diff options
author | Michael DeHaan <mdehaan@redhat.com> | 2008-02-07 12:08:55 -0500 |
---|---|---|
committer | Michael DeHaan <mdehaan@redhat.com> | 2008-02-07 12:08:55 -0500 |
commit | 697402da24ca930b3608359a61b9872fdddc62d9 (patch) | |
tree | 625403025dbfe9caca1254aab45724c8de4d8302 /certs/slave-keys.py | |
parent | ac3061bcffd2ea634596c188beaa13339e3fa24a (diff) | |
download | certmaster-697402da24ca930b3608359a61b9872fdddc62d9.tar.gz certmaster-697402da24ca930b3608359a61b9872fdddc62d9.tar.xz certmaster-697402da24ca930b3608359a61b9872fdddc62d9.zip |
Starting off the certmaster tree with most of the func code, shortly non-certmaster related parts will be removed, and other small parts added/tweaked
Diffstat (limited to 'certs/slave-keys.py')
-rw-r--r-- | certs/slave-keys.py | 92 |
1 files changed, 92 insertions, 0 deletions
diff --git a/certs/slave-keys.py b/certs/slave-keys.py new file mode 100644 index 0000000..8ddae81 --- /dev/null +++ b/certs/slave-keys.py @@ -0,0 +1,92 @@ +#!/usr/bin/python -tt +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Library General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# Copyright (c) 2007 Red Hat, inc +#- Written by Seth Vidal skvidal @ fedoraproject.org + +import sys +import os +import os.path +import xmlrpclib +import time + +from exceptions import Exception + +import func.certs + + +def submit_csr_to_master(csr_file, master_uri): + # get csr_file + # submit buffer of file content to master_uri.wait_for_cert() + # wait for response and return + fo = open(csr_file) + csr = fo.read() + s = xmlrpclib.ServerProxy(master_uri) + + return s.wait_for_cert(csr) + + + +def main(cert_dir, master_uri): + keypair = None + key_file = '%s/slave.pem' % cert_dir + csr_file = '%s/slave.csr' % cert_dir + cert_file = '%s/slave.cert' % cert_dir + ca_cert_file = '%s/ca.cert' % cert_dir + + try: + if not os.path.exists(cert_dir): + os.makedirs(cert_dir) + if not os.path.exists(key_file): + keypair = func.certs.make_keypair(dest=key_file) + if not os.path.exists(csr_file): + if not keypair: + keypair = func.certs.retrieve_key_from_file(key_file) + csr = func.certs.make_csr(keypair, dest=csr_file) + except Exception, e: # need a little more specificity here + print e + return 1 + + result = False + while not result: + result, cert_string, ca_cert_string = submit_csr_to_master(csr_file, master_uri) + print 'looping' + time.sleep(10) + + + if result: + cert_fo = open(cert_file, 'w') + cert_fo.write(cert_string) + cert_fo.close() + + ca_cert_fo = open(ca_cert_file, 'w') + ca_cert_fo.write(ca_cert_string) + ca_cert_fo.close() + + return 0 + + +if __name__ == "__main__": + if len(sys.argv[1:]) > 0: + cert_dir = sys.argv[1] + else: + cert_dir = '/etc/pki/func' + + if len(sys.argv[1:]) > 1: + master_uri = sys.argv[2] + else: + master_uri = 'http://localhost:51235/' + + sys.exit(main(cert_dir, master_uri)) + |