openstack/nova
Code Issues Proposed changes

Allow CA code and state to be separated, and make sure CA code gets installed by setup.py install.

Browse Source
This commit is contained in:
Soren Hansen 2011-04-05 11:42:14 +02:00
parent c0a8904508
commit ff23dd2a3b
14 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
MANIFEST.in
View File

@ -1,7 +1,7 @@
include HACKING LICENSE run_tests.py run_tests.sh
include README builddeb.sh exercise_rsapi.py
include ChangeLog MANIFEST.in pylintrc Authors
graft CA
graft nova/CA
graft doc
graft smoketests
graft tools

0
CA/.gitignore → nova/CA/.gitignore vendored
View File

0
CA/geninter.sh → nova/CA/geninter.sh
View File

0
CA/genrootca.sh → nova/CA/genrootca.sh
View File

0
CA/genvpn.sh → nova/CA/genvpn.sh
View File

0
CA/newcerts/.placeholder → nova/CA/newcerts/.placeholder
View File

0
CA/openssl.cnf.tmpl → nova/CA/openssl.cnf.tmpl
View File

0
CA/private/.placeholder → nova/CA/private/.placeholder
View File

0
CA/projects/.gitignore → nova/CA/projects/.gitignore vendored
View File

0
CA/projects/.placeholder → nova/CA/projects/.placeholder
View File

0
CA/reqs/.gitignore → nova/CA/reqs/.gitignore vendored
View File

0
CA/reqs/.placeholder → nova/CA/reqs/.placeholder
View File

8
nova/api/ec2/cloud.py
View File

@ -103,10 +103,16 @@ class CloudController(object):
# Gen root CA, if we don't have one
root_ca_path = os.path.join(FLAGS.ca_path, FLAGS.ca_file)
if not os.path.exists(root_ca_path):
genrootca_sh_path = os.path.join(os.path.dirname(__file__),
os.path.pardir,
os.path.pardir,
'CA',
'genrootca.sh')
start = os.getcwd()
os.chdir(FLAGS.ca_path)
# TODO(vish): Do this with M2Crypto instead
utils.runthis(_("Generating root CA: %s"), "sh", "genrootca.sh")
utils.runthis(_("Generating root CA: %s"), "sh", genrootca_sh_path)
os.chdir(start)
def _get_mpi_data(self, context, project_id):

10
nova/crypto.py
View File

@ -215,9 +215,12 @@ def generate_x509_cert(user_id, project_id, bits=1024):
def _ensure_project_folder(project_id):
if not os.path.exists(ca_path(project_id)):
geninter_sh_path = os.path.join(os.path.dirname(__file__),
'CA',
'geninter.sh')
start = os.getcwd()
os.chdir(ca_folder())
utils.execute('sh', 'geninter.sh', project_id,
utils.execute('sh', geninter_sh_path, project_id,
_project_cert_subject(project_id))
os.chdir(start)
@ -227,13 +230,16 @@ def generate_vpn_files(project_id):
csr_fn = os.path.join(project_folder, "server.csr")
crt_fn = os.path.join(project_folder, "server.crt")
genvpn_sh_path = os.path.join(os.path.dirname(__file__),
'CA',
'geninter.sh')
if os.path.exists(crt_fn):
return
_ensure_project_folder(project_id)
start = os.getcwd()
os.chdir(ca_folder())
# TODO(vish): the shell scripts could all be done in python
utils.execute('sh', 'genvpn.sh',
utils.execute('sh', genvpn_sh_path,
project_id, _vpn_cert_subject(project_id))
with open(csr_fn, "r") as csrfile:
csr_text = csrfile.read()