Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jean-Paul Smets
slapos
Commits
dac2c055
Commit
dac2c055
authored
Apr 09, 2015
by
Alain Takoudjou
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
re6st registry: generate dh parameters file
parent
2140b3ce
Changes
5
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
36 additions
and
25 deletions
+36
-25
slapos/recipe/re6stnet/__init__.py
slapos/recipe/re6stnet/__init__.py
+5
-0
slapos/test/recipe/test_re6stnet.py
slapos/test/recipe/test_re6stnet.py
+26
-23
software/re6stnet/instance-re6stnet.cfg.in
software/re6stnet/instance-re6stnet.cfg.in
+2
-0
software/re6stnet/re6st-registry.conf.in
software/re6stnet/re6st-registry.conf.in
+1
-0
software/re6stnet/software.cfg
software/re6stnet/software.cfg
+2
-2
No files found.
slapos/recipe/re6stnet/__init__.py
View file @
dac2c055
...
...
@@ -71,9 +71,13 @@ class Recipe(GenericBaseRecipe):
def
generateCertificate
(
self
):
key_file
=
self
.
options
[
'key-file'
].
strip
()
cert_file
=
self
.
options
[
'cert-file'
].
strip
()
dh_file
=
self
.
options
[
'dh-file'
].
strip
()
if
not
os
.
path
.
exists
(
key_file
):
serial
=
self
.
getSerialFromIpv6
(
self
.
options
[
'ipv6-prefix'
].
strip
())
dh_command
=
[
self
.
options
[
'openssl-bin'
],
'dhparam'
,
'-out'
,
'%s'
%
dh_file
,
self
.
options
[
'key-size'
]]
key_command
=
[
self
.
options
[
'openssl-bin'
],
'genrsa'
,
'-out'
,
'%s'
%
key_file
,
self
.
options
[
'key-size'
]]
...
...
@@ -82,6 +86,7 @@ class Recipe(GenericBaseRecipe):
'-x509'
,
'-batch'
,
'-key'
,
'%s'
%
key_file
,
'-set_serial'
,
'%s'
%
serial
,
'-days'
,
'3650'
,
'-out'
,
'%s'
%
cert_file
]
subprocess
.
check_call
(
dh_command
)
subprocess
.
check_call
(
key_command
)
subprocess
.
check_call
(
cert_command
)
...
...
slapos/test/recipe/test_re6stnet.py
View file @
dac2c055
...
...
@@ -24,6 +24,7 @@ class Re6stnetTest(unittest.TestCase):
'openssl-bin'
:
'/usr/bin/openssl'
,
'key-file'
:
os
.
path
.
join
(
self
.
ssl_dir
,
'cert.key'
),
'cert-file'
:
os
.
path
.
join
(
self
.
ssl_dir
,
'cert.crt'
),
'dh-file'
:
os
.
path
.
join
(
self
.
ssl_dir
,
'dh.pem'
),
'key-size'
:
'2048'
,
'conf-dir'
:
self
.
conf_dir
,
'token-dir'
:
self
.
token_dir
,
...
...
@@ -98,6 +99,9 @@ class Re6stnetTest(unittest.TestCase):
content
=
f
.
read
()
self
.
assertIn
(
"@%s"
%
config_file
,
content
)
def
fake_generateCertificates
(
self
):
return
def
test_generateCertificates
(
self
):
self
.
options
[
'ipv6-prefix'
]
=
'2001:db8:24::/48'
...
...
@@ -107,8 +111,8 @@ class Re6stnetTest(unittest.TestCase):
recipe
.
generateCertificate
()
self
.
assert
True
(
os
.
path
.
exists
(
self
.
options
[
'key-file'
]))
self
.
assertTrue
(
os
.
path
.
exists
(
self
.
options
[
'cert-file'
])
)
self
.
assert
ItemsEqual
(
os
.
listdir
(
self
.
ssl_dir
),
[
'cert.key'
,
'cert.crt'
,
'dh.pem'
]
)
last_time
=
time
.
ctime
(
os
.
stat
(
self
.
options
[
'key-file'
])[
7
])
...
...
