First of changes for the CASA ATS Enhancements.

2007-05-09 15:05:13 +00:00 · 2007-05-09 15:05:13 +00:00 · 3e1ae8bbf0
commit 3e1ae8bbf0
parent 9811014d20
10 changed files with 1613 additions and 280 deletions
--- a/CASA-auth-token/yast2-casa-ats/MAINTAINER
+++ b/CASA-auth-token/yast2-casa-ats/MAINTAINER
@ -1 +1 @@
-Ryan Partridge <rpartridge@novell.com>
+Juan Carlos Luciani <jluciani@novell.com>
--- a/CASA-auth-token/yast2-casa-ats/src/CasaAts.ycp
+++ b/CASA-auth-token/yast2-casa-ats/src/CasaAts.ycp
@ -24,7 +24,8 @@
 * File:	modules/CasaAts.ycp
 * Package:	Configuration of casa-ats
 * Summary:	CasaAts settings, input and output functions
- * Authors:	Ryan Partridge <rpartridge@novell.com>
+ * Authors:	Juan Carlos Luciani <jluciani@novell.com>
+ *         	Ryan Partridge <rpartridge@novell.com>
 *
 * $Id: CasaAts.ycp 27914 2006-02-13 14:32:08Z locilka $
 *
@ -45,6 +46,18 @@ import "SuSEFirewall";
 import "FileUtils";
 import "Service";

+/**
+ * Configuration File and Command Paths.
+ *
+ */
+string trustedServerConfigFile = "/tmp/trusted_ats.conf";
+string svcSettingsFile = "/etc/CASA/authtoken/svc/svc.settings";
+string svcSettingsEditor = "/usr/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.sh";
+string authPolicyFile = "/etc/CASA/authtoken/svc/auth.policy";
+string authPolicyEditor = "/usr/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.sh";
+string iaRealmsFile = "/etc/CASA/authtoken/svc/iaRealms.xml";
+string iaRealmsEditor = "/usr/share/java/CASA/authtoken/bin/CasaIaRealmsEditor.sh";
+
 /**
 * Settings Map
 */
@ -53,13 +66,13 @@ global map Settings = $[];
 string port = "2645";
 string service_name = "casa_atsd";

+
+
 /**
 * Prototypes
 */
 global boolean Modified();

-boolean ModifyFirewallPort();
-
 /**
 * Data was modified?
 */
@ -102,22 +115,57 @@ global boolean Modified() {
    return modified;
 }

+global boolean IsPortOpen()
+{
+    return contains(SuSEFirewall::GetAdditionalServices("TCP", "EXT"), port);
+}
+
+boolean ModifyFirewallPort()
+{
+    boolean retVal = false;
+    list<string> services = SuSEFirewall::GetAdditionalServices("TCP", "EXT");
+    if (!contains(services, port) && Settings["CONFIG_CASAATS_DIRECT_ACCESS"]:false)
+    {
+        services = add(services, port);
+        retVal = true;
+    }
+    else if (contains(services, port) && !Settings["CONFIG_CASAATS_DIRECT_ACCESS"]:false)
+    {
+        services = filter(string service, services,
+            {
+                return (service != port);
+            }
+        );
+        retVal = true;
+    }
+    if (retVal)
+    {
+        SuSEFirewall::SetAdditionalServices("TCP", "EXT", services);
+    }
+    return retVal;
+}
+
 /**
 * Read all casa-ats settings
 * @return true on success
 */
 global boolean Read() {

+	y2milestone("Read Executing");
+
+	string cmd = "";
+	map ret = $[];
+	integer exit = -1;
+
    /* CasaAts read dialog caption */
    string caption = _("Initializing CASA ATS Configuration");

-    // TODO FIXME Set the right number of stages
+    // Read stages
    integer steps = 2;

    integer sl = 500;
    sleep(sl);

-    // TODO FIXME Names of real stages
    // We do not set help text here, because it was set outside
    Progress::New( caption, " ", steps, [
 	    /* Progress stage 1/2 */
@ -135,28 +183,200 @@ global boolean Read() {
 	""
    );

