def run(self): """ naSetup hook. """ randgen = random.SystemRandom() # Create the initial nixAuth CA with a randomly generated password self.ca.fromTemplate('nixAuth Default', "%x" %randgen.getrandbits(256) ) # TODO: Fix these once the SSL libraries are completed # Create SSL key and CSR from lib.ssl import openssl from conf.SSL import CA_Config from data.SSL import CA_Roots config_file = CA_Config.getPath('nixAuth Default') ssl = openssl.OpenSSL() ca_root = CA_Roots.getCARoot(CA_Config.getFSName('nixAuth Default')) key_name = "%s.%s" %(self.na_setup_config['hostName'],self.na_setup_config['dnsDomain']) key_loc = "%s/keys/%s.key" %(ca_root,key_name) key_cmd = "genrsa -config \"%s\" -out \"%s\" 2048 " %(config_file,key_loc) key_info = ssl.runOpenSSL(key_cmd) if key_info['return_value']: raise SSLSetupError('Error creating SSL key: %s' %key_info['stderr']) csr_loc = "%s/keys/%s.%s.csr" %(ca_root,self.na_setup_config['hostName'],self.na_setup_config['dnsDomain']) csr_cmd = "req -config \"%s\" -new -batch -key \"%s\" -out \"%s\"" %(config_file,key_loc,csr_loc) csr_info = ssl.runOpenSSL(csr_cmd) if csr_info['return_value']: raise SSLSetupError('Error creating SSL CSR: %s' %csr_info['stderr']) # Sign the CSR using the CA try: self.ca.signCSR('nixAuthDefault', key_name) except: raise return self.my_na_setup_config_fragment