* Change files to use 4-space indents and no hard tab characters.
* Trim excess spaces and tabs from ends of lines.
* Remove empty lines at the end of files and ensure the last line ends with a newline.
Generated by http://svn.python.org/projects/python/trunk/Tools/scripts/reindent.py
self.value = value
def __str__(self):
return "%s" %(self.value,)
self.value = value
def __str__(self):
return "%s" %(self.value,)
def __init__(self, host='', port=None, ssl_context=None, strict=None, timeout=None):
self._setup(self._connection_class(host, port, ssl_context, strict, timeout))
def __init__(self, host='', port=None, ssl_context=None, strict=None, timeout=None):
self._setup(self._connection_class(host, port, ssl_context, strict, timeout))
if hasattr(data, 'tobytes'):
data = data.tobytes()
if hasattr(data, 'tobytes'):
data = data.tobytes()
starttime = time.time()
origlen = len(data)
sent = -1
starttime = time.time()
origlen = len(data)
sent = -1
print 'Cannot make certmaster certificate authority keys/certs, aborting: %s' % e
sys.exit(1)
print 'Cannot make certmaster certificate authority keys/certs, aborting: %s' % e
sys.exit(1)
# open up the cakey and cacert so we have them available
self.cakey = certs.retrieve_key_from_file(self.ca_key_file)
self.cacert = certs.retrieve_cert_from_file(self.ca_cert_file)
# open up the cakey and cacert so we have them available
self.cakey = certs.retrieve_key_from_file(self.ca_key_file)
self.cacert = certs.retrieve_cert_from_file(self.ca_cert_file)
for dirpath in [self.cfg.cadir, self.cfg.certroot, self.cfg.csrroot]:
if not os.path.exists(dirpath):
os.makedirs(dirpath)
for dirpath in [self.cfg.cadir, self.cfg.certroot, self.cfg.csrroot]:
if not os.path.exists(dirpath):
os.makedirs(dirpath)
'wait_for_cert': self.wait_for_cert,
}
'wait_for_cert': self.wait_for_cert,
}
def _dispatch(self, method, params):
if method == 'trait_names' or method == '_getAttributeNames':
return self.handlers.keys()
def _dispatch(self, method, params):
if method == 'trait_names' or method == '_getAttributeNames':
return self.handlers.keys()
else:
self.logger.info("Unhandled method call for method: %s " % method)
raise codes.InvalidMethodException
else:
self.logger.info("Unhandled method call for method: %s " % method)
raise codes.InvalidMethodException
def _sanitize_cn(self, commonname):
commonname = commonname.replace('/', '')
def _sanitize_cn(self, commonname):
commonname = commonname.replace('/', '')
- commonname = commonname.replace('\\', '')
+ commonname = commonname.replace('\\', '')
def wait_for_cert(self, csrbuf, with_triggers=True):
"""
takes csr as a string
returns True, caller_cert, ca_cert
returns False, '', ''
"""
def wait_for_cert(self, csrbuf, with_triggers=True):
"""
takes csr as a string
returns True, caller_cert, ca_cert
returns False, '', ''
"""
try:
csrreq = crypto.load_certificate_request(crypto.FILETYPE_PEM, csrbuf)
except crypto.Error, e:
#XXX need to raise a fault here and document it - but false is just as good
return False, '', ''
try:
csrreq = crypto.load_certificate_request(crypto.FILETYPE_PEM, csrbuf)
except crypto.Error, e:
#XXX need to raise a fault here and document it - but false is just as good
return False, '', ''
requesting_host = self._sanitize_cn(csrreq.get_subject().CN)
if with_triggers:
requesting_host = self._sanitize_cn(csrreq.get_subject().CN)
if with_triggers:
- self._run_triggers(requesting_host, '/var/lib/certmaster/triggers/request/pre/*')
+ self._run_triggers(requesting_host, '/var/lib/certmaster/triggers/request/pre/*')
self.logger.info("%s requested signing of cert %s" % (requesting_host,csrreq.get_subject().CN))
# get rid of dodgy characters in the filename we're about to make
self.logger.info("%s requested signing of cert %s" % (requesting_host,csrreq.get_subject().CN))
# get rid of dodgy characters in the filename we're about to make
certfile = '%s/%s.cert' % (self.cfg.certroot, requesting_host)
csrfile = '%s/%s.csr' % (self.cfg.csrroot, requesting_host)