-    // read settings file
+    // Read settings
    if (Abort()) return false;
    Progress::NextStage();
-    if (FileUtils::Exists("/etc/sysconfig/casa-ats"))
-    {
+
+	// Set defaults
+	Settings["CONFIG_CASAATS_ENABLE"] = false;
+	Settings["CONFIG_CASAATS_DIRECT_ACCESS"] = true;
+	Settings["CONFIG_CASAATS_WEB_ACCESS"] = false;
+	Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"] = 60;
+
+    if (FileUtils::Exists("/etc/sysconfig/casa-ats")) {
        Settings["CONFIG_CASAATS_ENABLE"] = tolower((string)SCR::Read(.sysconfig.casa-ats.CONFIG_CASAATS_ENABLE)) == "yes";
-        Settings["CONFIG_CASAATS_REALM"] = (string)SCR::Read(.sysconfig.casa-ats.CONFIG_CASAATS_REALM);
-        Settings["CONFIG_CASAATS_HOST"] = (string)SCR::Read(.sysconfig.casa-ats.CONFIG_CASAATS_HOST);
-        Settings["CONFIG_CASAATS_PROXY_USERNAME"] = (string)SCR::Read(.sysconfig.casa-ats.CONFIG_CASAATS_PROXY_USERNAME);
-        string open_port = tolower((string)SCR::Read(.sysconfig.casa-ats.CONFIG_CASAATS_OPEN_PORT));
-        if (open_port != nil && open_port != "")
-        {
-            Settings["CONFIG_CASAATS_OPEN_PORT"] = open_port == "yes";
+		if ((Settings["CONFIG_CASAATS_ENABLE"]:false) == true) {
+			Settings["CONFIG_CASAATS_DIRECT_ACCESS"] = tolower((string)SCR::Read(.sysconfig.casa-ats.CONFIG_CASAATS_DIRECT_ACCESS)) == "yes";
+			Settings["CONFIG_CASAATS_WEB_ACCESS"] = tolower((string)SCR::Read(.sysconfig.casa-ats.CONFIG_CASAATS_WEB_ACCESS)) == "yes";
+
+			cmd = svcSettingsEditor + " -get ReconfigureInterval -file " + svcSettingsFile;
+			ret = (map) SCR::Execute(.target.bash_output, cmd);
+			integer exit = ret["exit"]:-1;
+			if (exit == 0) {
+				string cmd_output = ret["stdout"]:"";
+				list<string> output_lines = splitstring(cmd_output, "\n");
+				list<string> reconfigIntervalLineComponents = splitstring(output_lines[0]:"ReconfigureInterval=60", "=");
+				Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"] = tointeger(reconfigIntervalLineComponents[1]:"60");
+			}
+		}
+    }
+    if (false) Report::Error(_("Cannot read settings file."));
+    sleep(sl);
+
+	// Read the trusted server config 
+	y2milestone("Reading trusted server config");
+	list<string> trustedServerList = [];
+    if (SCR::Read(.target.size, trustedServerConfigFile) > 0) {
+		string trustedServerListString = (string) SCR::Read(.target.string, trustedServerConfigFile);
+		if (trustedServerListString != nil) {
+			trustedServerList = splitstring(trustedServerListString, "\n");
+		}
+		else {
+			y2error("Failed to read from " + trustedServerConfigFile);
+		}
+	}
+	Settings["CONFIG_CASAATS_TRUSTED"] = trustedServerList;
+
+	// Check if we need to read the server configuration
+	if ((Settings["CONFIG_CASAATS_ENABLE"]:false) == true) {
+
+		// Read the auth.policy information
+		cmd = sformat("%1 -list -file %2", authPolicyEditor, authPolicyFile);
+		ret = (map) SCR::Execute(.target.bash_output, cmd);
+		map<string, map> authPolicy = $[];
+		exit = ret["exit"]:-1;
+		if (exit != 0)
+			y2error("Failed to read realm info from " + iaRealmsFile);
+		else {
+			string cmd_output = ret["stdout"]:"";
+			list<string> authPolicyLines = splitstring(cmd_output, "\n");
+			string realmId = "";
+			string mechanism = "";
+			foreach(string line, authPolicyLines, {
+				if (tolower(line) == "auth_source:") {
+					realmId = "";
+					mechanism = "";
 				}
 				else
 				{
-            Settings["CONFIG_CASAATS_OPEN_PORT"] = true;
+					list<string> lineComponents = splitstring(line, "\t");
+					foreach(string component, lineComponents, {
+						if (component != "") {
+							list<string> settingValue = splitstring(component, ":");
+							if (tolower(settingValue[0]:"") == "identity source") {
+								realmId = settingValue[1]:"";
+							}
+							else if (tolower(settingValue[0]:"") == "authentication mechanism") {
