Revision a6c43c02 lib/backend.py
| b/lib/backend.py | ||
|---|---|---|
| 930 | 930 |
result[constants.NV_HVINFO] = hyper.GetNodeInfo(hvparams=hvparams) |
| 931 | 931 |
|
| 932 | 932 |
|
| 933 |
def _VerifyClientCertificate(cert_file=pathutils.NODED_CLIENT_CERT_FILE): |
|
| 934 |
"""Verify the existance and validity of the client SSL certificate. |
|
| 935 |
|
|
| 936 |
""" |
|
| 937 |
create_cert_cmd = "gnt-cluster renew-crypto --new-node-certificates" |
|
| 938 |
if not os.path.exists(cert_file): |
|
| 939 |
return (constants.CV_ERROR, |
|
| 940 |
"The client certificate does not exist. Run '%s' to create" |
|
| 941 |
"client certificates for all nodes." % create_cert_cmd) |
|
| 942 |
|
|
| 943 |
(errcode, msg) = utils.VerifyCertificate(cert_file) |
|
| 944 |
if errcode is not None: |
|
| 945 |
return (errcode, msg) |
|
| 946 |
else: |
|
| 947 |
# if everything is fine, we return the digest to be compared to the config |
|
| 948 |
return (None, utils.GetCertificateDigest(cert_filename=cert_file)) |
|
| 949 |
|
|
| 950 |
|
|
| 933 | 951 |
def VerifyNode(what, cluster_name, all_hvparams, node_groups, groups_cfg): |
| 934 | 952 |
"""Verify the status of the local node. |
| 935 | 953 |
|
| ... | ... | |
| 983 | 1001 |
dict((vcluster.MakeVirtualPath(key), value) |
| 984 | 1002 |
for (key, value) in fingerprints.items()) |
| 985 | 1003 |
|
| 1004 |
if constants.NV_CLIENT_CERT in what: |
|
| 1005 |
result[constants.NV_CLIENT_CERT] = _VerifyClientCertificate() |
|
| 1006 |
|
|
| 986 | 1007 |
if constants.NV_NODELIST in what: |
| 987 | 1008 |
(nodes, bynode) = what[constants.NV_NODELIST] |
| 988 | 1009 |
|
Also available in: Unified diff