From 81da1834b027bc2c330d2717f5df463ea758c539 Mon Sep 17 00:00:00 2001 From: Todd Zullinger Date: May 11 2018 21:04:50 +0000 Subject: Remove obsolete fedora-packager-setup Fedora replaced koji certificates with kerberos in 2016¹, making this script unneeded. ¹ https://fedoraproject.org/wiki/ReleaseEngineering/FlagDay2016 Signed-off-by: Todd Zullinger --- diff --git a/.gitignore b/.gitignore index 2fd5a7c..04d242d 100644 --- a/.gitignore +++ b/.gitignore @@ -13,7 +13,6 @@ fedora-packager*.tar.bz2 install-sh missing fedora-cvs -fedora-packager-setup .project .pydevproject *.pyc diff --git a/Makefile.am b/Makefile.am index f9d790c..05c7bae 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,4 +1,4 @@ -bin_SCRIPTS = fedora-packager-setup \ +bin_SCRIPTS = \ fedoradev-pkgowners \ fedora-cert \ fedora-getsvn \ @@ -11,7 +11,7 @@ sbin_SCRIPTS = fedora-burn-yubikey CLEANFILES = $(bin_SCRIPTS) $(sbin_SCRIPTS) -EXTRA_DIST = src/fedora-packager-setup.py \ +EXTRA_DIST = \ src/fedoradev-pkgowners \ src/fedora-cert.py \ src/fedora-getsvn \ @@ -20,10 +20,6 @@ EXTRA_DIST = src/fedora-packager-setup.py \ src/rpmbuild-md5 \ src/secondary-koji -fedora-packager-setup: $(srcdir)/src/fedora-packager-setup.py - rm -f fedora-packager-setup - install -p -m 755 -T $(srcdir)/src/fedora-packager-setup.py fedora-packager-setup - fedoradev-pkgowners: $(srcdir)/src/fedoradev-pkgowners rm -f fedoradev-pkgowners install -p -m 755 -T $(srcdir)/src/fedoradev-pkgowners fedoradev-pkgowners diff --git a/src/fedora-packager-setup.py b/src/fedora-packager-setup.py deleted file mode 100755 index e9bdeda..0000000 --- a/src/fedora-packager-setup.py +++ /dev/null @@ -1,123 +0,0 @@ -#!/usr/bin/python -# Copyright (C) 2007, 2008, 2009, 2010 Dennis Gilmore -# Copyright (C) 2009 Stewart Adam -# This file is part of fedora-packager. - -# fedora-packager is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 2 of the License, or -# (at your option) any later version. - -# fedora-packager is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with fedora-packager. If not, see . - -import os -import sys -import fedora_cert -import pycurl -import argparse - - -def generate_browser_cert(): - '''Convert the user cert to the format for importing into a browser''' - os.system('/usr/bin/openssl pkcs12 -export -in ~/.fedora.cert -CAfile ~/.fedora-upload-ca.cert -out ~/fedora-browser-cert.p12') - - print(""" - -Browser certificate exported to ~/fedora-browser-cert.p12 -To import the certificate into Firefox: - -Edit -> Preferences -> Advanced -Click "View Certificates" -On "Your Certificates" tab, click "Import" -Select ~/fedora-browser-cert.p12 -Type the export passphrase you chose earlier - -Once imported, you should see a certificate named "Fedora Project". -Your username should appear underneath this. - -You should now be able to click the "login" link at http://koji.fedoraproject.org/koji/ successfully. - -importing the certificate is optional and not needed for daily use. -you should also import the ca cert at ~/.fedora-upload-ca.cert - """) - - -def download_cert(location, file): - '''Download the cert and write to file''' - fp = open(file, 'wb') - curl = pycurl.Curl() - curl.setopt(pycurl.URL, location) - curl.setopt(pycurl.FOLLOWLOCATION, 1) - curl.setopt(pycurl.MAXREDIRS, 5) - curl.setopt(pycurl.CONNECTTIMEOUT, 30) - curl.setopt(pycurl.TIMEOUT, 300) - curl.setopt(pycurl.NOSIGNAL, 1) - curl.setopt(pycurl.WRITEDATA, fp) - try: - curl.perform() - except: - import traceback - traceback.print_exc(file=sys.stderr) - sys.stderr.flush() - curl.close() - fp.close() - print("Saved: %s" % file) - -def parse_args(): - parser = argparse.ArgumentParser() - parser.add_argument( - '-w', '--with-browser-cert', dest='browser_cert', - default=False, action='store_true', - help="Also generate a browser certificate" - ) - parser.add_argument( - '-U', '--url', dest='fas_url', metavar='url', - default='https://admin.fedoraproject.org/accounts/', - help='FAS URL (Default: https://admin.fedoraproject.org/accounts/' - ) - return parser.parse_args() - -def main(): - args = parse_args() - user_home = os.path.expanduser('~') - print('Setting up Fedora packager environment') - user_cert = os.path.join(user_home, '.fedora.cert') - upload_ca_cert = os.path.join(user_home, '.fedora-upload-ca.cert') - server_ca_cert = os.path.join(user_home, '.fedora-server-ca.cert') - if not os.path.isfile(user_cert): - print('''You need a client certificate from the Fedora Account System, lets get one now''') - try: - fedora_cert.create_user_cert() - except fedora_cert.fedora_cert_error as e: - print(e) - sys.exit(1) - else: - #check if the cert has expired if it has lets get a new one - try: - if fedora_cert.certificate_expired(): - username = fedora_cert.read_user_cert() - print("Certificate has expired, getting a new one") - fedora_cert.create_user_cert(username) - except fedora_cert.fedora_cert_error as e: - print(e) - sys.exit(1) - - download_cert(args.fas_url + '/fedora-server-ca.cert', server_ca_cert) - if not os.path.islink(upload_ca_cert): - print('Linking: ~/.fedora-server-ca.cert to ~/.fedora-upload-ca.cert') - if os.path.exists(upload_ca_cert): - os.unlink(upload_ca_cert) - os.symlink(server_ca_cert, upload_ca_cert) - - if args.browser_cert: - print('Setting up Browser Certificates') - generate_browser_cert() - -if __name__ == "__main__": - main()