def remove_stale_certs(local, remote):
"""
For each cert on each remote host, make sure it exists locally.
If not then it has been cleaned locally and needs unlinked
remotely.
"""
local = [foo[0] for foo in local] # don't care about checksums
for host, peers in remote.iteritems():
fc = Client(host)
die = []
for peer in peers:
if peer[0] not in local:
die.append(peer[0])
if die != []:
fc.certifymod.remove_peer_certs(die)
def copy_updated_certs(local, remote):
"""
For each local cert, make sure it exists on the remote with the
correct hash. If not, copy it over!
"""
for host, peers in remote.iteritems():
fc = Client(host)
for cert in local:
if cert not in peers:
cert_name = '%s.%s' % (cert[0], cm.cfg.cert_extension)
full_path = os.path.join(cm.cfg.certroot, cert_name)
fd = open(full_path)
certblob = fd.read()
fd.close()
fc.certifymod.copy_peer_cert(cert[0],
xmlrpclib.Binary(certblob))
def remote_peers(hosts):
"""
Calls out to hosts to collect peer information
"""
fc = Client(';'.join(hosts))
return fc.certifymod.known_peers()