+								mechanism = settingValue[1]:"";
+							}
+						}
+					});
+				}
+
+				if (realmId != "" && mechanism != "") {
+					map<string, boolean> authMechs = (map<string, boolean>) authPolicy[realmId]:$[];
+					authMechs[mechanism] = true;
+					authPolicy[realmId] = authMechs;
+				}
+			});
+		}
+
+		// Get a list of the configured realms in the iaRealms.xml file
+		cmd = iaRealmsEditor + " -list -file " + iaRealmsFile;
+		ret = (map) SCR::Execute(.target.bash_output, cmd);
+		exit = ret["exit"]:-1;
+		if (exit != 0)
+			y2error("Failed to read configured realms from " + iaRealmsFile);
+		else {
+			string cmd_output = ret["stdout"]:"";
+			list<string> realmIdList = splitstring(cmd_output, "\n");
+			map<string, map> realms = $[];
+
+			// Read the information about each realm
+			foreach(string realmId, realmIdList, {
+				// Make sure that it is a valid id
+				if (realmId != "") {
+					// Read the realm info from the iaRealms.xml file
+					cmd = sformat("%1 -get %2 -file %3", iaRealmsEditor, realmId, iaRealmsFile);
+					ret = (map) SCR::Execute(.target.bash_output, cmd);
+					exit = ret["exit"]:-1;
+					if (exit != 0)
+						y2error("Failed to read realm info from " + iaRealmsFile);
+					else {
+						cmd_output = ret["stdout"]:"";
+						list<string> realmIdComponents = splitstring(cmd_output, "\n");
+						map realm = $[];
+						list<string> ldapUrls = [];
+						list<string> searchRoots = [];
+						string stage = "";
+	
+						realm["REALM_ID"] = realmId;
+	
+						foreach(string component, realmIdComponents, {
+							if (tolower(component) == "dirtype") {
+								stage = "DirType";
+							}
+							else if (tolower(component) == "searchroots") {
+								stage = "SearchRoots";
+							}
+							else if (tolower(component) == "ldapurls") {
+								stage = "LdapUrls";
+							}
+							else {
+								if (stage == "DirType") {
+									if (component == "\teDir") {
+										y2milestone("%1 is eDir", realmId);
+										realm["EDIR_TYPE"] = true;
+										realm["AD_TYPE"] = false;
+									}
+									else {
+										y2milestone("%1 is %2", realmId, component);
+										realm["EDIR_TYPE"] = false;
+										realm["AD_TYPE"] = true;
+									}
+								}
+								else if (stage == "SearchRoots") {
+									list<string> ctxList = splitstring(component, "\t");
+									foreach(string value, ctxList, {
+										if (value != "") {
+											y2milestone("%1 ctx added", value);
+											searchRoots = add(searchRoots, value);
+										}
+									});
+								}
+								else if (stage == "LdapUrls") {
+									list<string> urlList = splitstring(component, "\t");
+									foreach(string value, urlList, {
+										if (value != "") {
+											y2milestone("%1 url added", value);
+											ldapUrls = add(ldapUrls, value);
+										}
+									});
+								}
+								else {
+									y2error("Error reading realm information");
+								}
+							}
+						});
+						realm["LDAP_URL_LIST"] = ldapUrls;
+						realm["SEARCH_ROOT_LIST"] = searchRoots;
+
+						// Set the authentication mechanism information for the realm
+						map<string, boolean> authMechs = (map<string, boolean>) authPolicy[realmId]:$[];
+						if (authMechs != nil) {
+							if (authMechs["PwdAuthenticate"]:false == true) 
+								realm["PASSWD_MECH"] = true;
+							else
+								realm["PASSWD_MECH"] = false;
+
+							if (authMechs["Krb5Authenticate"]:false == true) 
+								realm["KRB_MECH"] = true;
+							else
+								realm["KRB_MECH"] = false;
+						}
+						else
+						{
+							y2error("Missing auth.policy info for " + realmId);
+						}
+
+						realms[realmId] = realm;
+					}
+				}
+			});
+			
+			Settings["CONFIG_CASAATS_REALMS"] = realms;
 		}
 	}
-    /* Error message */
-    if(false) Report::Error(_("Cannot read settings file."));
-    sleep(sl);

