Changeset 95be336 for fedd


Ignore:
Timestamp:
Oct 7, 2011 1:19:46 PM (13 years ago)
Author:
Ted Faber <faber@…>
Branches:
compt_changes, info-ops, master
Children:
743a102
Parents:
9bde415
Message:

Use -set_serial instead of fighting the serial directory format #33

File:
1 edited

Legend:

Unmodified
Added
Removed
  • fedd/federation/experiment_control.py

    r9bde415 r95be336  
    563563        openssl = '/usr/bin/openssl'
    564564        # All the filenames and parameters we need for openssl calls below
    565         ca_serial =os.path.join(destdir, 'ca.serial')
    566565        ca_key =os.path.join(destdir, 'ca.key')
    567566        ca_pem = os.path.join(destdir, 'ca.pem')
     
    571570        node_signed = os.path.join(destdir, 'node.signed')
    572571        days = '%s' % (365 * 10)
     572        serial = '%s' % random.randint(0, 1<<16)
    573573
    574574        try:
    575             # init a serial number for the openssl calls
    576             f = open(ca_serial, 'w')
    577             print >>f, '%s' % random.randint(0, 0xffffffff)
    578             f.close()
    579 
    580575            # Sequence of calls to create a CA key, create a ca cert, create a
    581576            # node key, node signing request, and finally a signed node
     
    591586                        '/C=US/ST=CA/O=DETER/OU=fedd/CN=node' ),
    592587                    (openssl, 'x509', '-CA', ca_pem, '-CAkey', ca_key,
    593                         '-CAserial', ca_serial, '-req', '-in', node_req,
     588                        '-set_serial', serial, '-req', '-in', node_req,
    594589                        '-out', node_signed, '-days', days),
    595590                )
     
    612607
    613608            # Throw out intermediaries.
    614             for fn in (ca_serial, ca_key, node_key, node_req, node_signed):
     609            for fn in (ca_key, node_key, node_req, node_signed):
    615610                os.unlink(fn)
    616611
Note: See TracChangeset for help on using the changeset viewer.