Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Do not accept certificates that do not match our key.HEADmaster | John Eckersberg | 2009-04-14 | 2 | -0/+22 |
| | | | | | | | | | Usually this happens when a host is re-provisioned and you forget to run certmaster-ca --clean afterwards to remove the old cert on the certmaster. Instead of accepting the cert and throwing a key-mismatch exception, we log a useful hint to the log and to stderr. | ||||
* | [certmaster] Documentation and cleanup for minion-to-minion | John Eckersberg | 2009-03-18 | 5 | -1/+52 |
| | | | | | | | | * Add man page for certmaster-sync * Symlink certmaster-sync into triggers for post-sign and post-clean (doesn't execute by default) * Add sync_certs setting to default certmaster.conf * Create the empty /var/lib/certmaster/peers directory | ||||
* | Minion-to-minion support, certmaster half. | John Eckersberg | 2009-03-13 | 5 | -2/+152 |
| | |||||
* | add a monit configuration file | Phil | 2009-03-05 | 1 | -0/+6 |
| | |||||
* | change utils.get_hostname to just do the basic thing. Move the bits | Adrian Likins | 2009-03-03 | 1 | -29/+1 |
| | | | | | that do all the config checking and route lookup and other madness to func.utils.get_hostname_by_route | ||||
* | Merge branch 'master' of ssh://alikins@git.fedorahosted.org/git/certmaster | Adrian Likins | 2009-02-21 | 1 | -1/+0 |
|\ | | | | | | | | | Conflicts: Makefile | ||||
| * | there was a trailing space on the version | Adrian Likins | 2009-02-20 | 1 | -2/+1 |
| | | |||||
* | | rev to release 5 for rebuild | Adrian Likins | 2009-02-19 | 2 | -3/+3 |
|/ | |||||
* | remove "version" file and updated spec/makefile/setup.py to not need it | Adrian Likins | 2009-02-18 | 4 | -16/+9 |
| | |||||
* | add a excepthook handler for uncaught exceptions, so they get written to the log | Adrian Likins | 2009-02-12 | 1 | -1/+18 |
| | | | | https://fedorahosted.org/func/ticket/70 | ||||
* | change old urls to new urls | Adrian Likins | 2009-01-22 | 2 | -3/+3 |
| | |||||
* | make the python executable we use a makefile variable | Adrian Likins | 2009-01-21 | 1 | -4/+5 |
| | |||||
* | certmaster.spec: Try to simplify the support for rhel3+python2.3 a little bit. | Adrian Likins | 2009-01-19 | 2 | -6/+42 |
| | | | | | | | | We let distutils do the /usr/bin/python path munging for the files that need it (aka, everything in "scripts"). So we can get rid of the patch for this (we also cleaned up all the files that had a #! set that didn't need it) Some minor spec file formatting changes as well | ||||
* | permissions cleanup on source files | Adrian Likins | 2009-01-19 | 8 | -0/+0 |
| | |||||
* | fix up some docs bugs. Looks like they were introduced in the ↵ | Adrian Likins | 2009-01-13 | 5 | -7/+9 |
| | | | | | | | certmaster/func split. fix https://fedorahosted.org/certmaster/ticket/5 (certmaster-request man page was getting created incorrectly) | ||||
* | 0.24 | Adrian Likins | 2008-12-17 | 1 | -1/+1 |
| | |||||
* | Patch from Tim Bielawa <timbielawa@gmail.com> to make init scripts work | Tim Bielawa | 2008-12-15 | 1 | -13/+29 |
| | | | | on debian/ubuntu | ||||
* | add missing dirs to spec file (trigger dirs) | Adrian Likins | 2008-12-08 | 1 | -0/+6 |
| | | | | fix for bugzilla #473633 | ||||
* | removed unneed line that reset the requesting_host | Adrian Likins | 2008-11-18 | 1 | -1/+0 |
| | |||||
* | Make the port that certmaster listens on and funcd connects to configurable. | Adrian Likins | 2008-11-12 | 5 | -3/+12 |
| | | | | | | | | add listen_port to /etc/certmaster/certmaster.conf to configure which port certmaster runs on. add certmaster_port to /etc/certmaster/minion.conf so funcd knows which port to talk to certmaster on. | ||||
* | change triggers so we pass in the name of the machine the ↵ | Adrian Likins | 2008-10-15 | 2 | -7/+9 |
| | | | | | | | | | | request/sign/remove is for and pass it to the triggers This could potentially break some existing triggers if they dont expect and argument. However, it's documented that they should expect a name argument, they just weren't ever getting one until now. | ||||
* | fix for utils.daemonize() as reported in https://fedorahosted.org/func/ticket/58 | Adrian Likins | 2008-09-19 | 1 | -6/+21 |
| | | | | | | | | | by goozbach Couple of things wrong, fd's were getting closed in wrong place, the call to os.cwd('/') was supposed to be os.chdir('/') Also try duping the fd's just in case | ||||
