diff options
author | Adrian Likins <alikins@grimlock.devel.redhat.com> | 2008-02-29 12:35:53 -0500 |
---|---|---|
committer | Adrian Likins <alikins@grimlock.devel.redhat.com> | 2008-02-29 12:35:53 -0500 |
commit | dd4a2266e476410084556ea7bce9dfa47e651690 (patch) | |
tree | 3c6604c925bcdd625cc452ef992aa2a11de0769c /func/minion/utils.py | |
parent | ede64dcf5c23fdb5a78f8f638ad2d94f315b3c00 (diff) | |
download | third_party-func-dd4a2266e476410084556ea7bce9dfa47e651690.tar.gz third_party-func-dd4a2266e476410084556ea7bce9dfa47e651690.tar.xz third_party-func-dd4a2266e476410084556ea7bce9dfa47e651690.zip |
mostly merges of stuff I thought I had already committed and pushed
various s/func/certmaster changes
Diffstat (limited to 'func/minion/utils.py')
-rwxr-xr-x | func/minion/utils.py | 72 |
1 files changed, 0 insertions, 72 deletions
diff --git a/func/minion/utils.py b/func/minion/utils.py index ea8854c..1133866 100755 --- a/func/minion/utils.py +++ b/func/minion/utils.py @@ -65,78 +65,6 @@ def get_hostname(): -def create_minion_keys(): - config_file = '/etc/func/minion.conf' - config = read_config(config_file, FuncdConfig) - cert_dir = config.cert_dir - master_uri = 'http://%s:51235/' % config.certmaster - hn = get_hostname() - - if hn is None: - raise codes.FuncException("Could not determine a hostname other than localhost") - - key_file = '%s/%s.pem' % (cert_dir, hn) - csr_file = '%s/%s.csr' % (cert_dir, hn) - cert_file = '%s/%s.cert' % (cert_dir, hn) - ca_cert_file = '%s/ca.cert' % cert_dir - - - if os.path.exists(cert_file) and os.path.exists(ca_cert_file): - return - - keypair = None - try: - if not os.path.exists(cert_dir): - os.makedirs(cert_dir) - if not os.path.exists(key_file): - keypair = certs.make_keypair(dest=key_file) - if not os.path.exists(csr_file): - if not keypair: - keypair = certs.retrieve_key_from_file(key_file) - csr = certs.make_csr(keypair, dest=csr_file) - except Exception, e: - traceback.print_exc() - raise codes.FuncException, "Could not create local keypair or csr for minion funcd session" - - result = False - log = logger.Logger().logger - while not result: - try: - log.debug("submitting CSR to certmaster %s" % master_uri) - result, cert_string, ca_cert_string = submit_csr_to_master(csr_file, master_uri) - except socket.gaierror, e: - raise codes.FuncException, "Could not locate certmaster at %s" % master_uri - - # logging here would be nice - if not result: - log.warning("no response from certmaster %s, sleeping 10 seconds" % master_uri) - time.sleep(10) - - - if result: - log.debug("received certificate from certmaster %s, storing" % master_uri) - cert_fd = os.open(cert_file, os.O_RDWR|os.O_CREAT, 0644) - os.write(cert_fd, cert_string) - os.close(cert_fd) - - ca_cert_fd = os.open(ca_cert_file, os.O_RDWR|os.O_CREAT, 0644) - os.write(ca_cert_fd, ca_cert_string) - os.close(ca_cert_fd) - -def submit_csr_to_master(csr_file, master_uri): - """" - gets us our cert back from the certmaster.wait_for_cert() method - takes csr_file as path location and master_uri - returns Bool, str(cert), str(ca_cert) - """ - - fo = open(csr_file) - csr = fo.read() - s = xmlrpclib.ServerProxy(master_uri) - - return s.wait_for_cert(csr) - - # this is kind of handy, so keep it around for now # but we really need to fix out server side logging and error # reporting so we don't need it |