and pass it to the triggers
This could potentially break some existing triggers if they dont expect
and argument. However, it's documented that they should expect a
name argument, they just weren't ever getting one until now.
requesting_host = self._sanitize_cn(csrreq.get_subject().CN)
if with_triggers:
requesting_host = self._sanitize_cn(csrreq.get_subject().CN)
if with_triggers:
- self._run_triggers(None, '/var/lib/certmaster/triggers/request/pre/*')
+ self._run_triggers(requesting_host, '/var/lib/certmaster/triggers/request/pre/*')
self.logger.info("%s requested signing of cert %s" % (requesting_host,csrreq.get_subject().CN))
# get rid of dodgy characters in the filename we're about to make
self.logger.info("%s requested signing of cert %s" % (requesting_host,csrreq.get_subject().CN))
# get rid of dodgy characters in the filename we're about to make
cert_buf = crypto.dump_certificate(crypto.FILETYPE_PEM, slavecert)
cacert_buf = crypto.dump_certificate(crypto.FILETYPE_PEM, self.cacert)
if with_triggers:
cert_buf = crypto.dump_certificate(crypto.FILETYPE_PEM, slavecert)
cacert_buf = crypto.dump_certificate(crypto.FILETYPE_PEM, self.cacert)
if with_triggers:
- self._run_triggers(None,'/var/lib/certmaster/triggers/request/post/*')
+ self._run_triggers(requesting_host,'/var/lib/certmaster/triggers/request/post/*')
return True, cert_buf, cacert_buf
# if we don't have a cert then:
return True, cert_buf, cacert_buf
# if we don't have a cert then:
print 'No match for %s to clean up' % hn
return
if with_triggers:
print 'No match for %s to clean up' % hn
return
if with_triggers:
- self._run_triggers(None,'/var/lib/certmaster/triggers/remove/pre/*')
+ self._run_triggers(hn,'/var/lib/certmaster/triggers/remove/pre/*')
for fn in csrs + certs:
print 'Cleaning out %s for host matching %s' % (fn, hn)
self.logger.info('Cleaning out %s for host matching %s' % (fn, hn))
os.unlink(fn)
if with_triggers:
for fn in csrs + certs:
print 'Cleaning out %s for host matching %s' % (fn, hn)
self.logger.info('Cleaning out %s for host matching %s' % (fn, hn))
os.unlink(fn)
if with_triggers:
- self._run_triggers(None,'/var/lib/certmaster/triggers/remove/post/*')
+ self._run_triggers(hn,'/var/lib/certmaster/triggers/remove/post/*')
def sign_this_csr(self, csr, with_triggers=True):
"""returns the path to the signed cert file"""
def sign_this_csr(self, csr, with_triggers=True):
"""returns the path to the signed cert file"""
else: # assume we got a bare csr req
csrreq = csr
else: # assume we got a bare csr req
csrreq = csr
+
+ requesting_host = self._sanitize_cn(csrreq.get_subject().CN)
- self._run_triggers(None,'/var/lib/certmaster/triggers/sign/pre/*')
+ self._run_triggers(requesting_host,'/var/lib/certmaster/triggers/sign/pre/*')
requesting_host = self._sanitize_cn(csrreq.get_subject().CN)
requesting_host = self._sanitize_cn(csrreq.get_subject().CN)
self.logger.info("csr %s signed" % (certfile))
if with_triggers:
self.logger.info("csr %s signed" % (certfile))
if with_triggers:
- self._run_triggers(None,'/var/lib/certmaster/triggers/sign/post/*')
+ self._run_triggers(requesting_host,'/var/lib/certmaster/triggers/sign/post/*')
if csr_unlink_file and os.path.exists(csr_unlink_file):
if csr_unlink_file and os.path.exists(csr_unlink_file):
# in the triggers directory
continue
if ref:
# in the triggers directory
continue
if ref:
- rc = sub_process.call([file, ref.name], shell=False)
+ rc = sub_process.call([file, ref], shell=False)
else:
rc = sub_process.call([file], shell=False)
except:
else:
rc = sub_process.call([file], shell=False)
except: