OpenStack Compute (nova)

Merge lp:~soren/nova/ca-separate-code-and-state into lp:~hudson-openstack/nova/trunk

  1. ca-separate-code-and-state
  2. Merge into trunk
Proposed by Soren Hansen
Status: Merged
Approved by: Vish Ishaya
Approved revision: 944
Merged at revision: 943
Proposed branch: lp:~soren/nova/ca-separate-code-and-state
Merge into: lp:~hudson-openstack/nova/trunk
Diff against target: 100 lines (+20/-6)
5 files modified
MANIFEST.in (+1/-1)
nova/CA/geninter.sh (+1/-1)
nova/CA/genrootca.sh (+2/-1)
nova/api/ec2/cloud.py (+8/-1)
nova/crypto.py (+8/-2)
To merge this branch: bzr merge lp:~soren/nova/ca-separate-code-and-state
Reviewer Review Type Date Requested Status
Vish Ishaya (community) Approve
Jay Pipes (community) Approve
Review via email: mp+56345@code.launchpad.net

Commit message

Separate CA/ dir into code and state.

Description of the change

This is the first half of the fix for bug #727794

To post a comment you must log in.
Revision history for this message
Jay Pipes (jaypipes) wrote :

lgtm.

review: Approve
Revision history for this message
Vish Ishaya (vishvananda) wrote :

