diff options
author | Adrian Likins <alikins@grimlock.devel.redhat.com> | 2008-04-30 22:37:07 -0400 |
---|---|---|
committer | Adrian Likins <alikins@grimlock.devel.redhat.com> | 2008-04-30 22:37:07 -0400 |
commit | 1c44d82bc9270466521e8c8d5339d0213935f385 (patch) | |
tree | 394edc4c2d4d299e128e28d98f0883b7a24d9ac5 /certmaster/certmaster.py | |
parent | 7e743092d11acb95be40a415c3a9207fd040a0cf (diff) | |
download | certmaster-1c44d82bc9270466521e8c8d5339d0213935f385.tar.gz certmaster-1c44d82bc9270466521e8c8d5339d0213935f385.tar.xz certmaster-1c44d82bc9270466521e8c8d5339d0213935f385.zip |
add two new options to "certmaster-ca"
-list-signed shows a list of certs the certmaster has already signed
--list-cert-hashes returns the list of signed certs in the CN-hash format that
the acls files expects. Should make it a little easier to use the acls.
Both options take optional hostnames or hostname globs
Diffstat (limited to 'certmaster/certmaster.py')
-rwxr-xr-x | certmaster/certmaster.py | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/certmaster/certmaster.py b/certmaster/certmaster.py index 970ff59..7431324 100755 --- a/certmaster/certmaster.py +++ b/certmaster/certmaster.py @@ -252,7 +252,47 @@ class CertMaster(object): os.unlink(csr_unlink_file) return certfile + + # return a list of already signed certs + def get_signed_certs(self, hostglobs=None): + certglob = "%s/*.cert" % (self.cfg.certroot) + + certs = [] + globs = "*" + if hostglobs: + globs = hostglobs + + for hostglob in globs: + certglob = "%s/%s.cert" % (self.cfg.certroot, hostglob) + certs = certs + glob.glob(certglob) + + signed_certs = [] + for cert in certs: + # just want the hostname, so strip off path and ext + signed_certs.append(os.path.basename(cert).split(".cert", 1)[0]) + + return signed_certs + + # return a list of the cert hash string we use to identify systems + def get_cert_hashes(self, hostglobs=None): + certglob = "%s/*.cert" % (self.cfg.certroot) + + certfiles = [] + globs = "*" + if hostglobs: + globs = hostglobs + + for hostglob in globs: + certglob = "%s/%s.cert" % (self.cfg.certroot, hostglob) + certfiles = certfiles + glob.glob(certglob) + cert_hashes = [] + for certfile in certfiles: + cert = certs.retrieve_cert_from_file(certfile) + cert_hashes.append("%s-%s" % (cert.get_subject().CN, cert.subject_name_hash())) + + return cert_hashes + def _run_triggers(self, ref, globber): return utils.run_triggers(ref, globber) |