def handleRevisionEvent(eventName, host_id, session_id, outputDir):
"""Receives callbacks to add extra information to the config revisions"""
# Get a list of hosts running the RADIUS service
radius = getServiceInstance(session_id, radius_service.serviceName)
hosts = radius.getHostList()
ca = ccs_ca()
# Loop through each host and ensure that the certs/ directory is populated
for host in hosts:
try:
# Check basic path existance
hostdir = "%s/hosts/%s" % (outputDir, host)
if not os.path.isdir(hostdir):
# Host does not exist in the revision
continue
radiusdir = "%s/radius" % (hostdir)
if not os.path.isdir(radiusdir):
log_warn("Host '%s' does not have RADIUS templates!" % host)
continue
# Now check for the certs directory and the certificates
certsdir = "%s/certs" % (radiusdir)
ensureDirExists(certsdir)
if not os.path.exists("%s/cacert.pem" % certsdir):
cacert = ca.getFile("ca/cacert.pem")
cacerts = ca.getFile("ca/cacerts.pem")
fp = open("%s/cacert.pem" % certsdir, "w")
fp.write(cacert)
fp.write(cacerts)
fp.close()
if not os.path.exists("%s/dh" % certsdir):
fp = open("%s/dh" % certsdir, "w")
fp.close()
if not os.path.exists("%s/random" % certsdir):
log_command("openssl rand -out %s/random 1024" % certsdir)
if not os.path.exists("%s/radius-key.pem" % certsdir):
key = ca.getFile("ca/radius-key.pem")
fp = open("%s/radius-key.pem" % certsdir, "w")
fp.write(key)
fp.close()
if not os.path.exists("%s/radius-cert.pem" % certsdir):
cert = ca.getFile("ca/radius-cert.pem")
fp = open("%s/radius-cert.pem" % certsdir, "w")
fp.write(cert)
fp.close()
except:
log_error("Could not setup RADIUS certificates for %s" % host, \
sys.exc_info())
def ccs_init():
registerService(radius_service)
ca = ccs_ca()
ca.ensureCertificateExists("radius")