@@ -119,19 +123,23 @@ class Re6stnetTest(unittest.TestCase):
self
.
assertEqual
(
last_time
,
this_time
)
def
test_ge
nerateCertificates_other_i
pv6
(
self
):
def
test_ge
tSerialFromI
pv6
(
self
):
self
.
options
[
'ipv6-prefix'
]
=
'be28:db8:fe6a:d85:4fe:54a:ae:aea/64'
ipv6
=
'be28:db8:fe6a:d85:4fe:54a:ae:aea/64'
recipe
=
self
.
new_recipe
()
serial
=
recipe
.
getSerialFromIpv6
(
ipv6
)
recipe
.
generateCertificate
(
)
self
.
assertEqual
(
serial
,
'0x1be280db8fe6a0d8504fe054a00ae0aea'
)
self
.
assertTrue
(
os
.
path
.
exists
(
self
.
options
[
'key-file'
]))
self
.
assertTrue
(
os
.
path
.
exists
(
self
.
options
[
'cert-file'
]))
ipv6
=
'2001:db8:24::/48'
serial
=
recipe
.
getSerialFromIpv6
(
ipv6
)
self
.
assertEqual
(
serial
,
'0x120010db80024'
)
def
test_install
(
self
):
recipe
=
self
.
new_recipe
()
recipe
.
generateCertificate
=
self
.
fake_generateCertificates
recipe
.
options
.
update
({
'ipv6-prefix'
:
'2001:db8:24::/48'
,
...
...
@@ -148,9 +156,6 @@ class Re6stnetTest(unittest.TestCase):
# Recipe will raise not found error when trying to publish slave informations
pass
self
.
assertItemsEqual
(
os
.
listdir
(
self
.
ssl_dir
),
[
'cert.key'
,
'cert.crt'
])
token_file
=
os
.
path
.
join
(
self
.
options
[
'conf-dir'
],
'token.json'
)
self
.
assertTrue
(
os
.
path
.
exists
(
token_file
))
...
...
@@ -200,6 +205,7 @@ class Re6stnetTest(unittest.TestCase):
def
test_install_empty_slave
(
self
):
recipe
=
self
.
new_recipe
()
recipe
.
generateCertificate
=
self
.
fake_generateCertificates
recipe
.
options
.
update
({
'ipv6-prefix'
:
'2001:db8:24::/48'
...
...
@@ -207,9 +213,6 @@ class Re6stnetTest(unittest.TestCase):
recipe
.
install
()
self
.
assertItemsEqual
(
os
.
listdir
(
self
.
ssl_dir
),
[
'cert.key'
,
'cert.crt'
])
token_file
=
os
.
path
.
join
(
self
.
options
[
'conf-dir'
],
'token.json'
)
self
.
assertTrue
(
os
.
path
.
exists
(
token_file
))
...
...
software/re6stnet/instance-re6stnet.cfg.in
View file @
dac2c055
...
...
@@ -106,6 +106,7 @@ ipv6 = {{ ipv6 }}
db = ${re6stnet-dirs:registry}/registry.db
ca = ${re6stnet-dirs:ssl}/re6stnet.crt
key = ${re6stnet-dirs:ssl}/re6stnet.key
dh = ${re6stnet-dirs:ssl}/dh.pem
mailhost = 127.0.0.1
prefix-length = 16
anonymous-prefix-length = 32
...
...
@@ -140,6 +141,7 @@ ipv4 = ${re6st-registry-conf-dict:ipv4}
db-path = ${re6st-registry-conf-dict:db}
key-file = ${re6st-registry-conf-dict:key}
cert-file = ${re6st-registry-conf-dict:ca}
dh-file = ${re6st-registry-conf-dict:dh}
slave-instance-list = ${slap-parameter:slave_instance_list}
...
...
software/re6stnet/re6st-registry.conf.in
View file @
dac2c055
...
...
@@ -4,6 +4,7 @@ port {{ parameter_dict['port'] }}
db {{ parameter_dict['db'] }}
ca {{ parameter_dict['ca'] }}
key {{ parameter_dict['key'] }}
dh {{ parameter_dict['dh'] }}
mailhost {{ parameter_dict['mailhost'] }}
prefix-length {{ parameter_dict['prefix-length'] }}
anonymous-prefix-length {{ parameter_dict['anonymous-prefix-length'] }}
...
...
software/re6stnet/software.cfg
View file @
dac2c055
...
...
@@ -93,7 +93,7 @@ extra-context =
[template-re6stnet]
< = download-base
filename = instance-re6stnet.cfg.in
md5sum =
e0f4857750bfd55f154c448ad56edaec
md5sum =
2449dd8f7438072ac8a9a3b3c67f7179
[template-logrotate-base]
< = template-jinja2-base
...
...
@@ -112,7 +112,7 @@ md5sum = c220229ee37866c8cc404d602edd389d
[template-re6st-registry-conf]
< = download-base
filename = re6st-registry.conf.in
md5sum =
19a5827512cfecc25992fc152c995551
md5sum =
7760a213896755e707993d67d8d980bb
[check-recipe]
recipe = plone.recipe.command
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment