def __init__(self, args, module_list=[]): self.allow_reuse_address = True self.modules = module_loader.load_modules(module_list=module_list) #load facts methods self.fact_methods = load_fact_methods() self.minion_query = FactsMinion(method_fact_list=self.fact_methods) XmlRpcInterface.__init__(self) hn = func_utils.get_hostname_by_route() if self.config.key_file != '': self.key = self.config.key_file else: # search case-insensitively to find the right key - take the first one - if there are # more than one differing only by case then the user is going to get 'unique' behavior :) self.key = func_utils.find_files_by_hostname( hn, self.cm_config.cert_dir, '.pem')[0] if self.config.cert_file != '': self.cert = self.config.cert_file else: self.cert = func_utils.find_files_by_hostname( hn, self.cm_config.cert_dir, '.cert')[0] if self.config.ca_file != '': self.ca = self.config.ca_file else: self.ca = "%s/ca.cert" % self.cm_config.cert_dir self._our_ca = certs.retrieve_cert_from_file(self.ca) self.acls = acls_mod.Acls(config=self.config) AuthedXMLRPCServer.AuthedSSLXMLRPCServer.__init__( self, args, self.key, self.cert, self.ca)
def __init__(self, args): self.allow_reuse_address = True self.modules = module_loader.load_modules() #load facts methods self.fact_methods = load_fact_methods() self.minion_query = FactsMinion(method_fact_list=self.fact_methods) XmlRpcInterface.__init__(self) hn = func_utils.get_hostname_by_route() if self.config.key_file != '': self.key = self.config.key_file else: self.key = "%s/%s.pem" % (self.cm_config.cert_dir, hn) if self.config.cert_file != '': self.cert = self.config.cert_file else: self.cert = "%s/%s.cert" % (self.cm_config.cert_dir, hn) if self.config.ca_file != '': self.ca = self.config.ca_file else: self.ca = "%s/ca.cert" % self.cm_config.cert_dir self._our_ca = certs.retrieve_cert_from_file(self.ca) self.acls = acls_mod.Acls(config=self.config) AuthedXMLRPCServer.AuthedSSLXMLRPCServer.__init__(self, args, self.key, self.cert, self.ca)
def __init__(self, args): self.allow_reuse_address = True self.modules = module_loader.load_modules() #load facts methods self.fact_methods = load_fact_methods() self.minion_query = FactsMinion(method_fact_list=self.fact_methods) XmlRpcInterface.__init__(self) hn = func_utils.get_hostname_by_route() if self.config.key_file != '': self.key = self.config.key_file else: # search case-insensitively to find the right key - take the first one - if there are # more than one differing only by case then the user is going to get 'unique' behavior :) self.key = func_utils.find_files_by_hostname(hn, self.cm_config.cert_dir, '.pem')[0] if self.config.cert_file != '': self.cert = self.config.cert_file else: self.cert = func_utils.find_files_by_hostname(hn, self.cm_config.cert_dir, '.cert')[0] if self.config.ca_file != '': self.ca = self.config.ca_file else: self.ca = "%s/ca.cert" % self.cm_config.cert_dir self._our_ca = certs.retrieve_cert_from_file(self.ca) self.acls = acls_mod.Acls(config=self.config) AuthedXMLRPCServer.AuthedSSLXMLRPCServer.__init__(self, args, self.key, self.cert, self.ca)
def main(argv): """ Start things up. """ conf_dir = sys.exec_prefix sys.excepthook = excepthook if len(sys.argv) > 1 and sys.argv[1] == "--list-modules": config = read_config("%s/etc/func/minion.conf" % conf_dir, FuncdConfig) module_names = module_loader.load_modules(module_list = config.module_list).keys() module_names.sort() print "loaded modules:" for foo in module_names: print "\t" + foo sys.exit(0) if "--version" in sys.argv or "-v" in sys.argv: print >> sys.stderr, file("%s/etc/func/version" % conf_dir).read().strip() sys.exit(0) if "--info" in sys.argv: server = setup_server() print 'config:' for l in str(server.config).split('\n'): print '\t' + l print 'server name: %s' % server.server_name print 'server listen addr: %s:%s' % server.server_address print 'key file: %s' % server.key print 'cert file: %s' % server.cert print 'ca file: %s' % server.ca cert = certs.retrieve_cert_from_file(server.cert) print 'cert dn: %s' % cert.get_subject().CN print 'certificate hash: %s' % cert.subject_name_hash() print 'modules loaded:' for mn in sorted(server.modules.keys()): print '\t' + mn print 'acls:' for (host, methods) in server.acls.acls.items(): print '\t' + host + ' : ' + str(methods) print 'facts:' for (n, meth) in server.fact_methods.items(): print '\t' + n + ' : ' + meth() sys.exit(0) if "daemon" in sys.argv or "--daemon" in sys.argv: utils.daemonize("%s/var/run/funcd.pid" % conf_dir) else: print "serving...\n" try: config = read_config("%s/etc/func/minion.conf" % conf_dir, FuncdConfig) if config.use_certmaster: hn = func_utils.get_hostname_by_route() requester.request_cert(hn) serve() except codes.FuncException, e: print >> sys.stderr, 'error: %s' % e sys.exit(1)
