diff options
author | Seth Vidal <skvidal@fedoraproject.org> | 2008-02-05 16:24:26 -0500 |
---|---|---|
committer | Seth Vidal <skvidal@fedoraproject.org> | 2008-02-05 16:24:26 -0500 |
commit | 6b9881532773f8e697437d8c6b92ce99477a0a43 (patch) | |
tree | 02e45ef01bde6ab2b16016a60f69ab01a196d32e /func | |
parent | 46f897f0f33a6c1eb6d489cd8d3dc26b70035255 (diff) | |
download | third_party-func-6b9881532773f8e697437d8c6b92ce99477a0a43.tar.gz third_party-func-6b9881532773f8e697437d8c6b92ce99477a0a43.tar.xz third_party-func-6b9881532773f8e697437d8c6b92ce99477a0a43.zip |
new Func_Client_Exception and allow the the caller to specify the cert/key/ca to use for
connecting
Diffstat (limited to 'func')
-rw-r--r-- | func/CommonErrors.py | 9 | ||||
-rwxr-xr-x | func/overlord/client.py | 43 |
2 files changed, 44 insertions, 8 deletions
diff --git a/func/CommonErrors.py b/func/CommonErrors.py index fc4e049..c76cb3d 100644 --- a/func/CommonErrors.py +++ b/func/CommonErrors.py @@ -14,6 +14,7 @@ # # Copyright 2005 Dan Williams <dcbw@redhat.com> and Red Hat, Inc. +from exceptions import Exception def canIgnoreSSLError(e): """ @@ -58,3 +59,11 @@ def canIgnoreSocketError(e): return True return False + +class Func_Client_Exception(Exception): + def __init__(self, value=None): + Exception.__init__(self) + self.value = value + def __str__(self): + return "%s" %(self.value,) + diff --git a/func/overlord/client.py b/func/overlord/client.py index c30d0f6..db33345 100755 --- a/func/overlord/client.py +++ b/func/overlord/client.py @@ -15,6 +15,7 @@ import sys import glob +import os from func.commonconfig import CMConfig from func.config import read_config, CONFIG_FILE @@ -26,6 +27,7 @@ import groups import func.forkbomb as forkbomb import func.jobthing as jobthing import func.utils as utils +from func.CommonErrors import * # =================================== # defaults @@ -142,7 +144,7 @@ def isServer(server_string): class Client(object): def __init__(self, server_spec, port=DEFAULT_PORT, interactive=False, - verbose=False, noglobs=False, nforks=1, config=None, async=False): + verbose=False, noglobs=False, nforks=1, config=None, async=False, init_ssl=True): """ Constructor. @server_spec -- something like "*.example.org" or "foosball" @@ -165,15 +167,40 @@ class Client(object): self.async = async self.servers = expand_servers(self.server_spec, port=self.port, noglobs=self.noglobs,verbose=self.verbose) - - # default cert/ca/key is the same as the certmaster ca - need to - # be able to change that on the cli - self.key = '%s/funcmaster.key' % self.config.cadir - self.cert = '%s/funcmaster.crt' % self.config.cadir - # yes, they're the same, that's the point + + if init_ssl: + self.setup_ssl() + + def setup_ssl(self, client_key=None, client_cert=None, ca=None): + # defaults go: + # certmaster key, cert, ca + # funcd key, cert, ca + # raise FuncClientError + ol_key = '%s/funcmaster.key' % self.config.cadir + ol_crt = '%s/funcmaster.crt' % self.config.cadir + # maybe /etc/pki/func is a variable somewhere? + fd_key = '/etc/pki/func/%s.pem' % myname + fd_crt = '/etc/pki/func/%s.cert' % myname self.ca = '%s/funcmaster.crt' % self.config.cadir + + if os.access(client_key, os.R_OK) and os.access(client_cert, os.R_OK)\ + and os.access(ca, os.R_OK): + self.key = client_key + self.cert = client_cert + self.ca = ca + # otherwise fall through our defaults + elif os.access(ol_key, os.R_OK) and os.access(ol_crt, os.R_OK): + self.key = ol_key + self.cert = ol_crt + elif os.access(fd_key, os.R_OK) and os.access(fd_crt, os.R_OK): + self.key = fd_key + self.cert = fd_crt + else: + raise Func_Client_Exception, 'Cannot read ssl credentials: ssl, cert, ca' + - + + def __getattr__(self, name): """ This getattr allows manipulation of the object as if it were |