~corey.bryant/charms/trusty/keystone/python-six

« back to all changes in this revision

Viewing changes to hooks/keystone_ssl.py

Committer: James Page
Date: 2014-03-27 10:54:38 UTC
mfrom: (55.1.22 keystone)
mto: (52.4.7 keystone)
mto: This revision was merged to the branch mainline in revision 60.
Revision ID: james.page@canonical.com-20140327105438-oid8czi9ud51iut1

Merge ssl-everywhere branch (may break stuff)

files added:
.project

.pydevproject

Makefile

hooks/charmhelpers/contrib

hooks/charmhelpers/contrib/__init__.py

hooks/charmhelpers/contrib/hahelpers

hooks/charmhelpers/contrib/hahelpers/__init__.py

hooks/charmhelpers/contrib/hahelpers/apache.py

hooks/charmhelpers/contrib/hahelpers/cluster.py

hooks/charmhelpers/contrib/openstack

hooks/charmhelpers/contrib/openstack/__init__.py

hooks/charmhelpers/contrib/openstack/alternatives.py

hooks/charmhelpers/contrib/openstack/context.py

hooks/charmhelpers/contrib/openstack/neutron.py

hooks/charmhelpers/contrib/openstack/templates

hooks/charmhelpers/contrib/openstack/templates/__init__.py

hooks/charmhelpers/contrib/openstack/templates/ceph.conf

hooks/charmhelpers/contrib/openstack/templates/haproxy.cfg

hooks/charmhelpers/contrib/openstack/templates/openstack_https_frontend

hooks/charmhelpers/contrib/openstack/templates/openstack_https_frontend.conf

hooks/charmhelpers/contrib/openstack/templating.py

hooks/charmhelpers/contrib/openstack/utils.py

hooks/charmhelpers/contrib/storage

hooks/charmhelpers/contrib/storage/__init__.py

hooks/charmhelpers/contrib/storage/linux

hooks/charmhelpers/contrib/storage/linux/__init__.py

hooks/charmhelpers/contrib/storage/linux/ceph.py

hooks/charmhelpers/contrib/storage/linux/loopback.py

hooks/charmhelpers/contrib/storage/linux/lvm.py

hooks/charmhelpers/contrib/storage/linux/utils.py

hooks/charmhelpers/contrib/unison

hooks/charmhelpers/contrib/unison/__init__.py

hooks/charmhelpers/fetch

hooks/charmhelpers/fetch/__init__.py

hooks/charmhelpers/fetch/archiveurl.py

hooks/charmhelpers/fetch/bzrurl.py

hooks/keystone_context.py

templates/essex

templates/essex/keystone.conf

templates/folsom

templates/folsom/keystone.conf

templates/grizzly

templates/grizzly/keystone.conf

templates/havana

templates/havana/keystone.conf

files modified:
charm-helpers.yaml

config.yaml

hooks/charmhelpers/core/hookenv.py

hooks/charmhelpers/core/host.py

hooks/keystone_hooks.py *

hooks/keystone_ssl.py

hooks/keystone_utils.py *

hooks/manager.py

templates/haproxy.cfg

Show diffs side-by-side

added added

removed removed

hooks/keystone_ssl.py

#!/usr/bin/python

import base64

import os

import shutil

import subprocess

import tarfile

import tempfile

import zipfile

CA_EXPIRY = '365'

ORG_NAME = 'Ubuntu'

113

115

if not os.path.exists(d):

114

116

print 'Creating %s.' % d

115

117

os.mkdir(d)

116

os.chmod(os.path.join(ca_dir, 'private'), 0710)

118

os.chmod(os.path.join(ca_dir, 'private'), 0o710)

117

119

118

120

if not os.path.isfile(os.path.join(ca_dir, 'serial')):

119

121

with open(os.path.join(ca_dir, 'serial'), 'wb') as out:

161

163

def sign_int_csr(ca_dir, csr, common_name):

162

164

print 'Signing certificate request %s.' % csr

163

165

crt = os.path.join(ca_dir, 'certs',

164

'%s.crt' % os.path.basename(csr).split('.')[0])

166

'%s.crt' % os.path.basename(csr).split('.')[0])

165

167

subj = '/O=%s/OU=%s/CN=%s' % (ORG_NAME, ORG_UNIT, common_name)

166

168

cmd = ['openssl', 'ca', '-batch', '-config',

167

169

os.path.join(ca_dir, 'ca.cnf'),

238

240

239

241

240

242

class JujuCA(object):

243

241

244

def __init__(self, name, ca_dir, root_ca_dir, user, group):

242

245

root_crt, root_key = init_root_ca(root_ca_dir,

243

246

'%s Certificate Authority' % name)

288

291

key = open(key, 'r').read()

289

292

except:

290

293

print 'Could not load ssl private key for %s from %s' %\

291

(common_name, key)

294

(common_name, key)

292

295

exit(1)

293

296

return crt, key

294

297

crt, key = self._create_certificate(common_name, common_name)

Older »