summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAdrian Likins <alikins@redhat.com>2008-10-15 16:12:07 -0400
committerAdrian Likins <alikins@redhat.com>2008-10-15 16:12:07 -0400
commit5bb4be3edcfdf031d7446e434ef4f51309ce32c7 (patch)
treee344e5f1e04e783192c0d9deecfaaa3f168a7dbf
parentca0b109bfb78736cb3997b536ac20dadf32485bd (diff)
downloadcertmaster-5bb4be3edcfdf031d7446e434ef4f51309ce32c7.zip
certmaster-5bb4be3edcfdf031d7446e434ef4f51309ce32c7.tar.gz
certmaster-5bb4be3edcfdf031d7446e434ef4f51309ce32c7.tar.xz
change triggers so we pass in the name of the machine the request/sign/remove is for
and pass it to the triggers This could potentially break some existing triggers if they dont expect and argument. However, it's documented that they should expect a name argument, they just weren't ever getting one until now.
-rwxr-xr-xcertmaster/certmaster.py14
-rwxr-xr-xcertmaster/utils.py2
2 files changed, 9 insertions, 7 deletions
diff --git a/certmaster/certmaster.py b/certmaster/certmaster.py
index 7431324..aba3f7c 100755
--- a/certmaster/certmaster.py
+++ b/certmaster/certmaster.py
@@ -106,7 +106,7 @@ class CertMaster(object):
requesting_host = self._sanitize_cn(csrreq.get_subject().CN)
if with_triggers:
- self._run_triggers(None, '/var/lib/certmaster/triggers/request/pre/*')
+ self._run_triggers(requesting_host, '/var/lib/certmaster/triggers/request/pre/*')
self.logger.info("%s requested signing of cert %s" % (requesting_host,csrreq.get_subject().CN))
# get rid of dodgy characters in the filename we're about to make
@@ -140,7 +140,7 @@ class CertMaster(object):
cert_buf = crypto.dump_certificate(crypto.FILETYPE_PEM, slavecert)
cacert_buf = crypto.dump_certificate(crypto.FILETYPE_PEM, self.cacert)
if with_triggers:
- self._run_triggers(None,'/var/lib/certmaster/triggers/request/post/*')
+ self._run_triggers(requesting_host,'/var/lib/certmaster/triggers/request/post/*')
return True, cert_buf, cacert_buf
# if we don't have a cert then:
@@ -192,13 +192,13 @@ class CertMaster(object):
print 'No match for %s to clean up' % hn
return
if with_triggers:
- self._run_triggers(None,'/var/lib/certmaster/triggers/remove/pre/*')
+ self._run_triggers(hn,'/var/lib/certmaster/triggers/remove/pre/*')
for fn in csrs + certs:
print 'Cleaning out %s for host matching %s' % (fn, hn)
self.logger.info('Cleaning out %s for host matching %s' % (fn, hn))
os.unlink(fn)
if with_triggers:
- self._run_triggers(None,'/var/lib/certmaster/triggers/remove/post/*')
+ self._run_triggers(hn,'/var/lib/certmaster/triggers/remove/post/*')
def sign_this_csr(self, csr, with_triggers=True):
"""returns the path to the signed cert file"""
@@ -228,8 +228,10 @@ class CertMaster(object):
else: # assume we got a bare csr req
csrreq = csr
+
+ requesting_host = self._sanitize_cn(csrreq.get_subject().CN)
if with_triggers:
- self._run_triggers(None,'/var/lib/certmaster/triggers/sign/pre/*')
+ self._run_triggers(requesting_host,'/var/lib/certmaster/triggers/sign/pre/*')
requesting_host = self._sanitize_cn(csrreq.get_subject().CN)
@@ -245,7 +247,7 @@ class CertMaster(object):
self.logger.info("csr %s signed" % (certfile))
if with_triggers:
- self._run_triggers(None,'/var/lib/certmaster/triggers/sign/post/*')
+ self._run_triggers(requesting_host,'/var/lib/certmaster/triggers/sign/post/*')
if csr_unlink_file and os.path.exists(csr_unlink_file):
diff --git a/certmaster/utils.py b/certmaster/utils.py
index ecebad6..5544b05 100755
--- a/certmaster/utils.py
+++ b/certmaster/utils.py
@@ -235,7 +235,7 @@ def run_triggers(ref, globber):
# in the triggers directory
continue
if ref:
- rc = sub_process.call([file, ref.name], shell=False)
+ rc = sub_process.call([file, ref], shell=False)
else:
rc = sub_process.call([file], shell=False)
except: