X-Git-Url: https://pwan.org/git/?p=certmaster.git;a=blobdiff_plain;f=certmaster%2Futils.py;h=e348ec492b5e37c743eba7913249eda6ad9efdf9;hp=b135e7d45c33c48edfd29ba6312b6d100f896452;hb=240ba9b7e2ee00a8f6014c7d597a5afd1f96249c;hpb=d7a437a33c7767917fdc963953a39286a01db696

diff --git a/certmaster/utils.py b/certmaster/utils.py
index b135e7d..e348ec4 100644
--- a/certmaster/utils.py
+++ b/certmaster/utils.py
@@ -28,7 +28,6 @@ import sub_process
 
 # FIXME: module needs better pydoc
 
-
 # FIXME: can remove this constant?
 REMOTE_ERROR = "REMOTE_ERROR"
 
@@ -38,9 +37,6 @@ if (hasattr(os, "devnull")):
 else:
     REDIRECT_TO = "/dev/null"
 
-
-
-
 def trace_me():
     x = traceback.extract_stack()
     bar = string.join(traceback.format_list(x))
@@ -122,13 +118,20 @@ def get_hostname(talk_to_certmaster=True):
 # FIXME: move to requestor module and also create a verbose mode
 # prints to the screen for usage by /usr/bin/certmaster-request
 
-def create_minion_keys(hostname=None):
+def create_minion_keys(hostname=None, ca_name=''):
     log = logger.Logger().logger
 
     # FIXME: paths should not be hard coded here, move to settings universally
     config_file = '/etc/certmaster/minion.conf'
     config = read_config(config_file, MinionConfig)
-    cert_dir = config.cert_dir
+
+    try:
+        certauth=config.ca[ca_name]
+    except:
+        raise codes.CMException("Unknown cert authority: %s" % ca_name)
+
+    cert_dir = certauth.cert_dir
+        
     master_uri = 'http://%s:%s/' % (config.certmaster, config.certmaster_port)
 
     hn = hostname
@@ -146,7 +149,6 @@ def create_minion_keys(hostname=None):
     cert_file = '%s/%s.cert' % (cert_dir, hn)
     ca_cert_file = '%s/ca.cert' % cert_dir
 
-
     if os.path.exists(cert_file) and os.path.exists(ca_cert_file):
         # print "DEBUG: err, no cert_file"
         return
@@ -171,7 +173,7 @@ def create_minion_keys(hostname=None):
         try:
             # print "DEBUG: submitting CSR to certmaster: %s" % master_uri
             log.debug("submitting CSR: %s  to certmaster %s" % (csr_file, master_uri))
-            result, cert_string, ca_cert_string = submit_csr_to_master(csr_file, master_uri)
+            result, cert_string, ca_cert_string = submit_csr_to_master(csr_file, master_uri, ca_name)
         except socket.error, e:
             log.warning("Could not locate certmaster at %s" % master_uri)
 
@@ -231,7 +233,7 @@ def run_triggers(ref, globber):
             raise codes.CMException, "certmaster trigger failed: %(file)s returns %(code)d" % { "file" : file, "code" : rc }
 
 
-def submit_csr_to_master(csr_file, master_uri):
+def submit_csr_to_master(csr_file, master_uri, ca_name=''):
     """"
     gets us our cert back from the certmaster.wait_for_cert() method
     takes csr_file as path location and master_uri
@@ -243,4 +245,4 @@ def submit_csr_to_master(csr_file, master_uri):
     s = xmlrpclib.ServerProxy(master_uri)
 
     # print "DEBUG: waiting for cert"
-    return s.wait_for_cert(csr)
+    return s.wait_for_cert(csr,ca_name)