|
|
|
@ -32,17 +32,38 @@ def init(cert, key, cert_path, data_path, certbase, args, port, user_name):
|
|
|
|
|
except KeyError, e:
|
|
|
|
|
print e
|
|
|
|
|
return 1
|
|
|
|
|
if check():
|
|
|
|
|
new_serv_cert = False
|
|
|
|
|
if not check_serv_cert(cert_path):
|
|
|
|
|
print 'Generate Server Certificate'
|
|
|
|
|
for step in range (2):
|
|
|
|
|
args = change_args(args, step)
|
|
|
|
|
create_server_cert(cert, key, cert_path, args, port)
|
|
|
|
|
new_serv_cert = True
|
|
|
|
|
else:
|
|
|
|
|
print 'Server certificate already exists'
|
|
|
|
|
|
|
|
|
|
if new_serv_cert or not check_client_cert(user_name):
|
|
|
|
|
print 'Generate Client Certificate'
|
|
|
|
|
create_client_cert(cert, cert_path, data_path, certbase, user_name)
|
|
|
|
|
change_owner(pwdObj, user_name)
|
|
|
|
|
else:
|
|
|
|
|
print 'Client certificate already exists'
|
|
|
|
|
|
|
|
|
|
def check():
|
|
|
|
|
return True
|
|
|
|
|
def check_serv_cert(cert_path):
|
|
|
|
|
if path.isfile (cert_path + '/server.crt') and path.isfile \
|
|
|
|
|
(cert_path + '/server.key'):
|
|
|
|
|
return True
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
def check_client_cert(user_name):
|
|
|
|
|
client_cert_path = check_user_path(user_name)
|
|
|
|
|
server_host_name = socket.getfqdn()
|
|
|
|
|
if path.isfile (client_cert_path + server_host_name + '.crt') and \
|
|
|
|
|
path.isfile (client_cert_path + server_host_name + '.key'):
|
|
|
|
|
return True
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def change_args(args, step = None):
|
|
|
|
|
if step == 0:
|
|
|
|
|
args.host = False
|
|
|
|
|