/usr/lib/python2.7/dist-packages/Bcfg2/Server/Plugins/Cfg/CfgSSLCAKeyCreator.py is in bcfg2-server 1.4.0~pre2+git141-g6d40dace6358-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 | """ Cfg creator that creates SSL keys """
from Bcfg2.Utils import Executor
from Bcfg2.Server.Plugins.Cfg import CfgCreationError, XMLCfgCreator
class CfgSSLCAKeyCreator(XMLCfgCreator):
""" Cfg creator that creates SSL keys """
#: Different configurations for different clients/groups can be
#: handled with Client and Group tags within sslkey.xml
__specific__ = False
__basenames__ = ["sslkey.xml"]
cfg_section = "sslca"
def create_data(self, entry, metadata):
self.logger.info("Cfg: Generating new SSL key for %s" % self.name)
spec = self.XMLMatch(metadata)
key = spec.find("Key")
if key is None:
key = {}
ktype = key.get('type', 'rsa')
bits = key.get('bits', '2048')
if ktype == 'rsa':
cmd = ["openssl", "genrsa", bits]
elif ktype == 'dsa':
cmd = ["openssl", "dsaparam", "-noout", "-genkey", bits]
result = Executor().run(cmd)
if not result.success:
raise CfgCreationError("Failed to generate key %s for %s: %s" %
(self.name, metadata.hostname,
result.error))
self.write_data(result.stdout, **self.get_specificity(metadata))
return result.stdout
|