Custom Search

[PATCH 3/6] have funcd use our specified ca/cert/keys and if we have turned off use_certmaster don't bother talking to the Certmaster on startup for a certificate, just assume we have it.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


---
 func/commonconfig.py  |    1 +
 func/minion/server.py |   29 ++++++++++++++++++++++-------
 2 files changed, 23 insertions(+), 7 deletions(-)

diff --git a/func/commonconfig.py b/func/commonconfig.py
index c71138d..46c2216 100644
--- a/func/commonconfig.py
+++ b/func/commonconfig.py
@@ -29,6 +29,7 @@ class FuncdConfig(BaseConfig):
     minion_name = Option('')
     
     method_log_dir = Option("/var/log/func/methods/")
+    use_certmaster = BoolOption(True)
     ca_file = Option('')
     cert_file = Option('')
     key_file = Option('')
diff --git a/func/minion/server.py b/func/minion/server.py
index fbe5c4b..96f796f 100644
--- a/func/minion/server.py
+++ b/func/minion/server.py
@@ -100,6 +100,9 @@ class XmlRpcInterface(object):
         methods.sort()
         return methods
     
+    def load_module(self, name):
+        """FIXME load a module and set it up on the running xmlrpc instance"""
+        pass
     
     import func.minion.modules.func_module as fm
     @fm.findout
@@ -243,13 +246,23 @@ class FuncSSLXMLRPCServer(AuthedXMLRPCServer.AuthedSSLXMLRPCServer,
 
         XmlRpcInterface.__init__(self)
         hn = func_utils.get_hostname_by_route()
-
-        self.key = "%s/%s.pem" % (self.cm_config.cert_dir, hn)
-        self.cert = "%s/%s.cert" % (self.cm_config.cert_dir, hn)
-        self.ca = "%s/ca.cert" % self.cm_config.cert_dir
+        
+        if self.config.key_file != '':
+            self.key = self.config.key_file
+        else:
+            self.key = "%s/%s.pem" % (self.cm_config.cert_dir, hn)            
+        
+        if self.config.cert_file != '':
+            self.cert = self.config.cert_file
+        else:
+            self.cert = "%s/%s.cert" % (self.cm_config.cert_dir, hn)
+        if self.config.ca_file != '':
+            self.ca = self.config.ca_file
+        else:
+            self.ca = "%s/ca.cert" % self.cm_config.cert_dir
+        
         
         self._our_ca = certs.retrieve_cert_from_file(self.ca)
-
         self.acls = acls_mod.Acls(config=self.config)
         
         AuthedXMLRPCServer.AuthedSSLXMLRPCServer.__init__(self, args,
@@ -358,8 +371,10 @@ def main(argv):
         print "serving...\n"
 
     try:
-        hn = futils.get_hostname_by_route()
-        requester.request_cert(hn)
+        config = read_config("/etc/func/minion.conf", FuncdConfig)
+        if config.use_certmaster:
+            hn = futils.get_hostname_by_route()
+            requester.request_cert(hn)
         serve()
     except codes.FuncException, e:
         print >> sys.stderr, 'error: %s' % e
-- 
1.6.6

_______________________________________________
Func-list mailing list
Func-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/func-list

[Home]     [Fedora Users]     [Fedora Legacy List]     [Fedora Maintainers]     [Fedora Desktop]     [Red Hat 9 Bible]     [Fedora Bible]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]

Powered by Linux

Google
  Web www.spinics.net