diff options
-rw-r--r-- | README | 2 | ||||
-rw-r--r-- | etc/certmaster.conf | 2 | ||||
-rwxr-xr-x | func/certmaster.py | 40 | ||||
-rwxr-xr-x | func/codes.py | 25 | ||||
-rwxr-xr-x | func/utils.py | 47 | ||||
-rwxr-xr-x | minion/server.py | 12 | ||||
-rw-r--r-- | overlord/sslclient.py | 19 | ||||
-rwxr-xr-x | scripts/certmaster | 13 | ||||
-rwxr-xr-x | scripts/funcd | 4 |
9 files changed, 140 insertions, 24 deletions
@@ -2,5 +2,5 @@ func - Fedora unified Network Controller? https://hosted.fedoraproject.org/projects/func/ -Source: http://git.fedoraproject.org/?p=hosted/func.git;a=summary +Source: http://git.fedoraproject.org/hosted/func.git/ diff --git a/etc/certmaster.conf b/etc/certmaster.conf index 0dd8dcc..45603a7 100644 --- a/etc/certmaster.conf +++ b/etc/certmaster.conf @@ -1,4 +1,4 @@ -listen_addr = '' +listen_addr = listen_port = 51235 cadir = /etc/pki/func/ca certroot = /var/lib/func/certmaster/certs diff --git a/func/certmaster.py b/func/certmaster.py index b12ecdb..89b68a0 100755 --- a/func/certmaster.py +++ b/func/certmaster.py @@ -28,7 +28,8 @@ import sha #from func.server import codes import func import func.certs - +import func.codes +import func.utils class SimpleConfigFile(object): """simple config file object: @@ -164,6 +165,11 @@ class CertMaster(object): return False, '', '' return False, '', '' + +class CertmasterXMLRPCServer(SimpleXMLRPCServer.SimpleXMLRPCServer): + def __init__(self, args): + self.allow_reuse_address = True + SimpleXMLRPCServer.SimpleXMLRPCServer.__init__(self, args) def serve(xmlrpcinstance): @@ -172,7 +178,37 @@ def serve(xmlrpcinstance): Code for starting the XMLRPC service. """ - server = SimpleXMLRPCServer.SimpleXMLRPCServer((xmlrpcinstance.cfg.listen_addr, xmlrpcinstance.cfg.listen_port)) + server = CertmasterXMLRPCServer((xmlrpcinstance.cfg.listen_addr, xmlrpcinstance.cfg.listen_port)) server.logRequests = 0 # don't print stuff to console server.register_instance(xmlrpcinstance) server.serve_forever() + + +def main(argv): + + defaults = { 'listen_addr': 'localhost', + 'listen_port': '51235', + 'cadir': '/etc/pki/func/ca', + 'certroot': '/var/lib/func/certmaster/certs', + 'csrroot': '/var/lib/func/certmaster/csrs', + 'autosign': 'false' + } + + + cm = CertMaster('/etc/func/certmaster.conf', defaults) + + if "daemon" in argv or "--daemon" in argv: + func.utils.daemonize("/var/run/certmaster.pid") + else: + print "serving...\n" + + + # just let exceptions bubble up for now + serve(cm) + + + +if __name__ == "__main__": + textdomain(I18N_DOMAIN) + main(sys.argv) + diff --git a/func/codes.py b/func/codes.py new file mode 100755 index 0000000..c549709 --- /dev/null +++ b/func/codes.py @@ -0,0 +1,25 @@ +#!/usr/bin/python +""" +func + +Copyright 2007, Red Hat, Inc +See AUTHORS + +This software may be freely redistributed under the terms of the GNU +general public license. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +""" + +import exceptions + + +class FuncException(exceptions.Exception): + pass + +class InvalidMethodException(FuncException): + pass + +# FIXME: more sub-exceptions maybe diff --git a/func/utils.py b/func/utils.py new file mode 100755 index 0000000..724c847 --- /dev/null +++ b/func/utils.py @@ -0,0 +1,47 @@ +#!/usr/bin/python + +""" +Copyright 2007, Red Hat, Inc +see AUTHORS + +This software may be freely redistributed under the terms of the GNU +general public license. