X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-vnc-client.git/blobdiff_plain/32970dd51d76584680d859f118ee0cac2fd904a7..b5ae9ccd719ed01a34d3a40b3aa7f4773f83e4f1:/debian/invirt-update-vnc-cert diff --git a/debian/invirt-update-vnc-cert b/debian/invirt-update-vnc-cert index fa73f27..27997c0 100755 --- a/debian/invirt-update-vnc-cert +++ b/debian/invirt-update-vnc-cert @@ -1,18 +1,32 @@ -#!/bin/bash +#!/usr/bin/python -if [ "$(ls /etc/invirt/vnc-cert.d)" == "" ]; then - echo "E: No certs in /etc/invirt/vnc-cert.d/" >&2 - echo " Put certificates for all Invirt VNC proxy servers in" >&2 - echo " /etc/invirt/vnc-cert.d, then run this script again" >&2 - exit 1 -fi +from invirt.config import structs as config +from subprocess import Popen, call, PIPE +import tempfile +import os +import sys +import shutil -TMP_DIR="$(mktemp -d)" -for i in $(ls /etc/invirt/vnc-cert.d/*.crt); do - keytool -noprompt -alias "${i%.crt}" -file "/etc/invirt/vnc-cert.d/$i" \ - -keystore "$TMP_DIR/trust.store" -storepass "foobar" -done +def main(): + call(['kinit', '-k', 'daemon/%s' % config.web.hostname]) + + shutil.copy('/usr/share/invirt-vnc-client/VncViewer.src.jar', + '/usr/share/invirt-vnc-client/VncViewer.jar') + + temp_dir = tempfile.mkdtemp() + keystore = os.path.join(temp_dir, 'trust.store') + for host in config.hosts: + cert = Popen(['remctl', config.remote.hostname, 'web', 'vnccert', host.hostname], + stdout=PIPE) + cert.wait() + call(['keytool', '-import', '-noprompt', '-alias', host.hostname, + '-keystore', keystore, '-storepass', 'foobar'], + stdin=cert.stdout) + + call(['jar', 'uf', '/usr/share/invirt-vnc-client/VncViewer.jar', + '-C', temp_dir, 'trust.store']) + + shutil.rmtree(temp_dir) -jar uf /usr/share/invirt-vnc-client/VncViewer.jar -C "$TMP_DIR" trust.store - -rm -rf "$TMP_DIR" +if __name__ == '__main__': + sys.exit(main())