PAMPKCS11_CONFIG, PAMPKCS11_DIRPATH)
     100
     101
     102def addConfigModule():
    193103    """
    194104    Add a configuration module to the pam_pkcs11.conf configuration file
    195     :param moduleFileName: name of the module data file
    196     :param configPath: path of the configuration file
    197     :return: no return value
    198     """
    199     configData = readFileToList(configPath)
    200     # add module at the end before the last bracket "}"
    201     configData[-1] = readFileToString(moduleFileName) + "\n" + configData[-1]
    202     writeListToFile(configPath, configData)
     105    :return: no return value
     106    """
     107    if "pteid" not in "".join(open(PAMPKCS11_CONFIG, mode="r").readlines()):
     108        configData = fileHelper.readFileToList(PAMPKCS11_CONFIG)
     109        # add module at the end before the last bracket "}"
     110        configData[-1] = fileHelper.readFileToString(PTEID_MODULE) + "\n" + configData[-1]
     111        fileHelper.writeListToFile(PAMPKCS11_CONFIG, configData)
    203112
    204113
     
    210119    :return: index where the token was found
    211120    """
    212     for i in range(0, len(listData)):
    213         if token in listData[i]:
    214             return i
    215 
    216 
    217 def setConfigurationOption(option, newValue, configPath):
     121    for index in range(0, len(listData)):
     122        if token in listData[index]:
     123            return index
     124
     125
     126def setConfigurationOption(option, newValue):
    218127    """
    219128    Sets value of a configuration option
    220129    :param option: the configuration option
    221130    :param newValue: the new value to be set
    222     :param configPath: path of the configuration file
    223     :return: no return value
    224     """
    225     configData = readFileToList(configPath)
     131    :return: no return value
     132    """
     133    configData = fileHelper.readFileToList(PAMPKCS11_CONFIG)
    226134    moduleIndex = getIndexOfToken(option, configData)
    227135    configData[moduleIndex] = "  " + option + " = " + newValue + ";\n"
    228     writeListToFile(configPath, configData)
    229 
    230 
    231 def changeUseModule(newModule, configPath):
     136    fileHelper.writeListToFile(PAMPKCS11_CONFIG, configData)
     137
     138
     139def changeUseModule(newModule):
    232140    """
    233141    Changes module of the use_pkcs11_module configuration option
    234142    :param newModule: new module to be used
    235     :param configPath: path of the configuration file
    236     :return: no return value
    237     """
    238     setConfigurationOption(USEMODULE_OPTION, newModule, configPath)
    239 
    240 
    241 def changeUseMappers(newMappers, configPath):
     143    :return: no return value
     144    """
     145    setConfigurationOption(USEMODULE_OPTION, newModule)
     146
     147
     148def changeUseMappers(newMappers):
    242149    """
    243150    Changes mappers of the use_mappers configuration option
    244151    :param newMappers: new mappers to be used
    245     :param configPath: path of the configuration file
    246     :return: no return value
    247     """
    248     setConfigurationOption(USEMAPPERS_OPTION, newMappers, configPath)
     152    :return: no return value
     153    """
     154    setConfigurationOption(USEMAPPERS_OPTION, newMappers)
     155
     156
     157def makeMappingFile():
     158    if not os.path.exists(PAMPKCS11_MAPPING):
     159        fileHelper.copyFileToDirectory(SUBJECTMAPPING_EXAMPLE, PAMPKCS11_MAPPING)
     160
     161
     162def makePamConfigFile():
     163    if not os.path.exists(PAMCONFIG):
     164        fileHelper.copyFileToDirectory(PAMCONFIG_EXAMPLE, PAMCONFIG)
    249165
    250166
    251167def getCardSubject():
     168    """
     169    Extracts subject mapper information from card inserted in the reader.
     170    :return: no return value
     171    """
    252172    cardHelper.init()
    253173    try:
    254174        baseOutputFileName, totalCerts = cardHelper.start()
    255175    except TypeError as error:
    256         printDebugInfo(error)
     176        fileHelper.printDebugInfo(error)
    257177        cardHelper.release()
    258178        return ""
     