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +""" + +import os +import string +import sys +import traceback + +# this is kind of handy, so keep it around for now +# but we really need to fix out server side logging and error +# reporting so we don't need it +def trace_me(): + x = traceback.extract_stack() + bar = string.join(traceback.format_list(x)) + return bar + + +def daemonize(pidfile=None): + """ + Daemonize this process with the UNIX double-fork trick. + Writes the new PID to the provided file name if not None. + """ + + print pidfile + pid = os.fork() + if pid > 0: + sys.exit(0) + os.setsid() + os.umask(0) + pid = os.fork() + + + if pid > 0: + if pidfile is not None: + open(pidfile, "w").write(str(pid)) + sys.exit(0) diff --git a/minion/server.py b/minion/server.py index 823d072..3762095 100755 --- a/minion/server.py +++ b/minion/server.py @@ -193,17 +193,17 @@ def main(argv): print "" print "Seriously.\n\n" - try: - serve() - except codes.FuncException, e: - print >> sys.stderr, 'error: %s' % e - sys.exit(1) if "daemon" in sys.argv or "--daemon" in sys.argv: - utils.daemonize("/var/run/vf_server.pid") + utils.daemonize("/var/run/funcd.pid") else: print "serving...\n" + try: + serve() + except codes.FuncException, e: + print >> sys.stderr, 'error: %s' % e + sys.exit(1) # ====================================================================================== diff --git a/overlord/sslclient.py b/overlord/sslclient.py index 9439c4a..928d6bb 100644 --- a/overlord/sslclient.py +++ b/overlord/sslclient.py @@ -35,10 +35,25 @@ class SSLXMLRPCServerProxy(xmlrpclib.ServerProxy): xmlrpclib.ServerProxy.__init__(self, uri, SSL_Transport(ssl_context=self.ctx, timeout=timeout)) +class FuncServer(SSLXMLRPCServerProxy): + def __init__(self, uri): + self.pem = "/etc/pki/func/slave.pem" + self.crt = "/etc/pki/func/slave.cert" + self.ca = "/etc/pki/func/ca/funcmaster.crt" + + SSLXMLRPCServerProxy.__init__(self, uri, + self.pem, + self.crt, + self.ca) + if __name__ == "__main__": - s = SSLXMLRPCServerProxy('https://localhost:51234/', '/etc/pki/func/slave.pem', '/etc/pki/func/slave.crt', '/etc/pki/func/ca/funcmaster.crt') + s = SSLXMLRPCServerProxy('https://localhost:51234/', '/etc/pki/func/slave.pem', '/etc/pki/func/slave.cert', '/etc/pki/func/ca/funcmaster.crt') f = s.ping(1, 2) print f + + + + + -
\ No newline at end of file diff --git a/scripts/certmaster b/scripts/certmaster index f4bcf53..d5f677d 100755 --- a/scripts/certmaster +++ b/scripts/certmaster @@ -2,15 +2,10 @@ from func import certmaster -defaults = { 'listen_addr': 'localhost', - 'listen_port': '51235', - 'cadir': '/etc/pki/func/ca', - 'certroot': '/var/lib/func/certmaster/certs', - 'csrroot': '/var/lib/func/certmaster/csrs', - 'autosign': 'false' - } +import sys -cm = certmaster.CertMaster('/etc/func/certmaster.conf', defaults) -certmaster.serve(cm) +if __name__ == "__main__": + certmaster.main(sys.argv) + diff --git a/scripts/funcd b/scripts/funcd index 2301acf..3d807bd 100755 --- a/scripts/funcd +++ b/scripts/funcd @@ -4,9 +4,7 @@ import sys import distutils.sysconfig -sys.path.append("%s/func" % distutils.sysconfig.get_python_lib()) - -from minion import server +from func.minion import server if __name__ == "__main__": server.main(sys.argv) |