コード例 #1
0
 def generate_certificate(self, key, commit=False, user=None):
     if user is None:
         # We pick one pseudo-random admin
         assert self.group.admins.exists()
         user = self.group.admins[0]
     if not key:
         # restore stored private key
         key = self.keys.private or self.keys.tinc
         assert key, 'A private key should be provided to generate a certificate.'
     addr = str(self.mgmt_net.addr)
     key = str(key)
     bob = Bob(key=key)
     scr = bob.create_request(Email=user.email, CN=addr)
     signed_cert = self.mgmt_net.sign_cert_request(scr)
     
     # Keep current certificate if node API has been customized
     # (e.g. API delegated to a gateway)
     if commit:
         if self.api is None:
             self.api = NodeApi.objects.create_default(node=self)
         
         # Check if node API base_uri refers node mgmt_net addr
         if url_on_mgmt_net(self.api.base_uri, self.mgmt_net.addr):
             self.api.cert = signed_cert
             self.api.save()
     
     return signed_cert
コード例 #2
0
    def generate_certificate(self, key, commit=False, user=None):
        if user is None:
            # We pick one pseudo-random admin
            assert self.group.admins.exists()
            user = self.group.admins[0]
        if not key:
            # restore stored private key
            key = self.keys.private or self.keys.tinc
            assert key, 'A private key should be provided to generate a certificate.'
        addr = str(self.mgmt_net.addr)
        key = str(key)
        bob = Bob(key=key)
        scr = bob.create_request(Email=user.email, CN=addr)
        signed_cert = self.mgmt_net.sign_cert_request(scr)

        # Keep current certificate if node API has been customized
        # (e.g. API delegated to a gateway)
        if commit:
            if self.api is None:
                self.api = NodeApi.objects.create_default(node=self)

            # Check if node API base_uri refers node mgmt_net addr
            if url_on_mgmt_net(self.api.base_uri, self.mgmt_net.addr):
                self.api.cert = signed_cert
                self.api.save()

        return signed_cert
コード例 #3
0
    def handle(self, *args, **options):
        # TODO correct key file permissions
        override = options.get('override')

        bob = Bob()

        key_path = MAINTENANCE_KEY_PATH
        pub_key_path = MAINTENANCE_PUB_KEY_PATH

        try:
            bob.load_key(key_path)
        except:
            override = True

        if override:
            bob.gen_key()
            self.stdout.write('Writing new key to \'%s\'' %
                              MAINTENANCE_KEY_PATH)
            bob.store_key(MAINTENANCE_KEY_PATH)
            self.stdout.write('Writing new public key to \'%s\'' %
                              MAINTENANCE_PUB_KEY_PATH)
            with open(MAINTENANCE_PUB_KEY_PATH, 'w+') as pub_key_path:
                pub_key_path.write(bob.get_pub_key(format='OpenSSH'))
            return

        self.stdout.write('\nYour keys are already in place.\n'
                          ' Use --override in order to override them.\n\n')
コード例 #4
0
 def generate_key(self, commit=False):
     if self.content_type.model == 'server':
         raise TypeError("Cannot generate_key from a server.")
     bob = Bob()
     bob.gen_key()
     if commit:
         self.pubkey = bob.get_pub_key(format='X.501')
         self.save()
     return bob.get_key(format='X.501')
コード例 #5
0
    def handle(self, *args, **options):
        # TODO correct key file permissions
        override = options.get("override")

        bob = Bob()

        key_path = MAINTENANCE_KEY_PATH
        pub_key_path = MAINTENANCE_PUB_KEY_PATH

        try:
            bob.load_key(key_path)
        except:
            override = True

        if override:
            bob.gen_key()
            self.stdout.write("Writing new key to '%s'" % MAINTENANCE_KEY_PATH)
            bob.store_key(MAINTENANCE_KEY_PATH)
            self.stdout.write("Writing new public key to '%s'" % MAINTENANCE_PUB_KEY_PATH)
            with open(MAINTENANCE_PUB_KEY_PATH, "w+") as pub_key_path:
                pub_key_path.write(bob.get_pub_key(format="OpenSSH"))
            return

        self.stdout.write("\nYour keys are already in place.\n" " Use --override in order to override them.\n\n")