Revision b544a3c2 lib/utils/security.py
b/lib/utils/security.py | ||
---|---|---|
23 | 23 |
""" |
24 | 24 |
|
25 | 25 |
import logging |
26 |
import OpenSSL |
|
27 |
|
|
28 |
from ganeti.utils import io |
|
29 |
from ganeti import pathutils |
|
26 | 30 |
|
27 | 31 |
|
28 | 32 |
def AddNodeToCandidateCerts(node_uuid, cert_digest, candidate_certs, |
... | ... | |
74 | 78 |
"candidate map." % node_uuid) |
75 | 79 |
return |
76 | 80 |
del candidate_certs[node_uuid] |
81 |
|
|
82 |
|
|
83 |
def GetClientCertificateDigest(cert_filename=pathutils.NODED_CERT_FILE): |
|
84 |
"""Reads the SSL certificate and returns the sha1 digest. |
|
85 |
|
|
86 |
""" |
|
87 |
# FIXME: This is supposed to read the client certificate, but |
|
88 |
# in this stage of the patch series there is no client certificate |
|
89 |
# yet, so we return the digest of the server certificate to get |
|
90 |
# the rest of the key management infrastructure running. |
|
91 |
cert_plain = io.ReadFile(cert_filename) |
|
92 |
cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, |
|
93 |
cert_plain) |
|
94 |
return cert.digest("sha1") |
Also available in: Unified diff