def setup_client(testing=False):
check_dsage_dir()
key_file = os.path.join(DSAGE_DIR, "dsage_key")
if testing:
cmd = ["ssh-keygen", "-q", "-trsa", "-P ''", "-f%s" % key_file]
return
if not cmd_exists("ssh-keygen"):
print DELIMITER
print "Could NOT find ssh-keygen."
print "Aborting."
return
print DELIMITER
print "Generating public/private key pair for authentication..."
print "Your key will be stored in %s/dsage_key" % DSAGE_DIR
print "Just hit enter when prompted for a passphrase"
print DELIMITER
cmd = ["ssh-keygen", "-q", "-trsa", "-f%s" % key_file]
ld = os.environ["LD_LIBRARY_PATH"]
try:
del os.environ["LD_LIBRARY_PATH"]
p = subprocess.call(cmd)
finally:
os.environ["LD_LIBRARY_PATH"] = ld
print "\n"
print "Client configuration finished.\n"
def setup_server(template=None):
check_dsage_dir()
print "Choose a domain name for your SAGE notebook server,"
print "for example, localhost (personal use) or %s (to allow outside connections)." % socket.getfqdn()
dn = raw_input("Domain name [localhost]: ").strip()
if dn == "":
print "Using default localhost"
dn = "localhost"
template_dict = {
"organization": "SAGE (at %s)" % (dn),
"unit": "389",
"locality": None,
"state": "Washington",
"country": "US",
"cn": dn,
"uid": "sage_user",
"dn_oid": None,
"serial": str(random.randint(1, 2 ** 31)),
"dns_name": None,
"crl_dist_points": None,
"ip_address": None,
"expiration_days": 10000,
"email": "*****@*****.**",
"ca": None,
"tls_www_client": None,
"tls_www_server": True,
"signing_key": True,
"encryption_key": True,
}
if isinstance(template, dict):
template_dict.update(template)
s = ""
for key, val in template_dict.iteritems():
if val is None:
continue
if val == True:
w = ""
elif isinstance(val, list):
w = " ".join(['"%s"' % x for x in val])
else:
w = '"%s"' % val
s += "%s = %s \n" % (key, w)
template_file = os.path.join(DSAGE_DIR, "cert.cfg")
f = open(template_file, "w")
f.write(s)
f.close()
# Disable certificate generation -- not used right now anyways
privkey_file = os.path.join(DSAGE_DIR, "cacert.pem")
pubkey_file = os.path.join(DSAGE_DIR, "pubcert.pem")
print DELIMITER
print "Generating SSL certificate for server..."
if False and os.uname()[0] != "Darwin" and cmd_exists("openssl"):
# We use openssl by default if it exists, since it is *vastly*
# faster on Linux.
cmd = ["openssl genrsa > %s" % privkey_file]
print "Using openssl to generate key"
print cmd[0]
subprocess.call(cmd, shell=True)
else:
cmd = ["certtool --generate-privkey --outfile %s" % privkey_file]
print "Using certtool to generate key"
print cmd[0]
# cmd = ['openssl genrsa > %s' % privkey_file]
subprocess.call(cmd, shell=True)
cmd = [
"certtool --generate-self-signed --template %s --load-privkey %s \
--outfile %s"
% (template_file, privkey_file, pubkey_file)
]
subprocess.call(cmd, shell=True)
print DELIMITER
# Set read only permissions on cert
os.chmod(os.path.join(DSAGE_DIR, "cacert.pem"), 0600)
# create database schemas
from sage.dsage.database.db_config import init_db_sa as init_db
Session = init_db(DSAGE_DB)
# add default user
add_default_client(Session)
print "Server configuration finished.\n\n"