    // read firewall settings
    if (Abort()) return false;
@ -164,11 +384,13 @@ global boolean Read() {
    Progress::set(false);
    SuSEFirewall::Read();
    Progress::set(true);
+
    /* Error message */
    if (false) Report::Error(_("Cannot read firewall status."));
    sleep(sl);

    if (Abort()) return false;
+
    /* Progress finished */
    Progress::NextStage();
    Progress::Finish();
@ -185,70 +407,208 @@ global boolean Read() {
 */
 global boolean Write() {

-    /* CasaAts read dialog caption */
-    string caption = _("Saving CASA ATS Configuration");
+	y2milestone("Write Executing");

-    // TODO FIXME And set the right number of stages
-    integer steps = 4;
+    /* CasaAts read dialog caption */
+    string caption = _("Saving casa-ats Configuration");

    integer sl = 500;
    sleep(sl);

-    // TODO FIXME Names of real stages
-    // We do not set help text here, because it was set outside
+	// Set the stages depending on whether we are configuring the
+	// server or not.
+    integer steps = 0;
+	if ((Settings["CONFIG_CASAATS_ENABLE"]:false) == false) {
+		steps = 3;
 		Progress::New(caption, " ", steps, [
-	    /* Progress stage 1/4 */
-	    _("Write the settings"),
-	    /* Progress stage 2/4 */
-	    _("Execute configuration script"),
-	    /* Progress stage 3/4 */
+			/* Progress stage 1/3 */
+			_("Write the trusted server settings"),
+			/* Progress stage 2/3 */
+			_("Write the sysconfig settings"),
+			/* Progress stage 3/3 */
 			_("Update runlevel settings"),
-	    /* Progress stage 4/4 */
-	    _("Adjust firewall")
 		], [
-	    /* Progress step 1/4 */
-	    _("Writing the settings..."),
-	    /* Progress step 2/4 */
-	    _("Executing configuration script..."),
-	    /* Progress step 3/4 */
+			/* Progress step 1/3 */
+			_("Writing the trusted server settings..."),
+			/* Progress step 2/3 */
+			_("Writing the sysconfig settings..."),
+			/* Progress step 3/3 */
 			_("Updating runlevel settings..."),
-	    /* Progress step 4/4 */
-	    _("Adjusting firewall..."),
 			/* Progress finished */
 			_("Finished")
 		],
 		""
 		);
+	}
+	else
+	{
+		steps = 4;
+		Progress::New(caption, " ", steps, [
+			/* Progress stage 1/3 */
+			_("Write the trusted server settings"),
+			/* Progress stage 2/3 */
+			_("Write the sysconfig settings"),
+			/* Progress stage 4/4 */
+			_("Adjust firewall"),
+			/* Progress stage 3/3 */
+			_("Update runlevel settings")
+		], [
+			/* Progress step 1/3 */
+			_("Writing the trusted server settings..."),
+			/* Progress step 2/3 */
+			_("Writing the sysconfig settings..."),
+			/* Progress step 4/4 */
+			_("Adjusting firewall..."),
+			/* Progress step 3/3 */
+			_("Updating runlevel settings..."),
+			/* Progress finished */
+			_("Finished")
+		],
+		""
+		);
+	}

