def __init__(self, args, module_list=[]):
self.allow_reuse_address = True
self.modules = module_loader.load_modules(module_list=module_list)
#load facts methods
self.fact_methods = load_fact_methods()
self.minion_query = FactsMinion(method_fact_list=self.fact_methods)
XmlRpcInterface.__init__(self)
hn = func_utils.get_hostname_by_route()
if self.config.key_file != '':
self.key = self.config.key_file
else:
# search case-insensitively to find the right key - take the first one - if there are
# more than one differing only by case then the user is going to get 'unique' behavior :)
self.key = func_utils.find_files_by_hostname(
hn, self.cm_config.cert_dir, '.pem')[0]
if self.config.cert_file != '':
self.cert = self.config.cert_file
else:
self.cert = func_utils.find_files_by_hostname(
hn, self.cm_config.cert_dir, '.cert')[0]
if self.config.ca_file != '':
self.ca = self.config.ca_file
else:
self.ca = "%s/ca.cert" % self.cm_config.cert_dir
self._our_ca = certs.retrieve_cert_from_file(self.ca)
self.acls = acls_mod.Acls(config=self.config)
AuthedXMLRPCServer.AuthedSSLXMLRPCServer.__init__(
self, args, self.key, self.cert, self.ca)
def __init__(self, args):
self.allow_reuse_address = True
self.modules = module_loader.load_modules()
#load facts methods
self.fact_methods = load_fact_methods()
self.minion_query = FactsMinion(method_fact_list=self.fact_methods)
XmlRpcInterface.__init__(self)
hn = func_utils.get_hostname_by_route()
if self.config.key_file != '':
self.key = self.config.key_file
else:
self.key = "%s/%s.pem" % (self.cm_config.cert_dir, hn)
if self.config.cert_file != '':
self.cert = self.config.cert_file
else:
self.cert = "%s/%s.cert" % (self.cm_config.cert_dir, hn)
if self.config.ca_file != '':
self.ca = self.config.ca_file
else:
self.ca = "%s/ca.cert" % self.cm_config.cert_dir
self._our_ca = certs.retrieve_cert_from_file(self.ca)
self.acls = acls_mod.Acls(config=self.config)
AuthedXMLRPCServer.AuthedSSLXMLRPCServer.__init__(self, args,
self.key, self.cert,
self.ca)
def __init__(self, args):
self.allow_reuse_address = True
self.modules = module_loader.load_modules()
#load facts methods
self.fact_methods = load_fact_methods()
self.minion_query = FactsMinion(method_fact_list=self.fact_methods)
XmlRpcInterface.__init__(self)
hn = func_utils.get_hostname_by_route()
if self.config.key_file != '':
self.key = self.config.key_file
else:
# search case-insensitively to find the right key - take the first one - if there are
# more than one differing only by case then the user is going to get 'unique' behavior :)
self.key = func_utils.find_files_by_hostname(hn, self.cm_config.cert_dir, '.pem')[0]
if self.config.cert_file != '':
self.cert = self.config.cert_file
else:
self.cert = func_utils.find_files_by_hostname(hn, self.cm_config.cert_dir, '.cert')[0]
if self.config.ca_file != '':
self.ca = self.config.ca_file
else:
self.ca = "%s/ca.cert" % self.cm_config.cert_dir
self._our_ca = certs.retrieve_cert_from_file(self.ca)
self.acls = acls_mod.Acls(config=self.config)
AuthedXMLRPCServer.AuthedSSLXMLRPCServer.__init__(self, args,
self.key, self.cert,
self.ca)
def main(argv):
"""
Start things up.
