From a9a3137d7e75943be691a8b59de0343e96d5fe31 Mon Sep 17 00:00:00 2001
From: stea-uw <stea@uw.edu>
Date: Fri, 31 May 2024 15:10:41 -0700
Subject: [PATCH 1/2] Fix bug in warn script that was causing it to fail.

The field was renamed to 'username' probably
---
 cs.properties.tmpl | 2 +-
 util/settings.py   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/cs.properties.tmpl b/cs.properties.tmpl
index fa4ec7e..88193d1 100644
--- a/cs.properties.tmpl
+++ b/cs.properties.tmpl
@@ -13,7 +13,7 @@ cs.root=/data/local/cs
 # database parameters
 cs.db.host=iamdbdev11.cac.washington.edu
 cs.db.name=certservice
-cs.db.user=cs
+cs.db.username=cs
 cs.db.password=some_password
 
 # remote ca parameters
diff --git a/util/settings.py b/util/settings.py
index e53656e..94caa9d 100644
--- a/util/settings.py
+++ b/util/settings.py
@@ -19,7 +19,7 @@ def init(props, secrets):
     cp = configparser.RawConfigParser()
     cp.read_file(pfp)
     db_access = 'host=%s dbname=%s user=%s password=%s' % \
-                (cp.get('base', 'cs.db.host'), cp.get('base', 'cs.db.name'), cp.get('base', 'cs.db.user'),
+                (cp.get('base', 'cs.db.host'), cp.get('base', 'cs.db.name'), cp.get('base', 'cs.db.username'),
                  cp.get('secrets', 'cs.db.password'))
     http_cert_file = cp.get('base', 'cs.webclient.certFile')
     http_key_file = cp.get('base', 'cs.webclient.keyFile')

From 282dcef4310ef543b030dafb622c1a0012b2d5f5 Mon Sep 17 00:00:00 2001
From: stea-uw <stea@uw.edu>
Date: Fri, 31 May 2024 15:21:39 -0700
Subject: [PATCH 2/2] Update it to use the SSL cert required by the new DB

---
 util/settings.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/util/settings.py b/util/settings.py
index 94caa9d..6235ff6 100644
--- a/util/settings.py
+++ b/util/settings.py
@@ -18,9 +18,11 @@ def init(props, secrets):
     pfp = io.StringIO('[base]\n' + open(props, 'r').read() + '\n[secrets]\n' + open(secrets, 'r').read())
     cp = configparser.RawConfigParser()
     cp.read_file(pfp)
-    db_access = 'host=%s dbname=%s user=%s password=%s' % \
+    ssl_key = cp.get('base', 'cs.db.sslkey').replace('.raw', '')
+    db_access = 'host=%s dbname=%s user=%s password=%s sslkey=%s sslcert=%s sslrootcert=%s sslmode=require' % \
                 (cp.get('base', 'cs.db.host'), cp.get('base', 'cs.db.name'), cp.get('base', 'cs.db.username'),
-                 cp.get('secrets', 'cs.db.password'))
+                 cp.get('secrets', 'cs.db.password'), ssl_key, cp.get('base', 'cs.db.sslcert'),
+                 cp.get('base', 'cs.db.sslrootcert'))
     http_cert_file = cp.get('base', 'cs.webclient.certFile')
     http_key_file = cp.get('base', 'cs.webclient.keyFile')
     gws_url_template = cp.get('base', 'cs.gws.urltemplate')