-    // write the settings in /etc/sysconfig/casa-ats
+    // Write the trusted server list
+    if (Abort()) return false;
+    Progress::NextStage();
+
+    // Create trusted server config file if it does not exists,
+	// otherwise backup.
+	y2milestone("Writing trusted server config");
+    if (SCR::Read(.target.size, trustedServerConfigFile) < 0)
+		SCR::Write(.target.string, trustedServerConfigFile, "");
+    else
+		SCR::Execute(.target.bash, "/bin/cp "+trustedServerConfigFile+" "+trustedServerConfigFile+".YaST2save");
+
+	// Update the trusted server config 
+    any ret = false;
+	list<string> trustedServerList = Settings["CONFIG_CASAATS_TRUSTED"]:[];
+	string trustedServerListString = "";
+    if (trustedServerList != []) {
+		// Merge all of the addresses onto the string
+		trustedServerListString = mergestring(trustedServerList, "\n");
+	}
+	ret = SCR::Write(.target.string, trustedServerConfigFile, trustedServerListString);
+    if (ret != true)
+      y2error("Failed to write to " + trustedServerConfigFile);
+
+    // Write the /etc/sysconfig/casa-ats settings
    if(Abort()) return false;
    Progress::NextStage();
    SCR::Write(.sysconfig.casa-ats.CONFIG_CASAATS_ENABLE, Settings["CONFIG_CASAATS_ENABLE"]:false ? "yes" : "no");
-    SCR::Write(.sysconfig.casa-ats.CONFIG_CASAATS_REALM, Settings["CONFIG_CASAATS_REALM"]:"");
-    SCR::Write(.sysconfig.casa-ats.CONFIG_CASAATS_HOST, Settings["CONFIG_CASAATS_HOST"]:"");
-    SCR::Write(.sysconfig.casa-ats.CONFIG_CASAATS_PROXY_USERNAME, Settings["CONFIG_CASAATS_PROXY_USERNAME"]:"");
-    SCR::Write(.sysconfig.casa-ats.CONFIG_CASAATS_OPEN_PORT, Settings["CONFIG_CASAATS_OPEN_PORT"]:true ? "yes" : "no");
-    /* Error message */
-    if(false) Report::Error (_("Cannot write settings."));
+	SCR::Write(.sysconfig.casa-ats.CONFIG_CASAATS_DIRECT_ACCESS, Settings["CONFIG_CASAATS_DIRECT_ACCESS"]:true ? "yes" : "no");
+	SCR::Write(.sysconfig.casa-ats.CONFIG_CASAATS_WEB_ACCESS, Settings["CONFIG_CASAATS_WEB_ACCESS"]:false ? "yes" : "no");
+    if (false) Report::Error (_("Cannot sysconfig settings."));
    sleep(sl);