lgtm

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'MANIFEST.in'
--- MANIFEST.in 2011-03-14 20:10:11 +0000
+++ MANIFEST.in 2011-04-05 13:01:00 +0000
@@ -1,7 +1,7 @@
1include HACKING LICENSE run_tests.py run_tests.sh1include HACKING LICENSE run_tests.py run_tests.sh
2include README builddeb.sh exercise_rsapi.py2include README builddeb.sh exercise_rsapi.py
3include ChangeLog MANIFEST.in pylintrc Authors3include ChangeLog MANIFEST.in pylintrc Authors
4graft CA4graft nova/CA
5graft doc5graft doc
6graft smoketests6graft smoketests
7graft tools7graft tools
88
=== renamed directory 'CA' => 'nova/CA'
=== modified file 'nova/CA/geninter.sh'
--- CA/geninter.sh 2010-11-06 00:02:36 +0000
+++ nova/CA/geninter.sh 2011-04-05 13:01:00 +0000
@@ -23,7 +23,7 @@
23cd projects/$NAME23cd projects/$NAME
24cp ../../openssl.cnf.tmpl openssl.cnf24cp ../../openssl.cnf.tmpl openssl.cnf
25sed -i -e s/%USERNAME%/$NAME/g openssl.cnf25sed -i -e s/%USERNAME%/$NAME/g openssl.cnf
26mkdir certs crl newcerts private26mkdir -p certs crl newcerts private
27openssl req -new -x509 -extensions v3_ca -keyout private/cakey.pem -out cacert.pem -days 365 -config ./openssl.cnf -batch -nodes27openssl req -new -x509 -extensions v3_ca -keyout private/cakey.pem -out cacert.pem -days 365 -config ./openssl.cnf -batch -nodes
28echo "10" > serial28echo "10" > serial
29touch index.txt29touch index.txt
3030
=== modified file 'nova/CA/genrootca.sh'
--- CA/genrootca.sh 2010-11-06 00:02:36 +0000
+++ nova/CA/genrootca.sh 2011-04-05 13:01:00 +0000
@@ -20,8 +20,9 @@
20then20then
21 echo "Not installing, it's already done."21 echo "Not installing, it's already done."
22else22else
23 cp openssl.cnf.tmpl openssl.cnf23 cp "$(dirname $0)/openssl.cnf.tmpl" openssl.cnf
24 sed -i -e s/%USERNAME%/ROOT/g openssl.cnf24 sed -i -e s/%USERNAME%/ROOT/g openssl.cnf
25 mkdir -p certs crl newcerts private
25 openssl req -new -x509 -extensions v3_ca -keyout private/cakey.pem -out cacert.pem -days 365 -config ./openssl.cnf -batch -nodes26 openssl req -new -x509 -extensions v3_ca -keyout private/cakey.pem -out cacert.pem -days 365 -config ./openssl.cnf -batch -nodes
26 touch index.txt27 touch index.txt
27 echo "10" > serial28 echo "10" > serial
2829
=== modified file 'nova/api/ec2/cloud.py'
--- nova/api/ec2/cloud.py 2011-04-01 16:44:12 +0000
+++ nova/api/ec2/cloud.py 2011-04-05 13:01:00 +0000
@@ -103,10 +103,17 @@
103 # Gen root CA, if we don't have one103 # Gen root CA, if we don't have one
104 root_ca_path = os.path.join(FLAGS.ca_path, FLAGS.ca_file)104 root_ca_path = os.path.join(FLAGS.ca_path, FLAGS.ca_file)
105 if not os.path.exists(root_ca_path):105 if not os.path.exists(root_ca_path):
106 genrootca_sh_path = os.path.join(os.path.dirname(__file__),
107 os.path.pardir,
108 os.path.pardir,
109 'CA',
110 'genrootca.sh')
111
106 start = os.getcwd()112 start = os.getcwd()
113 os.makedirs(FLAGS.ca_path)
107 os.chdir(FLAGS.ca_path)114 os.chdir(FLAGS.ca_path)
108 # TODO(vish): Do this with M2Crypto instead115 # TODO(vish): Do this with M2Crypto instead
109 utils.runthis(_("Generating root CA: %s"), "sh", "genrootca.sh")116 utils.runthis(_("Generating root CA: %s"), "sh", genrootca_sh_path)
110 os.chdir(start)117 os.chdir(start)
111118
112 def _get_mpi_data(self, context, project_id):119 def _get_mpi_data(self, context, project_id):
113120
=== modified file 'nova/crypto.py'
--- nova/crypto.py 2011-03-23 04:31:50 +0000
+++ nova/crypto.py 2011-04-05 13:01:00 +0000
@@ -215,9 +215,12 @@
215215
216def _ensure_project_folder(project_id):216def _ensure_project_folder(project_id):
217 if not os.path.exists(ca_path(project_id)):217 if not os.path.exists(ca_path(project_id)):
218 geninter_sh_path = os.path.join(os.path.dirname(__file__),
219 'CA',
220 'geninter.sh')
218 start = os.getcwd()221 start = os.getcwd()
219 os.chdir(ca_folder())222 os.chdir(ca_folder())
220 utils.execute('sh', 'geninter.sh', project_id,223 utils.execute('sh', geninter_sh_path, project_id,
221 _project_cert_subject(project_id))224 _project_cert_subject(project_id))
222 os.chdir(start)225 os.chdir(start)
223226
@@ -227,13 +230,16 @@
227 csr_fn = os.path.join(project_folder, "server.csr")230 csr_fn = os.path.join(project_folder, "server.csr")
228 crt_fn = os.path.join(project_folder, "server.crt")231 crt_fn = os.path.join(project_folder, "server.crt")
229232
233 genvpn_sh_path = os.path.join(os.path.dirname(__file__),
234 'CA',
235 'geninter.sh')
230 if os.path.exists(crt_fn):236 if os.path.exists(crt_fn):
231 return237 return
232 _ensure_project_folder(project_id)238 _ensure_project_folder(project_id)
233 start = os.getcwd()239 start = os.getcwd()
234 os.chdir(ca_folder())240 os.chdir(ca_folder())
235 # TODO(vish): the shell scripts could all be done in python241 # TODO(vish): the shell scripts could all be done in python
236 utils.execute('sh', 'genvpn.sh',242 utils.execute('sh', genvpn_sh_path,
237 project_id, _vpn_cert_subject(project_id))243 project_id, _vpn_cert_subject(project_id))
238 with open(csr_fn, "r") as csrfile:244 with open(csr_fn, "r") as csrfile:
239 csr_text = csrfile.read()245 csr_text = csrfile.read()