# check for old csr on disk
# if we have it - compare the two - if they are not the same - raise a fault
self.logger.debug("csrfile: %s certfile: %s" % (csrfile, certfile))
certfile = '%s/%s.cert' % (self.cfg.certroot, requesting_host)
csrfile = '%s/%s.csr' % (self.cfg.csrroot, requesting_host)
# check for old csr on disk
# if we have it - compare the two - if they are not the same - raise a fault
self.logger.debug("csrfile: %s certfile: %s" % (csrfile, certfile))
if os.path.exists(csrfile):
oldfo = open(csrfile)
oldcsrbuf = oldfo.read()
if os.path.exists(csrfile):
oldfo = open(csrfile)
oldcsrbuf = oldfo.read()
self.logger.info("A cert for %s already exists and does not match the requesting cert" % (requesting_host))
# XXX raise a proper fault
return False, '', ''
self.logger.info("A cert for %s already exists and does not match the requesting cert" % (requesting_host))
# XXX raise a proper fault
return False, '', ''
# look for a cert:
# if we have it, then return True, etc, etc
# look for a cert:
# if we have it, then return True, etc, etc
if with_triggers:
self._run_triggers(requesting_host,'/var/lib/certmaster/triggers/request/post/*')
return True, cert_buf, cacert_buf
if with_triggers:
self._run_triggers(requesting_host,'/var/lib/certmaster/triggers/request/post/*')
return True, cert_buf, cacert_buf
# if we don't have a cert then:
# if we're autosign then sign it, write out the cert and return True, etc, etc
# else write out the csr
# if we don't have a cert then:
# if we're autosign then sign it, write out the cert and return True, etc, etc
# else write out the csr
if self.cfg.autosign:
cert_fn = self.sign_this_csr(csrreq)
if self.cfg.autosign:
cert_fn = self.sign_this_csr(csrreq)
- cert = certs.retrieve_cert_from_file(cert_fn)
+ cert = certs.retrieve_cert_from_file(cert_fn)
cert_buf = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
cacert_buf = crypto.dump_certificate(crypto.FILETYPE_PEM, self.cacert)
self.logger.info("cert for %s was autosigned" % (requesting_host))
if with_triggers:
self._run_triggers(None,'/var/lib/certmaster/triggers/request/post/*')
return True, cert_buf, cacert_buf
cert_buf = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
cacert_buf = crypto.dump_certificate(crypto.FILETYPE_PEM, self.cacert)
self.logger.info("cert for %s was autosigned" % (requesting_host))
if with_triggers:
self._run_triggers(None,'/var/lib/certmaster/triggers/request/post/*')
return True, cert_buf, cacert_buf
else:
# write the csr out to a file to be dealt with by the admin
destfo = open(csrfile, 'w')
else:
# write the csr out to a file to be dealt with by the admin
destfo = open(csrfile, 'w')
return False, '', ''
def get_csrs_waiting(self):
return False, '', ''
def get_csrs_waiting(self):
csrglob = '%s/*.csr' % self.cfg.csrroot
csr_list = glob.glob(csrglob)
for f in csr_list:
csrglob = '%s/*.csr' % self.cfg.csrroot
csr_list = glob.glob(csrglob)
for f in csr_list:
hn = hn[:-4]
hosts.append(hn)
return hosts
hn = hn[:-4]
hosts.append(hn)
return hosts
def remove_this_cert(self, hn, with_triggers=True):
""" removes cert for hostname using unlink """
cm = self
def remove_this_cert(self, hn, with_triggers=True):
""" removes cert for hostname using unlink """
cm = self
os.unlink(fn)
if with_triggers:
self._run_triggers(hn,'/var/lib/certmaster/triggers/remove/post/*')
os.unlink(fn)
if with_triggers:
self._run_triggers(hn,'/var/lib/certmaster/triggers/remove/post/*')
def sign_this_csr(self, csr, with_triggers=True):
"""returns the path to the signed cert file"""
csr_unlink_file = None
def sign_this_csr(self, csr, with_triggers=True):
"""returns the path to the signed cert file"""
csr_unlink_file = None
- if type(csr) is type(''):
+ if type(csr) is type(''):
if csr.startswith('/') and os.path.exists(csr): # we have a full path to the file
csrfo = open(csr)
csr_buf = csrfo.read()
csr_unlink_file = csr
if csr.startswith('/') and os.path.exists(csr): # we have a full path to the file
csrfo = open(csr)
csr_buf = csrfo.read()
csr_unlink_file = csr
elif os.path.exists('%s/%s' % (self.cfg.csrroot, csr)): # we have a partial path?
csrfo = open('%s/%s' % (self.cfg.csrroot, csr))
csr_buf = csrfo.read()
csr_unlink_file = '%s/%s' % (self.cfg.csrroot, csr)
elif os.path.exists('%s/%s' % (self.cfg.csrroot, csr)): # we have a partial path?
csrfo = open('%s/%s' % (self.cfg.csrroot, csr))
csr_buf = csrfo.read()
csr_unlink_file = '%s/%s' % (self.cfg.csrroot, csr)
# we have a string of some kind
else:
csr_buf = csr
try:
# we have a string of some kind
else:
csr_buf = csr
try:
- csrreq = crypto.load_certificate_request(crypto.FILETYPE_PEM, csr_buf)
+ csrreq = crypto.load_certificate_request(crypto.FILETYPE_PEM, csr_buf)
except crypto.Error, e:
self.logger.info("Unable to sign %s: Bad CSR" % (csr))
raise exceptions.Exception("Bad CSR: %s" % csr)
except crypto.Error, e:
self.logger.info("Unable to sign %s: Bad CSR" % (csr))
raise exceptions.Exception("Bad CSR: %s" % csr)
else: # assume we got a bare csr req
csrreq = csr
else: # assume we got a bare csr req
csrreq = csr
if with_triggers:
self._run_triggers(requesting_host,'/var/lib/certmaster/triggers/sign/post/*')
if with_triggers:
self._run_triggers(requesting_host,'/var/lib/certmaster/triggers/sign/post/*')
if csr_unlink_file and os.path.exists(csr_unlink_file):
os.unlink(csr_unlink_file)
if csr_unlink_file and os.path.exists(csr_unlink_file):
os.unlink(csr_unlink_file)
return certfile
# return a list of already signed certs
return certfile
# return a list of already signed certs
for hostglob in globs:
certglob = "%s/%s.cert" % (self.cfg.certroot, hostglob)
certfiles = certfiles + glob.glob(certglob)
for hostglob in globs:
certglob = "%s/%s.cert" % (self.cfg.certroot, hostglob)
certfiles = certfiles + glob.glob(certglob)
cert_hashes = []
for certfile in certfiles:
cert = certs.retrieve_cert_from_file(certfile)
cert_hashes.append("%s-%s" % (cert.get_subject().CN, cert.subject_name_hash()))
cert_hashes = []
for certfile in certfiles:
cert = certs.retrieve_cert_from_file(certfile)
cert_hashes.append("%s-%s" % (cert.get_subject().CN, cert.subject_name_hash()))
return cert_hashes
def _run_triggers(self, ref, globber):
return cert_hashes
def _run_triggers(self, ref, globber):
def __init__(self, addr):
self.allow_reuse_address = True
SimpleXMLRPCServer.SimpleXMLRPCServer.__init__(self, addr)
def __init__(self, addr):
self.allow_reuse_address = True
SimpleXMLRPCServer.SimpleXMLRPCServer.__init__(self, addr)
def serve(xmlrpcinstance):
def serve(xmlrpcinstance):
listen_addr = config.listen_addr
listen_port = config.listen_port
if listen_port == '':
listen_addr = config.listen_addr
listen_port = config.listen_port
if listen_port == '':
- listen_port = CERTMASTER_LISTEN_PORT
+ listen_port = CERTMASTER_LISTEN_PORT
server = CertmasterXMLRPCServer((listen_addr,listen_port))
server.logRequests = 0 # don't print stuff to console
server.register_instance(xmlrpcinstance)
server = CertmasterXMLRPCServer((listen_addr,listen_port))
server.logRequests = 0 # don't print stuff to console
server.register_instance(xmlrpcinstance)
print excvalue_blurb
print exctb_blurb
print excvalue_blurb
print exctb_blurb
- log = logger.Logger().logger
+ log = logger.Logger().logger
log.info(exctype_blurb)
log.info(excvalue_blurb)
log.info(exctb_blurb)
def main(argv):
log.info(exctype_blurb)
log.info(excvalue_blurb)
log.info(exctb_blurb)
def main(argv):
-
- sys.excepthook = excepthook
+
+ sys.excepthook = excepthook
cm = CertMaster('/etc/certmaster/certmaster.conf')
if "--version" in sys.argv or "-v" in sys.argv:
cm = CertMaster('/etc/certmaster/certmaster.conf')
if "--version" in sys.argv or "-v" in sys.argv:
# just let exceptions bubble up for now
serve(cm)
# just let exceptions bubble up for now
serve(cm)
if __name__ == "__main__":
#textdomain(I18N_DOMAIN)
main(sys.argv)
if __name__ == "__main__":
#textdomain(I18N_DOMAIN)
main(sys.argv)
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-# Copyright (c) 2007 Red Hat, inc
+# Copyright (c) 2007 Red Hat, inc
#- Written by Seth Vidal skvidal @ fedoraproject.org
from OpenSSL import crypto
#- Written by Seth Vidal skvidal @ fedoraproject.org
from OpenSSL import crypto
destfd = os.open(dest, os.O_RDWR|os.O_CREAT, 0600)
os.write(destfd, (crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)))
os.close(destfd)
destfd = os.open(dest, os.O_RDWR|os.O_CREAT, 0600)
os.write(destfd, (crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)))
os.close(destfd)
if emailaddr:
subj.emailAddress = emailaddr
else:
if emailaddr:
subj.emailAddress = emailaddr
else:
- subj.emailAddress = 'root@%s' % subj.CN
-
+ subj.emailAddress = 'root@%s' % subj.CN
+
req.set_pubkey(pkey)
req.sign(pkey, 'md5')
if dest:
req.set_pubkey(pkey)
req.sign(pkey, 'md5')
if dest:
keypair = crypto.load_privatekey(crypto.FILETYPE_PEM, buf)
return keypair
keypair = crypto.load_privatekey(crypto.FILETYPE_PEM, buf)
return keypair
def retrieve_csr_from_file(csrfile):
fo = open(csrfile, 'r')
buf = fo.read()
def retrieve_csr_from_file(csrfile):
fo = open(csrfile, 'r')
buf = fo.read()
destfo = open(ca_cert_file, 'w')
destfo.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cacert))
destfo.close()
destfo = open(ca_cert_file, 'w')
destfo.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cacert))
destfo.close()
def _get_serial_number(cadir):
serial = '%s/serial.txt' % cadir
i = 1
def _get_serial_number(cadir):
serial = '%s/serial.txt' % cadir
i = 1
f = f.replace('\n','')
try:
i = int(f)
f = f.replace('\n','')
try:
i = int(f)
except ValueError, e:
i = 1
except ValueError, e:
i = 1
-
- _set_serial_number(cadir, i)
+
+ _set_serial_number(cadir, i)
f = open(serial, 'w')
f.write(str(last) + '\n')
f.close()
f = open(serial, 'w')
f.write(str(last) + '\n')
f.close()
def create_slave_certificate(csr, cakey, cacert, cadir, slave_cert_file=None):
cert = crypto.X509()
cert.set_serial_number(_get_serial_number(cadir))
def create_slave_certificate(csr, cakey, cacert, cadir, slave_cert_file=None):
cert = crypto.X509()
cert.set_serial_number(_get_serial_number(cadir))
cert.set_pubkey(csr.get_pubkey())
cert.set_version(2)
xt = crypto.X509Extension('basicConstraints', False ,'CA:FALSE')
cert.set_pubkey(csr.get_pubkey())
cert.set_version(2)
xt = crypto.X509Extension('basicConstraints', False ,'CA:FALSE')
- # FIXME - add subjectkeyidentifier and authoritykeyidentifier extensions, too)
+ # FIXME - add subjectkeyidentifier and authoritykeyidentifier extensions, too)
cert.add_extensions((xt,))
cert.sign(cakey, 'sha1')
if slave_cert_file:
cert.add_extensions((xt,))
cert.sign(cakey, 'sha1')
if slave_cert_file:
pass
# FIXME: more sub-exceptions maybe
pass
# FIXME: more sub-exceptions maybe
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-# Copyright 2002 Duke University
+# Copyright 2002 Duke University
# filched from yum - menno smits wrote this - he rocks
# filched from yum - menno smits wrote this - he rocks
self.value = value
def __str__(self):
return "%s" %(self.value,)
self.value = value
def __str__(self):
return "%s" %(self.value,)
class Option(object):
'''
This class handles a single Yum configuration file option. Create
subclasses for each type of supported configuration option.
class Option(object):
'''
This class handles a single Yum configuration file option. Create
subclasses for each type of supported configuration option.