* | Merge branch 'master' of ↵ | Adrian Likins | 2008-09-05 | 1 | -1/+1 |
|\ | | | | | | | ssh://alikins@git.fedoraproject.org/git/hosted/certmaster | ||||
| * | rev to 0.23-1 | Adrian Likins | 2008-09-05 | 1 | -1/+1 |
| | | |||||
* | | credit for patch for Jonathan Barber <j.barber@dundee.ac.uk> | Adrian Likins | 2008-09-05 | 1 | -0/+1 |
| | | |||||
* | | close stdin/stdout/stderr on daemonize | Jonathan Barber | 2008-09-05 | 1 | -0/+4 |
| | | | | | | | | patch from Jonathan Barber <j.barber@dundee.ac.uk> | ||||
* | | add #*# files correctly to .gitignore | Adrian Likins | 2008-07-24 | 1 | -1/+1 |
| | | |||||
* | | add more stuff to shut up git | Adrian Likins | 2008-07-24 | 1 | -0/+3 |
| | | |||||
* | | add .gitignore | Adrian Likins | 2008-07-24 | 1 | -0/+2 |
| | | |||||
* | | merge with the code from func | Adrian Likins | 2008-07-24 | 1 | -5/+8 |
|/ | | | | remove a spurious debug line | ||||
* | /s/June/Jun (incorrect changelog entry) | Adrian Likins | 2008-06-30 | 1 | -1/+1 |
| | |||||
* | fix fedora bug #441283 - typo in postinstall scriptlet | Adrian Likins | 2008-06-30 | 2 | -2/+6 |
| | | | | | | (the init.d symlinks for runlevels 1 and 6 were created wrong) rev releae | ||||
* | Updating AUTHORS | Michael DeHaan | 2008-06-30 | 1 | -1/+4 |
| | |||||
* | Bump version for release, clean up wrong versions in changelog. | Michael DeHaan | 2008-06-30 | 2 | -5/+9 |
| | |||||
* | Remove stray print | Michael DeHaan | 2008-06-30 | 1 | -1/+1 |
| | |||||
* | Add default value of 'cert_extension' in certmaster.conf | TANABE Ken-ichi | 2008-06-28 | 1 | -0/+1 |
| | |||||
* | Add cert_extension option | TANABE Ken-ichi | 2008-06-28 | 1 | -0/+1 |
| | |||||
* | add two new options to "certmaster-ca" | Adrian Likins | 2008-04-30 | 2 | -1/+71 |
| | | | | | | | | | -list-signed shows a list of certs the certmaster has already signed --list-cert-hashes returns the list of signed certs in the CN-hash format that the acls files expects. Should make it a little easier to use the acls. Both options take optional hostnames or hostname globs | ||||
* | apply triggers patch from Steve Salevan <ssalevan@redhat.com> | Adrian Likins | 2008-04-22 | 1 | -0/+1221 |
| | | | | | | | | Steves comments: Adding in triggering functionality, changed specfile and MANIFEST.in to reflect changes. Added sub_process.py file to facilitate the subprocesses necessary for triggering to work. Modified certmaster.py to add trigger points. | ||||
* | apply triggers patch from Steve Salevan <ssalevan@redhat.com> | Adrian Likins | 2008-04-22 | 5 | -8/+78 |
| | | | | | | | | Steves comments: Adding in triggering functionality, changed specfile and MANIFEST.in to reflect changes. Added sub_process.py file to facilitate the subprocesses necessary for triggering to work. Modified certmaster.py to add trigger points. | ||||
* | more logging info. log info for sign_this_csr() | Adrian Likins | 2008-03-18 | 1 | -2/+9 |
| | |||||
* | be a bit more verbose in the logging here, add file location info to logs | Adrian Likins | 2008-03-18 | 1 | -1/+1 |
| | |||||
* | fix a bug where certmaster was writing out the client csr file over and over ↵ | Adrian Likins | 2008-03-18 | 1 | -15/+4 |
| | | | | | | | | if it had been created, but not signed. Also, add some debug logging. | ||||
* | certmaster logging cleanups | Adrian Likins | 2008-03-17 | 3 | -8/+22 |
| | | | | | - use unique name for the certmaster logs - some not quite working code for passing down client info so we can log | ||||
* | remove unused certmaster/minion/ and certmaster/overlord/ dirs | Adrian Likins | 2008-03-17 | 20 | -3027/+3 |
| | | | | update spec and setup accordingly | ||||
* | add some basic logging output to certmaster | Adrian Likins | 2008-03-17 | 2 | -2/+24 |
| | |||||
* | Do not move versions backward | Michael DeHaan | 2008-03-06 | 1 | -1/+1 |
| | |||||
* | lame build fix. Messages/gettext stuff needs to be sorted out. We done | Adrian Likins | 2008-03-05 | 1 | -0/+1 |
| | | | | | seem to find any messages to translate,so po/messages.pot isnt created. So for now, create it with a touch. | ||||
* | remove references to certmasterd | Adrian Likins | 2008-02-25 | 1 | -6/+3 |
| | |||||
* | Config file tweaks | Michael DeHaan | 2008-02-25 | 3 | -4/+23 |
| |