    261181    for i in range(totalCerts):
    262182        certFile = baseOutputFileName+str(i)
    263         executeCommand(OPENSSLX509_COMMAND+certFile, open(TEMP_CERTDATA, mode="w"))
    264         deleteFile(certFile)
    265         certSubject = readFileToString(TEMP_CERTDATA)
     183        fileHelper.executeCommand(OPENSSLX509_COMMAND + certFile, open(TEMP_CERTDATA, mode="w"))
     184        fileHelper.deleteFile(certFile)
     185        certSubject = fileHelper.readFileToString(TEMP_CERTDATA)
    266186        if "Autentica" in certSubject and "serialNumber=" in certSubject:
    267187            # we only want the value so we remove the starting "subject= " -> 9 characters
     
    270190
    271191
    272 def hasUserCardCombo(mappingConfigPath, combo):
    273     mappings = readFileToList(mappingConfigPath)
     192def hasUserCardCombo(combo):
     193    """
     194    Checks if current user + card combo already exists.
     195    :param combo: combo to check
     196    :return: True if combo already exists and False otherwise
     197    """
     198    mappings = fileHelper.readFileToList(PAMPKCS11_MAPPING)
    274199    for line in mappings:
    275200        if line == combo:
     
    278203
    279204
    280 def addUserMapping(mappingConfigPath, username, certificate=None):
     205def addUserMapping(username, certificate=None):
    281206    """
    282207    Add a user mapping with a certificate
    283     :param mappingConfigPath: path of the mapping configurations file
    284208    :param username: name of the user
    285209    :param certificate: card subject certificate
     
    290214    try:
    291215        combo = certificate.strip() + " -> " + username + "\n"
    292         if not hasUserCardCombo(mappingConfigPath, combo):
    293             appendStringToFile(mappingConfigPath, combo)
    294             printDebugInfo("Added mapping for user '%s'" % username)
     216        if not hasUserCardCombo(combo):
     217            fileHelper.appendStringToFile(PAMPKCS11_MAPPING, combo)
     218            fileHelper.printDebugInfo("Added mapping for user '%s'" % username)
    295219        return True
    296220    except AttributeError as error:
    297         printDebugInfo(error)
    298         printDebugInfo("Failed to add mapping for user '%s'" % username)
     221        fileHelper.printDebugInfo(error)
     222        fileHelper.printDebugInfo("Failed to add mapping for user '%s'" % username)
    299223        return False
    300224
     
