X-Git-Url: https://pwan.org/git/?p=certmaster.git;a=blobdiff_plain;f=scripts%2Fcertmaster-sync;h=8e6db440ed03558485b231e367e98f3164422a8f;hp=fd1db93defa429c4319a06745e08d8f24b72e49c;hb=67e8a55e10f81105cb76e7c1ff9d0615cf97dff5;hpb=5bdd42c1534a196d6be9104543e4a9a9b0442324

diff --git a/scripts/certmaster-sync b/scripts/certmaster-sync
index fd1db93..8e6db44 100644
--- a/scripts/certmaster-sync
+++ b/scripts/certmaster-sync
@@ -7,6 +7,7 @@
 
 import os
 import sys
+import warning
 try:
     import hashlib
 except ImportError:
@@ -16,6 +17,7 @@ except ImportError:
         @staticmethod
         def new(algo):
             if algo == 'sha1':
+                warnings.warn('sha1 is deprecated',DeprecationWarning)
                 return sha.new()
             raise ValueError, "Bad checksum type"
 
@@ -24,9 +26,14 @@ import xmlrpclib
 from glob import glob
 from time import sleep
 from certmaster import certmaster as certmaster
-from func.overlord.client import Client
-from func.CommonErrors import Func_Client_Exception
-import func.jobthing as jobthing
+
+func_import_failure = None
+try:
+    from func.overlord.client import Client
+    from func.CommonErrors import Func_Client_Exception
+    import func.jobthing as jobthing
+except ImportError, e:
+    func_import_failure = str(e)
 
 def syncable(cert_list):
     """
@@ -71,7 +78,7 @@ def remote_peers(hosts):
 
 def local_certs():
     """
-    Returns (hostname, sha1) hash of local certs
+    Returns (hostname, hashval) hash of local certs
     """
     globby = '*.%s' % cm.cfg.cert_extension
     globby = os.path.join(cm.cfg.certroot, globby)
@@ -79,12 +86,13 @@ def local_certs():
     results = []
     for f in files:
         hostname = os.path.basename(f).replace('.' + cm.cfg.cert_extension, '')
-        digest = checksum(f)
-        results.append([hostname, digest])
+        dirname = os.path.dirname(f)
+        digest = checksum(f,cm.cfg.hashfunc)
+        results.append([hostname, digest, dirname])
     return results
 
-def checksum(f):
-    thissum = hashlib.new('sha1')
+def checksum(f,hashfunc):
+    thissum = hashlib.new(hashfunc)
     if os.path.exists(f):
         fo = open(f, 'r')
         data = fo.read()
@@ -119,7 +127,7 @@ def copy_updated_certs(local, remote):
         for cert in local:
             if cert not in peers:
                 cert_name = '%s.%s' % (cert[0], cm.cfg.cert_extension)
-                full_path = os.path.join(cm.cfg.certroot, cert_name)
+                full_path = os.path.join(cert[2], cert_name)
                 fd = open(full_path)
                 certblob = fd.read()
                 fd.close()
@@ -136,6 +144,11 @@ def main():
     if not cm.cfg.sync_certs and not forced:
         sys.exit(0)
 
+    # Don't complain about func not being available until you actually want it
+    if func_import_failure != None:
+        print >> sys.stderr,  "errors importing func: %s" % func_import_failure
+        sys.exit(1)
+
     certs = glob(os.path.join(cm.cfg.certroot,
                               '*.%s' % cm.cfg.cert_extension))
     hosts = syncable(certs)