Changes to allow us to specify the hostname we want to use for cert creation,

instead of grabbing it deep down in the code. This change is mostly to allow
us to use the get_hostname_by_route function from func in funcd.

diff --git a/certmaster/certs.py b/certmaster/certs.py
index 8a1db3a..554822e 100644 (file)
--- a/certmaster/certs.py
+++ b/certmaster/certs.py
@@ -37,7 +37,7 @@ def make_keypair(dest=None):
     return pkey
 
 
-def make_csr(pkey, dest=None, cn=None):
+def make_csr(pkey, dest=None, cn=None, hostname=None):
     req = crypto.X509Req()
     req.get_subject()
     subj  = req.get_subject()
@@ -48,8 +48,11 @@ def make_csr(pkey, dest=None, cn=None):
     subj.OU = def_ou
     if cn:
         subj.CN = cn
+    elif hostname:
+        subj.CN = hostname
     else:
-        subj.CN = utils.get_hostname() 
+        subj.CN = utils.gethostname()
+
     subj.emailAddress = 'root@%s' % subj.CN       
         
     req.set_pubkey(pkey)

diff --git a/certmaster/requester.py b/certmaster/requester.py
index a67bee6..04f1f8a 100644 (file)
--- a/certmaster/requester.py
+++ b/certmaster/requester.py
@@ -15,8 +15,8 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
 import utils
 
-def request_cert():
+def request_cert(hostname=None):
    # this should be enough, but do we want to allow parameters
    # for overriding the server and port from the config file?
    # maybe not. -- mpd
-   utils.create_minion_keys()
+   utils.create_minion_keys(hostname)

diff --git a/certmaster/utils.py b/certmaster/utils.py
index 58bf0db..6f73ccc 100644 (file)
--- a/certmaster/utils.py
+++ b/certmaster/utils.py
@@ -122,15 +122,18 @@ def get_hostname(talk_to_certmaster=True):
 # FIXME: move to requestor module and also create a verbose mode
 # prints to the screen for usage by /usr/bin/certmaster-request
 
-def create_minion_keys():
+def create_minion_keys(hostname=None):
+    log = logger.Logger().logger
+
     # FIXME: paths should not be hard coded here, move to settings universally
     config_file = '/etc/certmaster/minion.conf'
     config = read_config(config_file, MinionConfig)
     cert_dir = config.cert_dir
     master_uri = 'http://%s:%s/' % (config.certmaster, config.certmaster_port)
-    # print "DEBUG: acquiring hostname"
-    hn = get_hostname()
-    # print "DEBUG: hostname = %s\n" % hn
+
+    hn = hostname
+    if hn is None:
+        hn = get_hostname()
 
     if hn is None:
         raise codes.CMException("Could not determine a hostname other than localhost")
@@ -154,17 +157,17 @@ def create_minion_keys():
         if not os.path.exists(csr_file):
             if not keypair:
                 keypair = certs.retrieve_key_from_file(key_file)
-            csr = certs.make_csr(keypair, dest=csr_file)
+            csr = certs.make_csr(keypair, dest=csr_file, hostname=hn)
     except Exception, e:
         traceback.print_exc()
         raise codes.CMException, "Could not create local keypair or csr for session"
 
     result = False
-    log = logger.Logger().logger
+   
     while not result:
         try:
             # print "DEBUG: submitting CSR to certmaster: %s" % master_uri
-            log.debug("submitting CSR to certmaster %s" % master_uri)
+            log.debug("submitting CSR: %s  to certmaster %s" % (csr_file, master_uri))
             result, cert_string, ca_cert_string = submit_csr_to_master(csr_file, master_uri)
         except socket.gaierror, e:
             raise codes.CMException, "Could not locate certmaster at %s" % master_uri