    305229    :return: no return value
    306230    """
    307     authData = readFileToList(COMMONAUTH)
     231    authData = fileHelper.readFileToList(COMMONAUTH)
    308232    pkcs11Index = getIndexOfToken("pam_pkcs11.so", authData)
    309233    unixIndex = getIndexOfToken("pam_unix.so", authData)
    310234
    311235    if pkcs11Index is None and mode == "enable":
    312         printDebugInfo("Enabling pam_pkcs11 at pam.d")
     236        fileHelper.printDebugInfo("Enabling pam_pkcs11 at pam.d")
    313237        authData[unixIndex] = PKCS11AUTH + "\n" + authData[unixIndex]
    314         writeListToFile(COMMONAUTH, authData)
     238        fileHelper.writeListToFile(COMMONAUTH, authData)
    315239
    316240    elif pkcs11Index is not None and mode == "disable":
    317         printDebugInfo("Disabling pam_pkcs11 at pam.d")
     241        fileHelper.printDebugInfo("Disabling pam_pkcs11 at pam.d")
    318242        authData[pkcs11Index] = ""
    319         writeListToFile(COMMONAUTH, authData)
     243        fileHelper.writeListToFile(COMMONAUTH, authData)
    320244
    321245
    322246def resetPamAuth():
     247    """
     248    Resets pam-auth-update to default settings.
     249    :return: no return value
     250    """
    323251    runPamAuthUpdate("disable")
    324252
    325253
     254def deleteConfigurations():
     255    print("Deleting smartcard login files and resetting login configurations")
     256    fileHelper.deleteDirectory(PAMPKCS11_DIRPATH)
     257    fileHelper.deleteFile(PAMCONFIG)
     258
     259
    326260def deleteTemporaryData():
    327     deleteFile(TEMP_LOCALUSERS)
    328     deleteFile(TEMP_CERTDATA)
    329 
    330 
    331 def deleteFile(filePath):
    332     executeCommand(REMOVEFILES_COMMAND + filePath)
    333 
    334 
    335 def deleteDirectory(directoryPath):
    336     executeCommand(REMOVEDIRS_COMMAND + directoryPath)
     261    """
     262    Deletes all temporary files used by the scripts.
     263    :return: no return value
     264    """
     265    fileHelper.deleteFile(TEMP_LOCALUSERS)
     266    fileHelper.deleteFile(TEMP_CERTDATA)
    337267
    338268
    339269def getMinUid():
    340     executeCommand("grep '^UID_MIN' /etc/login.defs", open(TEMP_LOCALUSERS, mode="w"))
    341     return [s for s in readFileToString(TEMP_LOCALUSERS).split() if s.isdigit()][0]
     270    """
     271    Gets minimum UID value.
     272    :return: value of minimum UID
     273    """
     274    fileHelper.executeCommand("grep '^UID_MIN' /etc/login.defs", open(TEMP_LOCALUSERS, mode="w"))
     275    return [s for s in fileHelper.readFileToString(TEMP_LOCALUSERS).split() if s.isdigit()][0]
    342276
    343277
    344278def getMaxUid():
    345     executeCommand("grep '^UID_MAX' /etc/login.defs", open(TEMP_LOCALUSERS, mode="w"))
    346     return [s for s in readFileToString(TEMP_LOCALUSERS).split() if s.isdigit()][0]
     279    """
     280    Gets maximum UID value.
     281    :return: value of maximum UID
     282    """
     283    fileHelper.executeCommand("grep '^UID_MAX' /etc/login.defs", open(TEMP_LOCALUSERS, mode="w"))
     284    return [s for s in fileHelper.readFileToString(TEMP_LOCALUSERS).split() if s.isdigit()][0]
    347285
    348286
    349287def listLocalUsers():
     288    """
     289    Lists local users (usernames used for login)
     290    :return: list of local users
     291    """
    350292    minUID = "min=" + getMinUid()
    351293    maxUID = "max=" + getMaxUid()
    352294    awkCmd = "awk -F':' -v '" + minUID + "' -v '" + maxUID + "' '{ if ( $3 >= min && $3 <= max) print $1 }' /etc/passwd"
    353     executeCommand(awkCmd, open(TEMP_LOCALUSERS, mode="w"))
    354     return [s.strip() for s in readFileToList(TEMP_LOCALUSERS)]
    355 
    356 
    357 
    358 
     295    fileHelper.executeCommand(awkCmd, open(TEMP_LOCALUSERS, mode="w"))
     296    return [s.strip() for s in fileHelper.readFileToList(TEMP_LOCALUSERS)]
  • internals/2016/linuxloginsmartcardwizard/trunk/proto1/main.py