"""
conf_dir = sys.exec_prefix
sys.excepthook = excepthook
if len(sys.argv) > 1 and sys.argv[1] == "--list-modules":
config = read_config("%s/etc/func/minion.conf" % conf_dir, FuncdConfig)
module_names = module_loader.load_modules(module_list = config.module_list).keys()
module_names.sort()
print "loaded modules:"
for foo in module_names:
print "\t" + foo
sys.exit(0)
if "--version" in sys.argv or "-v" in sys.argv:
print >> sys.stderr, file("%s/etc/func/version" % conf_dir).read().strip()
sys.exit(0)
if "--info" in sys.argv:
server = setup_server()
print 'config:'
for l in str(server.config).split('\n'):
print '\t' + l
print 'server name: %s' % server.server_name
print 'server listen addr: %s:%s' % server.server_address
print 'key file: %s' % server.key
print 'cert file: %s' % server.cert
print 'ca file: %s' % server.ca
cert = certs.retrieve_cert_from_file(server.cert)
print 'cert dn: %s' % cert.get_subject().CN
print 'certificate hash: %s' % cert.subject_name_hash()
print 'modules loaded:'
for mn in sorted(server.modules.keys()):
print '\t' + mn
print 'acls:'
for (host, methods) in server.acls.acls.items():
print '\t' + host + ' : ' + str(methods)
print 'facts:'
for (n, meth) in server.fact_methods.items():
print '\t' + n + ' : ' + meth()
sys.exit(0)
if "daemon" in sys.argv or "--daemon" in sys.argv:
utils.daemonize("%s/var/run/funcd.pid" % conf_dir)
else:
print "serving...\n"
try:
config = read_config("%s/etc/func/minion.conf" % conf_dir, FuncdConfig)
if config.use_certmaster:
hn = func_utils.get_hostname_by_route()
requester.request_cert(hn)
serve()
except codes.FuncException, e:
print >> sys.stderr, 'error: %s' % e
sys.exit(1)
def main(argv):
"""
Start things up.
"""
sys.excepthook = excepthook
if len(sys.argv) > 1 and sys.argv[1] == "--list-modules":
config = read_config("/etc/func/minion.conf", FuncdConfig)
module_names = module_loader.load_modules(
module_list=config.module_list).keys()
module_names.sort()
print "loaded modules:"
for foo in module_names:
print "\t" + foo
sys.exit(0)
if "--version" in sys.argv or "-v" in sys.argv:
print >> sys.stderr, file("/etc/func/version").read().strip()
sys.exit(0)
if "--info" in sys.argv:
server = setup_server()
print 'config:'
for l in str(server.config).split('\n'):
print '\t' + l
print 'server name: %s' % server.server_name
print 'server listen addr: %s:%s' % server.server_address
print 'key file: %s' % server.key
print 'cert file: %s' % server.cert
print 'ca file: %s' % server.ca
cert = certs.retrieve_cert_from_file(server.cert)
print 'cert dn: %s' % cert.get_subject().CN
print 'certificate hash: %s' % cert.subject_name_hash()
print 'modules loaded:'
for mn in sorted(server.modules.keys()):
print '\t' + mn
print 'acls:'
for (host, methods) in server.acls.acls.items():
print '\t' + host + ' : ' + str(methods)
print 'facts:'
for (n, meth) in server.fact_methods.items():
print '\t' + n + ' : ' + meth()
sys.exit(0)
if "daemon" in sys.argv or "--daemon" in sys.argv:
utils.daemonize("/var/run/funcd.pid")
else:
print "serving...\n"
try:
config = read_config("/etc/func/minion.conf", FuncdConfig)
if config.use_certmaster:
hn = func_utils.get_hostname_by_route()
requester.request_cert(hn)
serve()
except codes.FuncException, e:
print >> sys.stderr, 'error: %s' % e
sys.exit(1)
def __init__(self, args):
self.allow_reuse_address = True
self.modules = module_loader.load_modules()
XmlRpcInterface.__init__(self)
hn = utils.get_hostname()
self.key = "%s/%s.pem" % (self.cm_config.cert_dir, hn)
self.cert = "%s/%s.cert" % (self.cm_config.cert_dir, hn)