def main(argv): """ Start things up. """ sys.excepthook = excepthook if len(sys.argv) > 1 and sys.argv[1] == "--list-modules": config = read_config("/etc/func/minion.conf", FuncdConfig) module_names = module_loader.load_modules( module_list=config.module_list).keys() module_names.sort() print "loaded modules:" for foo in module_names: print "\t" + foo sys.exit(0) if "--version" in sys.argv or "-v" in sys.argv: print >> sys.stderr, file("/etc/func/version").read().strip() sys.exit(0) if "--info" in sys.argv: server = setup_server() print 'config:' for l in str(server.config).split('\n'): print '\t' + l print 'server name: %s' % server.server_name print 'server listen addr: %s:%s' % server.server_address print 'key file: %s' % server.key print 'cert file: %s' % server.cert print 'ca file: %s' % server.ca cert = certs.retrieve_cert_from_file(server.cert) print 'cert dn: %s' % cert.get_subject().CN print 'certificate hash: %s' % cert.subject_name_hash() print 'modules loaded:' for mn in sorted(server.modules.keys()): print '\t' + mn print 'acls:' for (host, methods) in server.acls.acls.items(): print '\t' + host + ' : ' + str(methods) print 'facts:' for (n, meth) in server.fact_methods.items(): print '\t' + n + ' : ' + meth() sys.exit(0) if "daemon" in sys.argv or "--daemon" in sys.argv: utils.daemonize("/var/run/funcd.pid") else: print "serving...\n" try: config = read_config("/etc/func/minion.conf", FuncdConfig) if config.use_certmaster: hn = func_utils.get_hostname_by_route() requester.request_cert(hn) serve() except codes.FuncException, e: print >> sys.stderr, 'error: %s' % e sys.exit(1)
def __init__(self, args): self.allow_reuse_address = True self.modules = module_loader.load_modules() XmlRpcInterface.__init__(self) hn = utils.get_hostname() self.key = "%s/%s.pem" % (self.cm_config.cert_dir, hn) self.cert = "%s/%s.cert" % (self.cm_config.cert_dir, hn) self.ca = "%s/ca.cert" % self.cm_config.cert_dir self._our_ca = certs.retrieve_cert_from_file(self.ca) self.acls = acls_mod.Acls(config=self.config) AuthedXMLRPCServer.AuthedSSLXMLRPCServer.__init__( self, ("", 51234), self.key, self.cert, self.ca)
def __init__(self, args): self.allow_reuse_address = True self.modules = module_loader.load_modules() XmlRpcInterface.__init__(self) hn = utils.get_hostname() self.key = "%s/%s.pem" % (self.cm_config.cert_dir, hn) self.cert = "%s/%s.cert" % (self.cm_config.cert_dir, hn) self.ca = "%s/ca.cert" % self.cm_config.cert_dir self._our_ca = certs.retrieve_cert_from_file(self.ca) self.acls = acls_mod.Acls(config=self.config) AuthedXMLRPCServer.AuthedSSLXMLRPCServer.__init__(self, ("", 51234), self.key, self.cert, self.ca)
def do(self, args): self.server_spec = self.parentCommand.server_spec self.getOverlord() print "config:" for l in str(self.overlord_obj.config).split("\n"): print "\t" + l print "" print "key file: %s" % self.overlord_obj.key cert = certs.retrieve_cert_from_file(self.overlord_obj.cert) print "cert file: %s" % self.overlord_obj.cert print "ca file: %s" % self.overlord_obj.ca print "cert dn: %s" % cert.get_subject().CN print "certificate hash: %s" % cert.subject_name_hash() print "timeout: %s" % self.overlord_obj.timeout print "forks: %s" % self.overlord_obj.nforks print "cmd modules loaded:" for mn in sorted(self.overlord_obj.methods.keys()): print "\t" + mn print "minion map:" print self.overlord_obj.minionmap
def do(self, args): self.server_spec = self.parentCommand.server_spec self.getOverlord() print 'config:' for l in str(self.overlord_obj.config).split('\n'): print '\t' + l print '' print 'key file: %s' % self.overlord_obj.key cert = certs.retrieve_cert_from_file(self.overlord_obj.cert) print 'cert file: %s' % self.overlord_obj.cert print 'ca file: %s' % self.overlord_obj.ca print 'cert dn: %s' % cert.get_subject().CN print 'certificate hash: %s' % cert.subject_name_hash() print 'timeout: %s' % self.overlord_obj.timeout print 'forks: %s' % self.overlord_obj.nforks print 'cmd modules loaded:' for mn in sorted(self.overlord_obj.methods.keys()): print '\t' + mn print 'minion map:' print self.overlord_obj.minionmap
def __init__(self, args): self.allow_reuse_address = True self.modules = module_loader.load_modules() #load facts methods self.fact_methods = load_fact_methods() self.minion_query = FactsMinion(method_fact_list=self.fact_methods) XmlRpcInterface.__init__(self) hn = func_utils.get_hostname_by_route() self.key = "%s/%s.pem" % (self.cm_config.cert_dir, hn) self.cert = "%s/%s.cert" % (self.cm_config.cert_dir, hn) self.ca = "%s/ca.cert" % self.cm_config.cert_dir self._our_ca = certs.retrieve_cert_from_file(self.ca) self.acls = acls_mod.Acls(config=self.config) AuthedXMLRPCServer.AuthedSSLXMLRPCServer.__init__( self, args, self.key, self.cert, self.ca)
from OpenSSL import crypto from certmaster.certs import make_keypair from certmaster.certs import make_csr from certmaster.certs import create_slave_certificate from certmaster.certs import retrieve_key_from_file from certmaster.certs import retrieve_cert_from_file if __name__ == '__main__': keypair = make_keypair(dest='minion.key') csr = make_csr(keypair, dest='minion.csr', hostname='ssl.example.com') cakey = retrieve_key_from_file('ca.key') cacert = retrieve_cert_from_file('ca.cert') csrreq = crypto.load_certificate_request(crypto.FILETYPE_PEM, crypto.dump_certificate_request(crypto.FILETYPE_PEM, csr)) create_slave_certificate(csrreq, cakey, cacert, '', slave_cert_file='minion.cert')