Python descriptor foo (__get__ and __set__) is used to make option
definition easy and consise.
'''
Python descriptor foo (__get__ and __set__) is used to make option
definition easy and consise.
'''
self._attrname = '__opt%d' % id(self)
def __get__(self, obj, objtype):
self._attrname = '__opt%d' % id(self)
def __get__(self, obj, objtype):
- '''Called when the option is read (via the descriptor protocol).
+ '''Called when the option is read (via the descriptor protocol).
@param obj: The configuration instance to modify.
@param objtype: The type of the config instance (not used).
@param obj: The configuration instance to modify.
@param objtype: The type of the config instance (not used).
return getattr(obj, self._attrname, None)
def __set__(self, obj, value):
return getattr(obj, self._attrname, None)
def __set__(self, obj, value):
- '''Called when the option is set (via the descriptor protocol).
+ '''Called when the option is set (via the descriptor protocol).
@param obj: The configuration instance to modify.
@param value: The value to set the option to.
@param obj: The configuration instance to modify.
@param value: The value to set the option to.
setattr(obj, self._attrname, value)
def setup(self, obj, name):
setattr(obj, self._attrname, value)
def setup(self, obj, name):
- '''Initialise the option for a config instance.
- This must be called before the option can be set or retrieved.
+ '''Initialise the option for a config instance.
+ This must be called before the option can be set or retrieved.
@param obj: BaseConfig (or subclass) instance.
@param name: Name of the option.
@param obj: BaseConfig (or subclass) instance.
@param name: Name of the option.
@param s: Raw string value to parse.
@return: Validated native value.
@param s: Raw string value to parse.
@return: Validated native value.
Will raise ValueError if there was a problem parsing the string.
Subclasses should override this.
'''
Will raise ValueError if there was a problem parsing the string.
Subclasses should override this.
'''
This option handles lists of URLs with validation of the URL scheme.
'''
This option handles lists of URLs with validation of the URL scheme.
'''
- def __init__(self, default=None, schemes=('http', 'ftp', 'file', 'https'),
+ def __init__(self, default=None, schemes=('http', 'ftp', 'file', 'https'),
allow_none=False):
super(UrlOption, self).__init__(default)
self.schemes = schemes
allow_none=False):
super(UrlOption, self).__init__(default)
self.schemes = schemes
# Hold a UrlOption instance to assist with parsing
self._urloption = UrlOption(schemes=schemes)
# Hold a UrlOption instance to assist with parsing
self._urloption = UrlOption(schemes=schemes)
def parse(self, s):
out = []
for url in super(UrlListOption, self).parse(s):
def parse(self, s):
out = []
for url in super(UrlListOption, self).parse(s):
def __init__(self, default=None, allowed=()):
super(SelectionOption, self).__init__(default)
self._allowed = allowed
def __init__(self, default=None, allowed=()):
super(SelectionOption, self).__init__(default)
self._allowed = allowed
def parse(self, s):
if s not in self._allowed:
raise ValueError('"%s" is not an allowed value' % s)
def parse(self, s):
if s not in self._allowed:
raise ValueError('"%s" is not an allowed value' % s)
The input should be a string containing a (possibly floating point)
number followed by an optional single character unit. Valid units are
'k', 'M', 'G'. Case is ignored.
The input should be a string containing a (possibly floating point)
number followed by an optional single character unit. Valid units are
'k', 'M', 'G'. Case is ignored.
Valid inputs: 100, 123M, 45.6k, 12.4G, 100K, 786.3, 0
Invalid inputs: -10, -0.1, 45.6L, 123Mb
Valid inputs: 100, 123M, 45.6k, 12.4G, 100K, 786.3, 0
Invalid inputs: -10, -0.1, 45.6L, 123Mb
try:
n = float(n)
except ValueError:
try:
n = float(n)
except ValueError:
class ThrottleOption(BytesOption):
def parse(self, s):
class ThrottleOption(BytesOption):
def parse(self, s):
- """Get a throttle option.
+ """Get a throttle option.
Input may either be a percentage or a "friendly bandwidth value" as
accepted by the BytesOption.
Input may either be a percentage or a "friendly bandwidth value" as
accepted by the BytesOption.