-    // run the configure script
+	// Check if we need to save the server configuration
+	if ((Settings["CONFIG_CASAATS_ENABLE"]:false) == true) {
+
+		// Create svc.settings file
+		string cmd = "rm -f " + svcSettingsFile;
+		map ret = (map) SCR::Execute(.target.bash_output, cmd);
+		cmd = svcSettingsEditor + " -create -file " + svcSettingsFile;
+		ret = (map) SCR::Execute(.target.bash_output, cmd);
+		integer exit = ret["exit"]:-1;
+		if (exit != 0)
+			y2error("Failed to create " + svcSettingsFile);
+
+		// Write the reconfigure interval value
+		cmd = sformat("%1 -set ReconfigureInterval %2 -file %3",
+		              svcSettingsEditor,
+					  tostring(Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"]:60),
+					  svcSettingsFile);
+		ret = (map) SCR::Execute(.target.bash_output, cmd);
+		exit = ret["exit"]:-1;
+		if (exit != 0)
+			y2error("Failed to set reconfigure interval");
+
+		// Create the auth.policy file
+		cmd = "rm -f " + authPolicyFile;
+		ret = (map) SCR::Execute(.target.bash_output, cmd);
+		cmd = authPolicyEditor + " -create -file " + authPolicyFile;
+		ret = (map) SCR::Execute(.target.bash_output, cmd);
+		exit = ret["exit"]:-1;
+		if (exit != 0)
+			y2error("Failed to create " + authPolicyFile);
+
+		// Create the iaRealms.xml file
+		cmd = "rm -f " + iaRealmsFile;
+		ret = (map) SCR::Execute(.target.bash_output, cmd);
+		cmd = iaRealmsEditor + " -create -file " + iaRealmsFile;
+		ret = (map) SCR::Execute(.target.bash_output, cmd);
+		exit = ret["exit"]:-1;
+		if (exit != 0)
+			y2error("Failed to create " + iaRealmsFile);
+
+		// Add the real information to auth.policy and iaRealms.xml files
+		map<string, map> realms = (map<string, map>) CasaAts::Settings["CONFIG_CASAATS_REALMS"]:$[];
+		foreach (string key, map realm, realms, {
+			// Pull the realm parameters into local variables
+			string realmId = realm["REALM_ID"]:"";
+			boolean eDirType = realm["EDIR_TYPE"]:true;
+			boolean adType = realm["AD_TYPE"]:false;
+			boolean passwd_mech = realm["PASSWD_MECH"]:true;
+			boolean krb_mech = realm["KRB_MECH"]:false;
+			string proxy_username = realm["PROXY_USERNAME"]:"";
+			string proxy_password = realm["PROXY_PASSWD"]:"";
+			list<string> ldapUrls = realm["LDAP_URL_LIST"]:[];
+			list<string> searchRoots = realm["SEARCH_ROOT_LIST"]:[];
+
+			// Update the auth.policy
+			if (krb_mech == true) {
+				cmd = authPolicyEditor + " -append -entry " + realmId + ":Krb5Authenticate -file " + authPolicyFile;
+				ret = (map) SCR::Execute(.target.bash_output, cmd);
+				exit = ret["exit"]:-1;
+				if (exit != 0)
+					y2error("Failed to add entry to " + authPolicyFile);
+			}
+
+			if (passwd_mech == true) {
+				cmd = authPolicyEditor + " -append -entry " + realmId + ":PwdAuthenticate -file " + authPolicyFile;
+				ret = (map) SCR::Execute(.target.bash_output, cmd);
+				exit = ret["exit"]:-1;
+				if (exit != 0)
+					y2error("Failed to add entry to " + authPolicyFile);
+			}
+
+			// Update the iaRealms.xml file
+			if (eDirType)
+				cmd = sformat("%1 -set %2 -type eDir ", iaRealmsEditor, realmId);
+			else
+				cmd = sformat("%1 -set %2 -type ActiveDirectory ", iaRealmsEditor, realmId);
+			foreach (string url, ldapUrls, {
+				cmd = sformat("%1 -url %2", cmd, url);
+			});
+			foreach (string ctx, searchRoots, {
+				cmd = sformat("%1 -sr %2", cmd, ctx);
+			});
+			cmd = sformat("%1 -file %2", cmd, iaRealmsFile);
+			ret = (map) SCR::Execute(.target.bash_output, cmd);
+			exit = ret["exit"]:-1;
+			if (exit != 0)
+				y2error("Failed to set realm " + realmId);
+		});
+
+		// Adjust firewall as needed
 		if (Abort()) return false;
 		Progress::NextStage();
-    string cmd = "/usr/share/java/CASA/authtoken/bin/CasaBasicATSSetup.sh";
-    cmd = "PROXY_USER_PW=\"%1\" " + cmd;
-    cmd = "PROXY_USER_NAME=\"" + Settings["CONFIG_CASAATS_PROXY_USERNAME"]:"" + "\" " + cmd;
-    cmd = "LDAP_HOST_NAME=\"" + Settings["CONFIG_CASAATS_HOST"]:"" + "\" " + cmd;
-    cmd = "REALM=\"" + Settings["CONFIG_CASAATS_REALM"]:"" + "\" " + cmd;
-    y2milestone("Running CASA-ATS configuration script:");
-    y2milestone(cmd, "******");
-    map retval = (map)SCR::Execute(.target.bash_output, sformat(cmd, Settings["CONFIG_CASAATS_PROXY_PASSWORD"]:""));
-    y2milestone("Return code: %1", retval["exit"]:0);
-    /* Error message */
-    if(false) Report::Error (_("Error executing script."));
+		if (ModifyFirewallPort())
+		{
+			// write settings
+			Progress::set(false);
+			SuSEFirewall::WriteOnly();
+			if (!write_only)
+			{
+				SuSEFirewall::ActivateConfiguration();
+			}
+			Progress::set(true);
+		}
+		if (false) Report::Error (_("Error adjusting firewall."));
 		sleep(sl);
+	}