self.ca = "%s/ca.cert" % self.cm_config.cert_dir
self._our_ca = certs.retrieve_cert_from_file(self.ca)
self.acls = acls_mod.Acls(config=self.config)
AuthedXMLRPCServer.AuthedSSLXMLRPCServer.__init__(
self, ("", 51234), self.key, self.cert, self.ca)
def __init__(self, args):
self.allow_reuse_address = True
self.modules = module_loader.load_modules()
XmlRpcInterface.__init__(self)
hn = utils.get_hostname()
self.key = "%s/%s.pem" % (self.cm_config.cert_dir, hn)
self.cert = "%s/%s.cert" % (self.cm_config.cert_dir, hn)
self.ca = "%s/ca.cert" % self.cm_config.cert_dir
self._our_ca = certs.retrieve_cert_from_file(self.ca)
self.acls = acls_mod.Acls(config=self.config)
AuthedXMLRPCServer.AuthedSSLXMLRPCServer.__init__(self, ("", 51234),
self.key, self.cert,
self.ca)
def do(self, args):
self.server_spec = self.parentCommand.server_spec
self.getOverlord()
print "config:"
for l in str(self.overlord_obj.config).split("\n"):
print "\t" + l
print ""
print "key file: %s" % self.overlord_obj.key
cert = certs.retrieve_cert_from_file(self.overlord_obj.cert)
print "cert file: %s" % self.overlord_obj.cert
print "ca file: %s" % self.overlord_obj.ca
print "cert dn: %s" % cert.get_subject().CN
print "certificate hash: %s" % cert.subject_name_hash()
print "timeout: %s" % self.overlord_obj.timeout
print "forks: %s" % self.overlord_obj.nforks
print "cmd modules loaded:"
for mn in sorted(self.overlord_obj.methods.keys()):
print "\t" + mn
print "minion map:"
print self.overlord_obj.minionmap
def do(self, args):
self.server_spec = self.parentCommand.server_spec
self.getOverlord()
print 'config:'
for l in str(self.overlord_obj.config).split('\n'):
print '\t' + l
print ''
print 'key file: %s' % self.overlord_obj.key
cert = certs.retrieve_cert_from_file(self.overlord_obj.cert)
print 'cert file: %s' % self.overlord_obj.cert
print 'ca file: %s' % self.overlord_obj.ca
print 'cert dn: %s' % cert.get_subject().CN
print 'certificate hash: %s' % cert.subject_name_hash()
print 'timeout: %s' % self.overlord_obj.timeout
print 'forks: %s' % self.overlord_obj.nforks
print 'cmd modules loaded:'
for mn in sorted(self.overlord_obj.methods.keys()):
print '\t' + mn
print 'minion map:'
print self.overlord_obj.minionmap
def __init__(self, args):
self.allow_reuse_address = True
self.modules = module_loader.load_modules()
#load facts methods
self.fact_methods = load_fact_methods()
self.minion_query = FactsMinion(method_fact_list=self.fact_methods)
XmlRpcInterface.__init__(self)
hn = func_utils.get_hostname_by_route()
self.key = "%s/%s.pem" % (self.cm_config.cert_dir, hn)
self.cert = "%s/%s.cert" % (self.cm_config.cert_dir, hn)
self.ca = "%s/ca.cert" % self.cm_config.cert_dir
self._our_ca = certs.retrieve_cert_from_file(self.ca)
self.acls = acls_mod.Acls(config=self.config)
AuthedXMLRPCServer.AuthedSSLXMLRPCServer.__init__(
self, args, self.key, self.cert, self.ca)
from OpenSSL import crypto
from certmaster.certs import make_keypair
from certmaster.certs import make_csr
from certmaster.certs import create_slave_certificate
from certmaster.certs import retrieve_key_from_file
from certmaster.certs import retrieve_cert_from_file
if __name__ == '__main__':
keypair = make_keypair(dest='minion.key')
csr = make_csr(keypair, dest='minion.csr', hostname='ssl.example.com')
cakey = retrieve_key_from_file('ca.key')
cacert = retrieve_cert_from_file('ca.cert')
csrreq = crypto.load_certificate_request(crypto.FILETYPE_PEM,
crypto.dump_certificate_request(crypto.FILETYPE_PEM, csr))
create_slave_certificate(csrreq, cakey, cacert, '', slave_cert_file='minion.cert')
