def main():
cont = 1
ssllog.log.initLog(sslconfig.sslConfig.logFilename, sslconfig.sslConfig.logLevel)
if options.runOnceMode:
ssllog.log.enableLogToConsole()
ssllog.log.main_logger.debug("Starting main()")
sleepInSecs = sslconfig.sslConfig.sleepSecs
sslCertDestinationPath = sslconfig.sslConfig.sslCertDestinationPath
lastTimestamp = sslconfig.sslConfigTimestamp.lastTimestamp
myHostname = socket.gethostname()
ssllog.log.main_logger.info("My hostname: " + myHostname)
datastore = SSLDataStore(sslconfig.sslConfig.databaseHost, \
sslconfig.sslConfig.databaseUser, \
sslconfig.sslConfig.databasePass, \
sslconfig.sslConfig.databaseName)
if not datastore:
ssllog.log.main_logger.critical("Error: Problem connecting to the "\
"database. Exiting!")
exit(2)
#
# Let's see whats changed since we were last here
#
dbConnected = 0
dbSleep = 60
while not dbConnected:
try:
datastore.connect()
except mdb.Error, e:
ssllog.log.main_logger.error("Error: Problem getting current state " \
"from the database. Sleeping for %d before trying again." \
% (dbSleep))
ssllog.log.main_logger.error("Error %d: %s" % (e.args[0],e.args[1]))
time.sleep(dbSleep)
if datastore.con and datastore.con.open:
dbConnected = 1
datastore.cursor = datastore.con.cursor()
# Parse out the starting ss-multicert.conf file into a hash (past
# state)
pastSSLConfigHash = atsParseSSLMultiCertConfig()
# Grab all of the XIDs in the SSL datastore (present state)
originTimestamp = datetime.datetime(1970, 1, 1, 0, 0, 0)
presentSSLConfigHash = sslcertdatabase.getXIDsNewerThanTimestamp(\
datastore, originTimestamp)
else:
ssllog.log.main_logger.error("Error: Problem getting opening " \
"connection to database in order to obtain the current " \
"state from the database. Sleeping for %d before trying again." \
% (dbSleep))
time.sleep(dbSleep)
if thisTimestamp:
lastTimestamp = thisTimestamp
if not sslCertHash:
break
limitStart += 1000
# Write out the new/updated certs we found in the database
ssllog.log.main_logger.debug("- Write certs to filesystem %s" %\
', '.join(['%s' % (key) for key in sslCertHash.keys()]))
sslcertdatabase.writeCertsFromHashOfCerts(sslCertHash, sslCertDestinationPath)
# Now snapshot the entire database and see if there are any
# 'delete's
# Grab all of the XIDs in the SSL datastore (new state)
ssllog.log.main_logger.debug("- Getting a fresh look at the database to see if anything was deleted")
originTimestamp = datetime.datetime(1970, 1, 1, 0, 0, 0)
newSSLConfigHash = sslcertdatabase.getXIDsNewerThanTimestamp(datastore, originTimestamp)
# We've added the new/updated cert files, but before we delete
# any files, lets write out the new ssl-multicert config based on
# the most recent snapshot of the database which includes adds,
# updates and deletes.
#
# Tell traffic_line to trigger a reload of the trafficserver
# config. We can take care of deleting the old files while it is
# coming back up.
ssllog.log.main_logger.debug("- Update trafficserver ssl-multicert")
atsUpdateSSLMultiCertConfigFromConfigHash(newSSLConfigHash, 'w')
atsUpdateRemapConfigFromConfigHash(newSSLConfigHash, 'w')
ssllog.log.main_logger.debug("- Trigger traffic_line to reload config")
atsReloadConfig()