-    // enable/disable and start/stop service as needed
+    // Enable/disable and start/stop service as needed
    if (Abort()) return false;
    Progress::NextStage();
    if (Settings["CONFIG_CASAATS_ENABLE"]:false)
@ -277,28 +637,9 @@ global boolean Write() {
            Service::Stop(service_name);
        }
    }
-    /* Error message */
    if (false) Report::Error (_("Error updating runlevels."));
    sleep(sl);

-    // adjust firewall as needed
-    if(Abort()) return false;
-    Progress::NextStage();
-    if (ModifyFirewallPort())
-    {
-        // write settings
-        Progress::set(false);
-        SuSEFirewall::WriteOnly();
-        if (!write_only)
-        {
-            SuSEFirewall::ActivateConfiguration();
-        }
-        Progress::set(true);
-    }
-    /* Error message */
-    if(false) Report::Error (_("Error adjusting firewall."));
-    sleep(sl);
-
    if (Abort()) return false;
    /* Progress finished */
    Progress::NextStage();
@ -360,35 +701,5 @@ global map AutoPackages() {
    return $[ "install":[], "remove":[] ];
 }

-global boolean IsPortOpen()
-{
-    return contains(SuSEFirewall::GetAdditionalServices("TCP", "EXT"), port);
-}
-
-boolean ModifyFirewallPort()
-{
-    boolean retVal = false;
-    list<string> services = SuSEFirewall::GetAdditionalServices("TCP", "EXT");
-    if (!contains(services, port) && Settings["CONFIG_CASAATS_OPEN_PORT"]:false)
-    {
-        services = add(services, port);
-        retVal = true;
-    }
-    else if (contains(services, port) && !Settings["CONFIG_CASAATS_OPEN_PORT"]:false)
-    {
-        services = filter(string service, services,
-            {
-                return (service != port);
-            }
-        );
-        retVal = true;
-    }
-    if (retVal)
-    {
-        SuSEFirewall::SetAdditionalServices("TCP", "EXT", services);
-    }
-    return retVal;
-}
-
 /* EOF */
 }
--- a/CASA-auth-token/yast2-casa-ats/src/Makefile.am
+++ b/CASA-auth-token/yast2-casa-ats/src/Makefile.am
@ -2,6 +2,10 @@

 yncludedir = @yncludedir@/casa-ats

+theme22dir = @themedir@/NLD/icons/22x22/apps
+theme32dir = @themedir@/NLD/icons/32x32/apps
+theme48dir = @themedir@/NLD/icons/48x48/apps
+
 client_DATA =			\
 	casa-ats.ycp

@ -14,6 +18,13 @@ ynclude_DATA =			\
 desktop_DATA =			\
 	casa-ats.desktop

+theme22_DATA =  \
+        icon/22x22/yast-casa-ats.png
+theme32_DATA = \
+        icon/32x32/yast-casa-ats.png
+theme48_DATA = \
+        icon/48x48/yast-casa-ats.png
+
 module_DATA =			\
 	CasaAts.ycp

@ -22,6 +33,6 @@ casa-ats:
 	ln -sf . $@
 ycpchook = casa-ats

-EXTRA_DIST = $(client_DATA) $(ynclude_DATA) $(module_DATA) $(desktop_DATA)
+EXTRA_DIST = $(client_DATA) $(ynclude_DATA) $(module_DATA) $(desktop_DATA) $(theme48_DATA) $(theme32_DATA) $(theme22_DATA) 

