X-Git-Url: https://pwan.org/git/?p=certmaster.git;a=blobdiff_plain;f=certmaster%2Fconfig.py;h=c6e917482e1eae7a938be3e0ef26254d40662799;hp=cac9394f01d56dc187e4e03eeac4fef4895feada;hb=67e8a55e10f81105cb76e7c1ff9d0615cf97dff5;hpb=1b1b6f5733d65cbb73f48ac9b4419aba3dc00eee

diff --git a/certmaster/config.py b/certmaster/config.py
index cac9394..c6e9174 100644
--- a/certmaster/config.py
+++ b/certmaster/config.py
@@ -17,7 +17,6 @@
 
 import os
 import sys
-import warnings
 import copy
 import urlparse
 from ConfigParser import NoSectionError, NoOptionError, ConfigParser
@@ -448,7 +447,7 @@ class BaseConfig(object):
         self.cfg.write(fileobj)
 
     def getConfigOption(self, option, default=None):
-        warnings.warn('getConfigOption() will go away in a future version of Yum.\n'
+        warnings.warn('getConfigOption() will go away in a future version of certmaster.\n'
                 'Please access option values as attributes or using getattr().',
                 DeprecationWarning)
         if hasattr(self, option):
@@ -456,7 +455,7 @@ class BaseConfig(object):
         return default
 
     def setConfigOption(self, option, value):
-        warnings.warn('setConfigOption() will go away in a future version of Yum.\n'
+        warnings.warn('setConfigOption() will go away in a future version of certmaster.\n'
                 'Please set option values as attributes or using setattr().',
                 DeprecationWarning)
         if hasattr(self, option):
@@ -478,23 +477,31 @@ def read_config(config_file, BaseConfigDerived):
 
     ## build up the cas structure
     opts.ca = {}
-    opts.ca[''] = {}
 
     ## Add the default items when just using a single ca
-    main_items = confparser.items('main')
-    for (key,value) in main_items:
-        if key in ['autosign','cadir','cert_dir','certroot','csrroot']:
-            opts.ca[''][key] = value
+    opts.ca[''] = BaseConfigDerived()
+    opts.ca[''].hash_function = None
+    opts.ca[''].populate(confparser,'main')
+
+    if opts.ca[''].hash_function == 'sha1':
+        log.warning('hash_function value of sha1 is deprecated', DeprecationWarning)
+    elif opts.ca[''].hash_function == 'md5':
+        print >> sys.stderr, "Error:  hash_function of md5 is not supported" 
 
     ## Add additonal ca sections
     sections = confparser.sections()
     for a_section in sections:
         if a_section.startswith('ca:'):
             ca_name = a_section[3:]
-            items = confparser.items(a_section)
-            opts.ca[ca_name] = {}
-            for (key,value) in items:
-                opts.ca[ca_name][key] = value
-                print 'opts.ca: %s %s %s' % (ca_name, key, value)
+            opts.ca[ca_name] = BaseConfigDerived()
+            opts.ca[ca_name].hash_function = None
+            opts.ca[ca_name].populate(confparser,a_section)
+            opts.ca[ca_name].cakey = None
+            opts.ca[ca_name].cacert = None
+
+            if opts.ca[ca_name].hash_function == 'sha1':
+                warnings.warn('hash_function value of sha1 is deprecated in ca:%s section' % ca_name, DeprecationWarning)
+            elif opts.ca[ca_name].hash_function == 'md5':
+                print >> sys.stderr, "Error:  hash_function of md5 is not supported in ca:% section" % ca_name 
     
     return opts