    r16512 r16519  
    11#!/usr/bin/python3
    22import config
    3 import os
    4 
    5 # PAM-PKCS#11
    6 PAMPKCS11_PACKAGE = "libpam-pkcs11"
    7 PAMPKCS11_DIRPATH = "/etc/pam_pkcs11"
    8 PAMPKCS11_CONFIG = "/etc/pam_pkcs11/pam_pkcs11.conf"
    9 GUNZIP_DIRPATH = "/usr/share/doc/libpam-pkcs11/examples/pam_pkcs11.conf.example.gz"
    10 PTEID_MODULE = "pteid.txt"
    11 
    12 # Cacerts
    13 CACERTS_DIRPATH = "/etc/pam_pkcs11/cacerts"
    14 ECRAIZ_CERT = "/usr/local/share/certs/ECRaizEstado_novo_assinado_GTE.der"
    15 CC001_CERT = "/usr/local/share/certs/CartaodeCidadao001.der"
    16 
    17 # Crls
    18 CRLS_DIRPATH = "/etc/pam_pkcs11/crls"
    19 CRL_FILENAME = "cc_ec_cidadao_crl001_crl.crl"
    20 CC_CRL_HTTP = "https://pki.cartaodecidadao.pt/publico/lrc/cc_ec_cidadao_crl001_crl.crl"
    21 
    22 # Mapping
    23 SUBJECTMAPPING_EXAMPLE = "/usr/share/doc/libpam-pkcs11/examples/subject_mapping.example"
    24 PAMPKCS11_MAPPING = "/etc/pam_pkcs11/subject_mapping"
    25 
    26 # Pam-configs
    27 PAMCONFIG_EXAMPLE = "pkcs11.example"
    28 PAMCONFIG = "/usr/share/pam-configs/pkcs11"
    293
    304
    315def checkPackages():
    326    # Install PKCS#11 module for PAM
    33     return config.installPackage(PAMPKCS11_PACKAGE)
     7    return config.installPKCS11Package()
    348
    359
    3610def checkDirectories():
    3711    # Create directories to support configuration files
    38     config.makeDirectory(PAMPKCS11_DIRPATH)
    39     config.makeDirectory(CACERTS_DIRPATH)
    40     config.makeDirectory(CRLS_DIRPATH)
    41 
    42     # Copy pteid module data file to general directory
    43     return config.copyFileToDirectory(PTEID_MODULE, PAMPKCS11_DIRPATH)
     12    return config.createConfigurationDirectories()
    4413
    4514
    4615def copyCertificates():
    4716    # Copy certificate files to cacerts directory and make hash links
    48     config.copyFileToDirectory(ECRAIZ_CERT, CACERTS_DIRPATH)
    49     config.copyFileToDirectory(CC001_CERT, CACERTS_DIRPATH)
     17    config.copyCacertsAndCrls()
    5018
    51     # Get crl file from web link
    52     if not os.path.exists(os.path.join(CRLS_DIRPATH, CRL_FILENAME)):
    53         config.getCRLFile(CC_CRL_HTTP, CRLS_DIRPATH)
    54 
    55     return config.makeHashLinks(CACERTS_DIRPATH)
     19    return config.makeHashLinks()
    5620
    5721
    5822def setupConfigurationFiles():
    5923    # Generate pam_pkcs11.conf file
    60     config.makeConfigFile(GUNZIP_DIRPATH, PAMPKCS11_CONFIG, PAMPKCS11_DIRPATH)
     24    config.makeConfigFile()
    6125
    6226    # Add portuguese CC module to pam_pkcs11.conf file
    63     if "pteid" not in "".join(open(PAMPKCS11_CONFIG, mode="r").readlines()):
    64         config.addConfigModule(PTEID_MODULE, PAMPKCS11_CONFIG)
     27    config.addConfigModule()
    6528
    6629    # Change pkcs11 module to be used in pam_pkcs11.conf file
    67     config.changeUseModule("pteid", PAMPKCS11_CONFIG)
     30    config.changeUseModule("pteid")
    6831
    6932    # Change use_mappers to subject in pam_pkcs11.conf
    70     config.changeUseMappers("subject", PAMPKCS11_CONFIG)
     33    config.changeUseMappers("subject")
    7134
    7235    # Copy subject_mapping file to main configuration folder
    73     if not os.path.exists(PAMPKCS11_MAPPING):
    74         config.copyFileToDirectory(SUBJECTMAPPING_EXAMPLE, PAMPKCS11_MAPPING)
     36    config.makeMappingFile()
    7537
    7638    # Create the pkcs11 file with configuration info
    77     if not os.path.exists(PAMCONFIG):
    78         config.copyFileToDirectory(PAMCONFIG_EXAMPLE, PAMCONFIG)
    79 
     39    config.makePamConfigFile()
    8040    return True
    8141
     
    9454    if username is None:
    9555        username = input("Please write the username to be used in the mapping\n")
    96     if config.addUserMapping(PAMPKCS11_MAPPING, username, certificate):
     56    if config.addUserMapping(username, certificate):
    9757        # Simulate pam-auth-update manually to change content of common-auth
    9858        config.runPamAuthUpdate()
     
    10363
    10464def resetConfigurations():
    105     print("Deleting smartcard login files and reseting login configurations")
    106     config.deleteDirectory(PAMPKCS11_DIRPATH)
    107     config.deleteFile(PAMCONFIG)
     65    config.deleteConfigurations()
    10866    config.resetPamAuth()
    10967    config.deleteTemporaryData()
Note: See TracChangeset for help on using the changeset viewer.