From bc0b69cd9c8df639a2d25fddb90c5f12a50caf0e Mon Sep 17 00:00:00 2001 From: Evan Broder Date: Wed, 29 Oct 2008 00:00:15 -0400 Subject: [PATCH] In invirt-vnc-client, get certificates from remctl, instead of from the filesystems svn path=/trunk/packages/invirt-vnc-client/; revision=1413 --- debian/changelog | 6 ++++++ debian/invirt-update-vnc-cert | 42 ++++++++++++++++++++++++++--------------- debian/invirt-vnc-client.dirs | 1 - 3 files changed, 33 insertions(+), 16 deletions(-) diff --git a/debian/changelog b/debian/changelog index 9f3502a..594c059 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +invirt-vnc-client (0.0.4) unstable; urgency=low + + * Get certificates from remctl, instead of from the filesystems + + -- Evan Broder Tue, 28 Oct 2008 23:55:43 -0400 + invirt-vnc-client (0.0.3) unstable; urgency=low * Fix some shell script errors thanks to the globs diff --git a/debian/invirt-update-vnc-cert b/debian/invirt-update-vnc-cert index b07832a..33db30d 100755 --- a/debian/invirt-update-vnc-cert +++ b/debian/invirt-update-vnc-cert @@ -1,18 +1,30 @@ -#!/bin/bash +#!/usr/bin/python -if [ "$(ls /etc/invirt/vnc-cert.d)" == "" ]; then - echo "E: No certs in /etc/invirt/vnc-cert.d/" >&2 - echo " Put certificates for all Invirt VNC proxy servers in" >&2 - echo " /etc/invirt/vnc-cert.d, then run this script again" >&2 - exit 1 -fi +from invirt.config import structs as config +from subprocess import Popen, call, PIPE +import tempfile +import os +import sys +import shutil -TMP_DIR="$(mktemp -d)" -for i in /etc/invirt/vnc-cert.d/*.crt; do - keytool -import -noprompt -alias "$(basename "${i%.crt}")" -file \ - "$i" -keystore "$TMP_DIR/trust.store" -storepass "foobar" -done +def main(): + subprocess.call(['kinit', '-k', 'daemon/%s' % config.web.hostname]) + + temp_dir = tempfile.mkdtemp() + keystore = os.path.join(temp_dir, 'trust.store') + for host in config.hosts: + cert = subprocess.Popen(['remctl', config.remote.hostname, 'web', + 'vnccert', host.hostname], + stdout=PIPE) + cert.wait() + subprocess.call(['keytool', '-import', '-noprompt', '-alias', + host.hostname, '-keystore', keystore, '-storepass', + 'foobar'], stdin=cert.stdout) + + subprocess.call(['jar', 'uf', '/usr/share/invirt-vnc-client/VncViewer.jar', + '-C', temp_dir, 'trust.store']) + + shutil.rmtree(temp_dir) -jar uf /usr/share/invirt-vnc-client/VncViewer.jar -C "$TMP_DIR" trust.store - -rm -rf "$TMP_DIR" +if __name__ == '__main__': + sys.exit(main()) diff --git a/debian/invirt-vnc-client.dirs b/debian/invirt-vnc-client.dirs index e80759d..65f18e7 100644 --- a/debian/invirt-vnc-client.dirs +++ b/debian/invirt-vnc-client.dirs @@ -1,2 +1 @@ -etc/invirt/vnc-cert.d usr/share/invirt-vnc-client -- 1.7.9.5