1 files changed, 72 insertions, 0 deletions
diff --git a/minion/utils.py b/minion/utils.py
index 724c847..8b9069c 100755
--- a/minion/utils.py
+++ b/minion/utils.py
@@ -16,6 +16,78 @@ import os
 import string
 import sys
 import traceback
+import xmlrpclib
+from func import certs
+import codes
+import socket
+import time
+
+#import config_data
+
+
+
+def create_minion_keys():
+    #config_obj = config_data.Config()
+    cert_dir = '/etc/pki/func' # clearly needs to be a config
+    master_uri = 'http://certmaster:51235/' # clearly needs to be a config
+    hn = socket.getfqdn()
+   
+    key_file = '%s/%s.pem' % (cert_dir, hn)
+    csr_file = '%s/%s.csr' % (cert_dir, hn)
+    cert_file = '%s/%s.cert' % (cert_dir, hn)
+    ca_cert_file = '%s/ca.cert' % cert_dir
+    
+
+    if os.path.exists(cert_file) and os.path.exists(ca_cert_file):
+        return
+
+    keypair = None        
+    try:
+        if not os.path.exists(cert_dir):
+            os.makedirs(cert_dir)
+        if not os.path.exists(key_file):
+            keypair = certs.make_keypair(dest=key_file)
+        if not os.path.exists(csr_file):
+            if not keypair:
+                keypair = certs.retrieve_key_from_file(key_file)
+            csr = certs.make_csr(keypair, dest=csr_file)
+    except Exception, e: # need a little more specificity here
+        raise codes.FuncException, "Could not create local keypair or csr for minion funcd session"
+    
+    result = False
+    while not result:
+        try:
+            result, cert_string, ca_cert_string = submit_csr_to_master(csr_file, master_uri)
+        except socket.gaierror, e:
+            raise codes.FuncException, "Could not locate certmaster at: http://certmaster:51235/"
+            
+        # logging here would be nice
+        if not result:
+            time.sleep(10)    
+    
+    
+    if result:
+       cert_fo = open(cert_file, 'w')
+       cert_fo.write(cert_string)
+       cert_fo.close()
+       
+       ca_cert_fo = open(ca_cert_file, 'w')
+       ca_cert_fo.write(ca_cert_string)
+       ca_cert_fo.close()
+    
+def submit_csr_to_master(csr_file, master_uri):
+    """"
+    gets us our cert back from the certmaster.wait_for_cert() method
+    takes csr_file as path location and master_uri
+    returns Bool, str(cert), str(ca_cert)
+    """
+    
+    fo = open(csr_file)
+    csr = fo.read()
+    s = xmlrpclib.ServerProxy(master_uri)
+    
+    return s.wait_for_cert(csr)
+
 
 # this is kind of handy, so keep it around for now
 # but we really need to fix out server side logging and error