Trimming more stuff out.
[certmaster.git] / certs / slave-keys.py
1 #!/usr/bin/python -tt
2 # This program is free software; you can redistribute it and/or modify
3 # it under the terms of the GNU General Public License as published by
4 # the Free Software Foundation; either version 2 of the License, or
5 # (at your option) any later version.
6 #
7 # This program is distributed in the hope that it will be useful,
8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 # GNU Library General Public License for more details.
11 #
12 # You should have received a copy of the GNU General Public License
13 # along with this program; if not, write to the Free Software
14 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
15 # Copyright (c) 2007-2008 Red Hat, inc
16 #- Written by Seth Vidal skvidal @ fedoraproject.org
17
18 import sys
19 import os
20 import os.path
21 import xmlrpclib
22 import time
23
24 from exceptions import Exception
25
26 import certmaster.certs
27
28
29 def submit_csr_to_master(csr_file, master_uri):
30 # get csr_file
31 # submit buffer of file content to master_uri.wait_for_cert()
32 # wait for response and return
33 fo = open(csr_file)
34 csr = fo.read()
35 s = xmlrpclib.ServerProxy(master_uri)
36
37 return s.wait_for_cert(csr)
38
39
40
41 def main(cert_dir, master_uri):
42 keypair = None
43 key_file = '%s/slave.pem' % cert_dir
44 csr_file = '%s/slave.csr' % cert_dir
45 cert_file = '%s/slave.cert' % cert_dir
46 ca_cert_file = '%s/ca.cert' % cert_dir
47
48 try:
49 if not os.path.exists(cert_dir):
50 os.makedirs(cert_dir)
51 if not os.path.exists(key_file):
52 keypair = certmaster.certs.make_keypair(dest=key_file)
53 if not os.path.exists(csr_file):
54 if not keypair:
55 keypair = certmaster.certs.retrieve_key_from_file(key_file)
56 csr = certmaster.certs.make_csr(keypair, dest=csr_file)
57 except Exception, e: # need a little more specificity here
58 print e
59 return 1
60
61 result = False
62 while not result:
63 result, cert_string, ca_cert_string = submit_csr_to_master(csr_file, master_uri)
64 print 'looping'
65 time.sleep(10)
66
67
68 if result:
69 cert_fo = open(cert_file, 'w')
70 cert_fo.write(cert_string)
71 cert_fo.close()
72
73 ca_cert_fo = open(ca_cert_file, 'w')
74 ca_cert_fo.write(ca_cert_string)
75 ca_cert_fo.close()
76
77 return 0
78
79
80 if __name__ == "__main__":
81 if len(sys.argv[1:]) > 0:
82 cert_dir = sys.argv[1]
83 else:
84 cert_dir = '/etc/pki/certmaster'
85
86 if len(sys.argv[1:]) > 1:
87 master_uri = sys.argv[2]
88 else:
89 master_uri = 'http://localhost:51235/'
90
91 sys.exit(main(cert_dir, master_uri))
92