projects
/
certmaster.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
BATS fell down pushing a process into the background, so I switched to shunit2 /...
[certmaster.git]
/
scripts
/
certmaster-ca
diff --git
a/scripts/certmaster-ca
b/scripts/certmaster-ca
index
7f8f967
..
75bfad3
100755
(executable)
--- a/
scripts/certmaster-ca
+++ b/
scripts/certmaster-ca
@@
-15,15
+15,12
@@
import certmaster
import certmaster.certs
import certmaster.certmaster
import certmaster.certs
import certmaster.certmaster
-
-
-
def errorprint(stuff):
print >> sys.stderr, stuff
class CertmasterCAOptionParser(optparse.OptionParser):
def get_version(self):
def errorprint(stuff):
print >> sys.stderr, stuff
class CertmasterCAOptionParser(optparse.OptionParser):
def get_version(self):
- return file("/etc/
func
/version").read().strip()
+ return file("/etc/
certmaster
/version").read().strip()
def parseargs(args):
usage = 'certmaster-ca <option> [args]'
def parseargs(args):
usage = 'certmaster-ca <option> [args]'
@@
-62,9
+59,15
@@
def main(args):
(opts, args) = parseargs(args)
(opts, args) = parseargs(args)
+ ## Check that the ca option matches a configured ca
+ try:
+ certauth = cm.cfg.ca[opts.ca]
+ except:
+ errorprint("Unknown ca %s: check /etc/certmaster.cfg" % opts.ca)
+ return 1
if opts.list:
if opts.list:
- hns = cm.get_csrs_waiting(c
a=opts.ca
)
+ hns = cm.get_csrs_waiting(c
ertauth
)
if hns:
for hn in sorted(hns):
print hn
if hns:
for hn in sorted(hns):
print hn
@@
-79,14
+82,14
@@
def main(args):
return 1
for hn in args:
return 1
for hn in args:
- csrglob = '%s/%s.csr' % (c
m.cfg.cas[opts.ca]['csrroot']
, hn)
+ csrglob = '%s/%s.csr' % (c
ertauth.csrroot
, hn)
csrs = glob.glob(csrglob)
if not csrs:
errorprint('No match for %s to sign' % hn)
return 1
for fn in csrs:
csrs = glob.glob(csrglob)
if not csrs:
errorprint('No match for %s to sign' % hn)
return 1
for fn in csrs:
- certfile = cm.sign_this_csr(fn, c
a=opts.ca
)
+ certfile = cm.sign_this_csr(fn, c
ertauth
)
print '%s signed - cert located at %s' % (fn, certfile)
return 0
print '%s signed - cert located at %s' % (fn, certfile)
return 0
@@
-96,7
+99,7
@@
def main(args):
return 1
for hn in args:
return 1
for hn in args:
- cm.remove_this_cert(hn, c
a=opts.ca
)
+ cm.remove_this_cert(hn, c
ertauth
)
return 0
return 0
@@
-105,7
+108,7
@@
def main(args):
if args:
hostglobs = args
if args:
hostglobs = args
- signed_certs = cm.get_signed_certs(
args, ca=opts.ca
)
+ signed_certs = cm.get_signed_certs(
certauth, args
)
for i in sorted(signed_certs):
print i
for i in sorted(signed_certs):
print i
@@
-117,7
+120,7
@@
def main(args):
if args:
hostglobs = args
if args:
hostglobs = args
- cert_hashes = cm.get_cert_hashes(
hostglobs, ca=opts.ca
)
+ cert_hashes = cm.get_cert_hashes(
certauth, hostglobs
)
for i in sorted(cert_hashes):
print i
for i in sorted(cert_hashes):
print i