x/tatu
Code Issues Proposed changes

Corrected certificate generation.

Browse Source
This commit is contained in:
Pino de Candia 2017-11-21 22:54:18 +00:00
parent d6f4f557ac
commit 21040b39b8
2 changed files with 5 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
scripts/get_user_cert.py
View File

@ -13,10 +13,6 @@ keytxt = key.exportKey('PEM')
pubkeytxt = key.publickey().exportKey('OpenSSH') pubkeytxt = key.publickey().exportKey('OpenSSH')
server = 'http://127.0.0.1:18321' server = 'http://127.0.0.1:18321'
with open('/etc/ssh/ssh_host_rsa_key.pub', 'r') as f:
host_key_pub = f.read()
user = { user = {
'user_id': user_id, 'user_id': user_id,
'auth_id': auth_id, 'auth_id': auth_id,
@ -49,6 +45,7 @@ with open(keyfile + '_user_id', 'w') as f:
# Write the user private key # Write the user private key
with open(keyfile, 'w') as f: with open(keyfile, 'w') as f:
f.write(keytxt) f.write(keytxt)
os.chmod(keyfile, 0600)
# Write the user public key # Write the user public key
with open(keyfile + '.pub', 'w') as f: with open(keyfile + '.pub', 'w') as f:

8
tatu/utils.py
View File

@ -20,12 +20,12 @@ def generateCert(auth_key, entity_key, hostname=None, principals='root'):
text_file.write(auth_key) text_file.write(auth_key)
with open(pub_file, "w", 0o644) as text_file: with open(pub_file, "w", 0o644) as text_file:
text_file.write(entity_key) text_file.write(entity_key)
args = ['ssh-keygen', '-P "pinot"', '-s', ca_file, '-I testID', '-V', args = ['ssh-keygen', '-s', ca_file, '-I', 'testID', '-V',
'-1d:+365d', '-n'] '-1d:+365d']
if hostname is None: if hostname is None:
args.extend(['"' + principals + '"', pub_file]) args.extend(['-n', principals, pub_file])
else: else:
args.extend([hostname, '-h', pub_file]) args.extend(['-h', pub_file])
print subprocess.check_output(args, stderr=subprocess.STDOUT) print subprocess.check_output(args, stderr=subprocess.STDOUT)
# Read the contents of the certificate file # Read the contents of the certificate file
cert = '' cert = ''