Revision 72729d6e lib/bootstrap.py
b/lib/bootstrap.py | ||
---|---|---|
505 | 505 |
""" |
506 | 506 |
family = ssconf.SimpleStore().GetPrimaryIPFamily() |
507 | 507 |
sshrunner = ssh.SshRunner(cluster_name, |
508 |
ipv6=family==netutils.IP6Address.family) |
|
509 |
|
|
510 |
noded_cert = utils.ReadFile(constants.NODED_CERT_FILE) |
|
511 |
rapi_cert = utils.ReadFile(constants.RAPI_CERT_FILE) |
|
512 |
confd_hmac_key = utils.ReadFile(constants.CONFD_HMAC_KEY) |
|
513 |
|
|
514 |
# in the base64 pem encoding, neither '!' nor '.' are valid chars, |
|
515 |
# so we use this to detect an invalid certificate; as long as the |
|
516 |
# cert doesn't contain this, the here-document will be correctly |
|
517 |
# parsed by the shell sequence below. HMAC keys are hexadecimal strings, |
|
518 |
# so the same restrictions apply. |
|
519 |
for content in (noded_cert, rapi_cert, confd_hmac_key): |
|
520 |
if re.search('^!EOF\.', content, re.MULTILINE): |
|
521 |
raise errors.OpExecError("invalid SSL certificate or HMAC key") |
|
522 |
|
|
523 |
if not noded_cert.endswith("\n"): |
|
524 |
noded_cert += "\n" |
|
525 |
if not rapi_cert.endswith("\n"): |
|
526 |
rapi_cert += "\n" |
|
527 |
if not confd_hmac_key.endswith("\n"): |
|
528 |
confd_hmac_key += "\n" |
|
508 |
ipv6=(family == netutils.IP6Address.family)) |
|
529 | 509 |
|
530 | 510 |
bind_address = constants.IP4_ADDRESS_ANY |
531 | 511 |
if family == netutils.IP6Address.family: |
... | ... | |
538 | 518 |
sshrunner.CopyFileToNode(node, constants.NODED_CERT_FILE) |
539 | 519 |
sshrunner.CopyFileToNode(node, constants.RAPI_CERT_FILE) |
540 | 520 |
sshrunner.CopyFileToNode(node, constants.CONFD_HMAC_KEY) |
541 |
mycommand = ("%s stop-all; %s start %s -b '%s'" % (constants.DAEMON_UTIL, |
|
542 |
constants.DAEMON_UTIL, |
|
543 |
constants.NODED, |
|
544 |
bind_address)) |
|
521 |
mycommand = ("%s stop-all; %s start %s -b %s" % |
|
522 |
(constants.DAEMON_UTIL, constants.DAEMON_UTIL, constants.NODED, |
|
523 |
utils.ShellQuote(bind_address))) |
|
545 | 524 |
|
546 | 525 |
result = sshrunner.Run(node, 'root', mycommand, batch=False, |
547 | 526 |
ask_key=ssh_key_check, |
Also available in: Unified diff