def Main():
"""Main routine.
"""
opts = ParseOptions()
utils.SetupToolLogging(opts.debug, opts.verbose)
try:
getent = runtime.GetEnts()
data = common.LoadData(sys.stdin.read(), SetupError)
cluster_name = common.VerifyClusterName(data, SetupError,
constants.NDS_CLUSTER_NAME)
cert_pem = common.VerifyCertificateStrong(data, SetupError)
ssdata = VerifySsconf(data, cluster_name)
logging.info("Writing ssconf files ...")
ssconf.WriteSsconfFiles(ssdata, dry_run=opts.dry_run)
logging.info("Writing node daemon certificate ...")
utils.WriteFile(pathutils.NODED_CERT_FILE,
data=cert_pem,
mode=pathutils.NODED_CERT_MODE,
uid=getent.masterd_uid,
gid=getent.masterd_gid,
dry_run=opts.dry_run)
common.GenerateClientCertificate(data, SetupError)
if (data.get(constants.NDS_START_NODE_DAEMON) and # pylint: disable=E1103
not opts.dry_run):
logging.info("Restarting node daemon ...")
stop_cmd = "%s stop-all" % pathutils.DAEMON_UTIL
noded_cmd = "%s start %s" % (pathutils.DAEMON_UTIL,
constants.NODED)
mond_cmd = ""
if constants.ENABLE_MOND:
mond_cmd = "%s start %s" % (pathutils.DAEMON_UTIL,
constants.MOND)
cmd = "; ".join([stop_cmd, noded_cmd, mond_cmd])
result = utils.RunCmd(cmd, interactive=True)
if result.failed:
raise SetupError(
"Could not start the node daemons, command '%s'"
" failed: %s" % (result.cmd, result.fail_reason))
logging.info("Node daemon successfully configured")
except Exception as err: # pylint: disable=W0703
logging.debug("Caught unhandled exception", exc_info=True)
(retcode, message) = cli.FormatError(err)
logging.error(message)
return retcode
else:
return constants.EXIT_SUCCESS
def testRegnerateClientCertificate(self):
my_node_name = "mynode.example.com"
data = {constants.NDS_CLUSTER_NAME: "winnie_poohs_cluster",
constants.NDS_NODE_DAEMON_CERTIFICATE: "some_cert",
constants.NDS_NODE_NAME: my_node_name}
common.GenerateClientCertificate(data, Exception,
client_cert=self.client_cert,
signing_cert=self.server_cert)
client_cert_pem = utils.ReadFile(self.client_cert)
server_cert_pem = utils.ReadFile(self.server_cert)
client_cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
client_cert_pem)
signing_cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
server_cert_pem)
self.assertEqual(client_cert.get_issuer().CN, signing_cert.get_subject().CN)
self.assertEqual(client_cert.get_subject().CN, my_node_name)
def Main():
"""Main routine.
"""
opts = ParseOptions()
utils.SetupToolLogging(opts.debug, opts.verbose)
try:
data = common.LoadData(sys.stdin.read(), _DATA_CHECK)
common.VerifyClusterName(data, SslSetupError,
constants.NDS_CLUSTER_NAME)
# Verifies whether the server certificate of the caller
# is the same as on this node.
common.VerifyCertificateStrong(data, SslSetupError)
action = data.get(constants.NDS_ACTION)
if not action:
raise SslSetupError("No Action specified.")
if action == constants.CRYPTO_ACTION_CREATE:
common.GenerateClientCertificate(data, SslSetupError)
elif action == constants.CRYPTO_ACTION_DELETE:
DeleteClientCertificate()
ClearMasterCandidateSsconfList()
else:
raise SslSetupError("Unsupported action: %s." % action)
except Exception as err: # pylint: disable=W0703
logging.debug("Caught unhandled exception", exc_info=True)
(retcode, message) = cli.FormatError(err)
logging.error(message)
return retcode
else:
return constants.EXIT_SUCCESS