# No matching option in this section, try inheriting
if parent and option.inherit:
value = getattr(parent, name)
# No matching option in this section, try inheriting
if parent and option.inherit:
value = getattr(parent, name)
if value is not None:
setattr(self, name, value)
if value is not None:
setattr(self, name, value)
optionobj = classmethod(optionobj)
def isoption(cls, name):
optionobj = classmethod(optionobj)
def isoption(cls, name):
- '''Return True if the given name refers to a defined option
+ '''Return True if the given name refers to a defined option
'''
try:
cls.optionobj(name)
'''
try:
cls.optionobj(name)
raise ValueError("not populated, don't know section")
section = self._section
raise ValueError("not populated, don't know section")
section = self._section
- # Updated the ConfigParser with the changed values
+ # Updated the ConfigParser with the changed values
cfgOptions = self.cfg.options(section)
for name,value in self.iteritems():
option = self.optionobj(name)
cfgOptions = self.cfg.options(section)
for name,value in self.iteritems():
option = self.optionobj(name)
def __init__(self, logfilepath ="/var/log/certmaster/certmaster.log"):
config_file = '/etc/certmaster/minion.conf'
def __init__(self, logfilepath ="/var/log/certmaster/certmaster.log"):
config_file = '/etc/certmaster/minion.conf'
- self.config = read_config(config_file, CMConfig)
+ self.config = read_config(config_file, CMConfig)
self.loglevel = logging._levelNames[self.config.log_level]
self._setup_logging()
if self._no_handlers:
self._setup_handlers(logfilepath=logfilepath)
self.loglevel = logging._levelNames[self.config.log_level]
self._setup_logging()
if self._no_handlers:
self._setup_handlers(logfilepath=logfilepath)
def _setup_logging(self):
self.logger = logging.getLogger("certmaster")
def _setup_logging(self):
self.logger = logging.getLogger("certmaster")
import utils
def request_cert(hostname=None):
import utils
def request_cert(hostname=None):
- # this should be enough, but do we want to allow parameters
- # for overriding the server and port from the config file?
- # maybe not. -- mpd
- utils.create_minion_keys(hostname)
+ # this should be enough, but do we want to allow parameters
+ # for overriding the server and port from the config file?
+ # maybe not. -- mpd
+ utils.create_minion_keys(hostname)
os.close(2)
# based on http://code.activestate.com/recipes/278731/
os.close(2)
# based on http://code.activestate.com/recipes/278731/
- os.open(REDIRECT_TO, os.O_RDWR) # standard input (0)
+ os.open(REDIRECT_TO, os.O_RDWR) # standard input (0)
- os.dup2(0, 1) # standard output (1)
- os.dup2(0, 2) # standard error (2)
+ os.dup2(0, 1) # standard output (1)
+ os.dup2(0, 2) # standard error (2)
except:
nicetype = etype
nicestack = string.join(traceback.format_list(traceback.extract_tb(etb)))
except:
nicetype = etype
nicestack = string.join(traceback.format_list(traceback.extract_tb(etb)))
- return [ REMOTE_ERROR, nicetype, str(evalue), nicestack ]
+ return [ REMOTE_ERROR, nicetype, str(evalue), nicestack ]
def is_error(result):
# FIXME: I believe we can remove this function
def is_error(result):
# FIXME: I believe we can remove this function
"localhost" is a lame hostname to use for a key, so try to get
a more meaningful hostname. We do this by connecting to the certmaster
and seeing what interface/ip it uses to make that connection, and looking
"localhost" is a lame hostname to use for a key, so try to get
a more meaningful hostname. We do this by connecting to the certmaster
and seeing what interface/ip it uses to make that connection, and looking
- up the hostname for that.
+ up the hostname for that.
"""
# FIXME: this code ignores http proxies (which granted, we don't
"""
# FIXME: this code ignores http proxies (which granted, we don't
- # support elsewhere either.
+ # support elsewhere either.
hostname = None
hostname = socket.gethostname()
# print "DEBUG: HOSTNAME TRY1: %s" % hostname
hostname = None
hostname = socket.gethostname()
# print "DEBUG: HOSTNAME TRY1: %s" % hostname
raise codes.CMException, "Could not create local keypair or csr for session"
result = False
raise codes.CMException, "Could not create local keypair or csr for session"
result = False
while not result:
try:
# print "DEBUG: submitting CSR to certmaster: %s" % master_uri
while not result:
try:
# print "DEBUG: submitting CSR to certmaster: %s" % master_uri
# print "DEBUG: waiting for cert"
return s.wait_for_cert(csr)
# print "DEBUG: waiting for cert"
return s.wait_for_cert(csr)