def generate_certificate(self, key, commit=False, user=None): if user is None: # We pick one pseudo-random admin assert self.group.admins.exists() user = self.group.admins[0] if not key: # restore stored private key key = self.keys.private or self.keys.tinc assert key, 'A private key should be provided to generate a certificate.' addr = str(self.mgmt_net.addr) key = str(key) bob = Bob(key=key) scr = bob.create_request(Email=user.email, CN=addr) signed_cert = self.mgmt_net.sign_cert_request(scr) # Keep current certificate if node API has been customized # (e.g. API delegated to a gateway) if commit: if self.api is None: self.api = NodeApi.objects.create_default(node=self) # Check if node API base_uri refers node mgmt_net addr if url_on_mgmt_net(self.api.base_uri, self.mgmt_net.addr): self.api.cert = signed_cert self.api.save() return signed_cert
def handle(self, *args, **options): # TODO correct key file permissions override = options.get('override') bob = Bob() key_path = MAINTENANCE_KEY_PATH pub_key_path = MAINTENANCE_PUB_KEY_PATH try: bob.load_key(key_path) except: override = True if override: bob.gen_key() self.stdout.write('Writing new key to \'%s\'' % MAINTENANCE_KEY_PATH) bob.store_key(MAINTENANCE_KEY_PATH) self.stdout.write('Writing new public key to \'%s\'' % MAINTENANCE_PUB_KEY_PATH) with open(MAINTENANCE_PUB_KEY_PATH, 'w+') as pub_key_path: pub_key_path.write(bob.get_pub_key(format='OpenSSH')) return self.stdout.write('\nYour keys are already in place.\n' ' Use --override in order to override them.\n\n')
def generate_key(self, commit=False): if self.content_type.model == 'server': raise TypeError("Cannot generate_key from a server.") bob = Bob() bob.gen_key() if commit: self.pubkey = bob.get_pub_key(format='X.501') self.save() return bob.get_key(format='X.501')
def handle(self, *args, **options): # TODO correct key file permissions override = options.get("override") bob = Bob() key_path = MAINTENANCE_KEY_PATH pub_key_path = MAINTENANCE_PUB_KEY_PATH try: bob.load_key(key_path) except: override = True if override: bob.gen_key() self.stdout.write("Writing new key to '%s'" % MAINTENANCE_KEY_PATH) bob.store_key(MAINTENANCE_KEY_PATH) self.stdout.write("Writing new public key to '%s'" % MAINTENANCE_PUB_KEY_PATH) with open(MAINTENANCE_PUB_KEY_PATH, "w+") as pub_key_path: pub_key_path.write(bob.get_pub_key(format="OpenSSH")) return self.stdout.write("\nYour keys are already in place.\n" " Use --override in order to override them.\n\n")