From 0678c2d8107dbb5eaa7c4c7dbb97c9db3064b69a Mon Sep 17 00:00:00 2001
From: Seth Vidal <skvidal@fedoraproject.org>
Date: Fri, 28 Sep 2007 13:01:36 -0400
Subject: make sure we have the fqdn of the certmaster in the CN of the
 certificate authority key

---
 func/certmaster.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'func')

diff --git a/func/certmaster.py b/func/certmaster.py
index 0c1f333..bcff926 100755
--- a/func/certmaster.py
+++ b/func/certmaster.py
@@ -24,6 +24,7 @@ import os.path
 from OpenSSL import crypto
 import sha
 import glob
+import socket
 
 #from func.server import codes
 import certs
@@ -35,13 +36,14 @@ from commonconfig import CMConfig
 class CertMaster(object):
     def __init__(self, conf_file):
         self.cfg = read_config(conf_file, CMConfig)
+        mycn = '%s-CA-KEY' % socket.getfqdn()
         self.ca_key_file = '%s/funcmaster.key' % self.cfg.cadir
         self.ca_cert_file = '%s/funcmaster.crt' % self.cfg.cadir
         try:
             if not os.path.exists(self.cfg.cadir):
                 os.makedirs(self.cfg.cadir)
             if not os.path.exists(self.ca_key_file) and not os.path.exists(self.ca_cert_file):
-                certs.create_ca(ca_key_file=self.ca_key_file, ca_cert_file=self.ca_cert_file)
+                certs.create_ca(CN=mycn, ca_key_file=self.ca_key_file, ca_cert_file=self.ca_cert_file)
         except (IOError, OSError), e:
             print 'Cannot make certmaster certificate authority keys/certs, aborting: %s' % e
             sys.exit(1)
-- 
cgit 


From c36de46938255f1e16861981db3c59990e6f7b0c Mon Sep 17 00:00:00 2001
From: Adrian Likins <alikins@redhat.com>
Date: Fri, 28 Sep 2007 13:15:14 -0400
Subject: log the ip address of the requester to the audit.log

also ditch the "INFO" blurb in the log, since we don't really
log at any other level
---
 func/logger.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'func')

diff --git a/func/logger.py b/func/logger.py
index 681576e..cdfa899 100755
--- a/func/logger.py
+++ b/func/logger.py
@@ -61,9 +61,9 @@ class AuditLogger(Singleton):
         if self._no_handlers:
              self._setup_handlers(logfilepath=logfilepath)
 
-    def log_call(self, CN, cert_hash, method, params):
+    def log_call(self, ip, CN, cert_hash, method, params):
         # square away a good parseable format at some point -akl
-        self.logger.info("%s %s %s called with %s" % (CN, cert_hash, method, params))
+        self.logger.info("%s %s %s %s called with %s" % (ip, CN, cert_hash, method, params))
 
 
     def _setup_logging(self):
@@ -72,7 +72,7 @@ class AuditLogger(Singleton):
     def _setup_handlers(self, logfilepath="/var/log/func/audit.log"):
         handler = logging.FileHandler(logfilepath, "a")
         self.logger.setLevel(self.loglevel)
-        formatter = logging.Formatter("%(asctime)s - %(levelname)s - %(message)s")
+        formatter = logging.Formatter("%(asctime)s - %(message)s")
         handler.setFormatter(formatter)
         self.logger.addHandler(handler)
         self._no_handlers = False
-- 
cgit