 include $(top_srcdir)/Makefile.am.common
--- a/CASA-auth-token/yast2-casa-ats/src/dialogs.ycp
+++ b/CASA-auth-token/yast2-casa-ats/src/dialogs.ycp
--- a/CASA-auth-token/yast2-casa-ats/src/icon/22x22/authToken_22.png
+++ b/CASA-auth-token/yast2-casa-ats/src/icon/22x22/authToken_22.png
--- a/CASA-auth-token/yast2-casa-ats/src/icon/32x32/authToken_32.png
+++ b/CASA-auth-token/yast2-casa-ats/src/icon/32x32/authToken_32.png
--- a/CASA-auth-token/yast2-casa-ats/src/icon/48x48/authToken_48.png
+++ b/CASA-auth-token/yast2-casa-ats/src/icon/48x48/authToken_48.png
--- a/CASA-auth-token/yast2-casa-ats/src/wizards.ycp
+++ b/CASA-auth-token/yast2-casa-ats/src/wizards.ycp
@ -24,7 +24,8 @@
 * File:	include/casa-ats/wizards.ycp
 * Package:	Configuration of casa-ats
 * Summary:	Wizards definitions
- * Authors:	Ryan Partridge <rpartridge@novell.com>
+ * Authors:	Juan Carlos Luciani <jluciani@novell.com>
+ *         	Ryan Partridge <rpartridge@novell.com>
 *
 * $Id: wizards.ycp 27914 2006-02-13 14:32:08Z locilka $
 */
@ -45,17 +46,15 @@ include "casa-ats/dialogs.ycp";
 */
 any AddSequence() {

-    /* FIXME: adapt to your needs */
    map aliases = $[
-	"atsinfo"	: ``(ATSInfoDialog()),
+	"config1"	: ``(Configure1Dialog()),
    ];

-    /* FIXME: adapt to your needs */
    map sequence = $[
 	"ws_start" : "config1",
-	"atsinfo" : $[
+	"config1" : $[
 	    `abort	: `abort,
-	    `next	: `next
+	    `next	: "config2"
 	]
    ];

@ -68,15 +67,13 @@ any AddSequence() {
 */
 any MainSequence() {

-    /* FIXME: adapt to your needs */
    map aliases = $[
-	"atsinfo"	:   ``( ATSInfoDialog() )
+		"config1"	:   ``( StartConfigDialog() )
    ];

-    /* FIXME: adapt to your needs */
    map sequence = $[
-	"ws_start" : "atsinfo",
-	"atsinfo" : $[
+		"ws_start" : "config1",
+		"config1" : $[
 			`abort	: `abort,
 			`next	: `next
 		]
--- a/CASA-auth-token/yast2-casa-ats/testsuite/Makefile.am
+++ b/CASA-auth-token/yast2-casa-ats/testsuite/Makefile.am
@ -1,21 +0,0 @@
-#
-# Makefile.am for .../testsuite
-#
-# Do not edit this file (Makefile.am) as it will be overwritten!
-#
-
-AUTOMAKE_OPTIONS = dejagnu
-EXTRA_DIST = $(wildcard tests/*.out) $(wildcard tests/*.err) $(wildcard tests/*.ycp) $(wildcard tests/*.yh)
-
-testsuite_prepare = @ydatadir@/testsuite/Makefile.testsuite
-
-all-local: $(testsuite_prepare)
-	make -f $(testsuite_prepare) RPMNAME=$(RPMNAME) srcdir=$(srcdir)
-
-clean-local: $(testsuite_prepare)
-	make -f $(testsuite_prepare) RPMNAME=$(RPMNAME) srcdir=$(srcdir) clean
-
-check-local: $(testsuite_prepare)
-	make -f $(testsuite_prepare) RPMNAME=$(RPMNAME) srcdir=$(srcdir) check
-
-# EOF
--- a/CASA-auth-token/yast2-casa-ats/yast2-casa-ats.spec.in
+++ b/CASA-auth-token/yast2-casa-ats/yast2-casa-ats.spec.in
@ -1,8 +1,8 @@
@HEADER-COMMENT@

@HEADER@
-Requires:	yast2
-BuildRequires:	perl-XML-Writer update-desktop-files yast2 yast2-devtools yast2-testsuite
+Requires:	yast2 CASA_auth_token_svc
+BuildRequires:	perl-XML-Writer update-desktop-files yast2 yast2-devtools yast2-testsuite CASA_auth_token_svc yast2-themes-NLD

 BuildArchitectures:	noarch

@ -28,4 +28,7 @@ Summary:	Configuration of casa-ats
@clientdir@/*.ycp
@moduledir@/CasaAts.*
@desktopdir@/casa-ats.desktop
+@themedir@/NLD/icons/22x22/apps/*.png
+@themedir@/NLD/icons/32x32/apps/*.png
+@themedir@/NLD/icons/48x48/apps/*.png
 %doc @docdir@