diff options
author | Narayan Desai <desai@mcs.anl.gov> | 2009-04-08 01:19:11 +0000 |
---|---|---|
committer | Narayan Desai <desai@mcs.anl.gov> | 2009-04-08 01:19:11 +0000 |
commit | de10f2e64cb7faf0ba0222a22035b81ca07e7426 (patch) | |
tree | 4730e5702aed17855a41dcf5a2e14f09247ecf93 /src/lib/Component.py | |
parent | 61d5b7caec10262206968e2dcbaf242806b5021e (diff) | |
download | bcfg2-de10f2e64cb7faf0ba0222a22035b81ca07e7426.tar.gz bcfg2-de10f2e64cb7faf0ba0222a22035b81ca07e7426.tar.bz2 bcfg2-de10f2e64cb7faf0ba0222a22035b81ca07e7426.zip |
Implement ssl certificate split, in preparation for SSL client cert auth
git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@5155 ce84e21b-d406-0410-9b95-82705330c041
Diffstat (limited to 'src/lib/Component.py')
-rw-r--r-- | src/lib/Component.py | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/src/lib/Component.py b/src/lib/Component.py index aca74f7d1..b76b1bd33 100644 --- a/src/lib/Component.py +++ b/src/lib/Component.py @@ -93,17 +93,19 @@ class CobaltXMLRPCRequestHandler(SimpleXMLRPCServer.SimpleXMLRPCRequestHandler): class TLSServer(Bcfg2.tlslite.api.TLSSocketServerMixIn, BaseHTTPServer.HTTPServer): '''This class is an tlslite-using SSLServer''' - def __init__(self, address, keyfile, handler, checker=None, + def __init__(self, address, keyfile, certfile, handler, checker=None, reqCert=False): + print keyfile, certfile self.sc = Bcfg2.tlslite.api.SessionCache() self.rc = reqCert self.master = os.getpid() x509 = Bcfg2.tlslite.api.X509() - s = open(keyfile).read() - x509.parse(s) + cdata = open(certfile).read() + x509.parse(cdata) self.checker = checker + kdata = open(keyfile).read() try: - self.key = Bcfg2.tlslite.api.parsePEMKey(s, private=True) + self.key = Bcfg2.tlslite.api.parsePEMKey(kdata, private=True) except: raise ComponentKeyError self.chain = Bcfg2.tlslite.api.X509CertChain([x509]) @@ -148,7 +150,7 @@ class Component(TLSServer, fork_funcs = [] child_limit = 32 - def __init__(self, keyfile, password, location): + def __init__(self, keyfile, certfile, password, location): # need to get addr self.shut = False signal.signal(signal.SIGINT, self.start_shutdown) @@ -162,7 +164,8 @@ class Component(TLSServer, self.password = password try: - TLSServer.__init__(self, sock_loc, keyfile, CobaltXMLRPCRequestHandler) + TLSServer.__init__(self, sock_loc, keyfile, certfile, + CobaltXMLRPCRequestHandler) except socket.error: self.logger.error("Failed to bind to socket") raise ComponentInitError |