示例#1
0
def handleRevisionEvent(eventName, host_id, session_id, outputDir):
    """Receives callbacks to add extra information to the config revisions"""

    # Get a list of hosts running the RADIUS service
    radius = getServiceInstance(session_id, radius_service.serviceName)
    hosts = radius.getHostList()

    ca = ccs_ca()

    # Loop through each host and ensure that the certs/ directory is populated
    for host in hosts:
        try:
            # Check basic path existance
            hostdir = "%s/hosts/%s" % (outputDir, host)
            if not os.path.isdir(hostdir):
                # Host does not exist in the revision
                continue
            radiusdir = "%s/radius" % (hostdir)
            if not os.path.isdir(radiusdir):
                log_warn("Host '%s' does not have RADIUS templates!" % host)
                continue
            # Now check for the certs directory and the certificates
            certsdir = "%s/certs" % (radiusdir)
            ensureDirExists(certsdir)
            if not os.path.exists("%s/cacert.pem" % certsdir):
                cacert = ca.getFile("ca/cacert.pem")
                cacerts = ca.getFile("ca/cacerts.pem")
                fp = open("%s/cacert.pem" % certsdir, "w")
                fp.write(cacert)
                fp.write(cacerts)
                fp.close()
            if not os.path.exists("%s/dh" % certsdir):
                fp = open("%s/dh" % certsdir, "w")
                fp.close()
            if not os.path.exists("%s/random" % certsdir):
                log_command("openssl rand -out %s/random 1024" % certsdir)
            if not os.path.exists("%s/radius-key.pem" % certsdir):
                key = ca.getFile("ca/radius-key.pem")
                fp = open("%s/radius-key.pem" % certsdir, "w")
                fp.write(key)
                fp.close()
            if not os.path.exists("%s/radius-cert.pem" % certsdir):
                cert = ca.getFile("ca/radius-cert.pem")
                fp = open("%s/radius-cert.pem" % certsdir, "w")
                fp.write(cert)
                fp.close()
        except:
            log_error("Could not setup RADIUS certificates for %s" % host, \
                    sys.exc_info())
示例#2
0
def ccs_init():
    registerService(radius_service)
    ca = ccs_ca()
    ca.ensureCertificateExists("radius")