generating random encryption key
This commit is contained in:
parent
de20382fce
commit
c27255a9f8
|
@ -1,8 +1,10 @@
|
|||
import subprocess
|
||||
import os
|
||||
|
||||
from charmhelpers.core.hookenv import config
|
||||
from charmhelpers.contrib.openstack import context
|
||||
|
||||
HEAT_PATH = '/var/lib/heat/'
|
||||
|
||||
class IdentityServiceContext(context.IdentityServiceContext):
|
||||
def __call__(self):
|
||||
|
@ -22,11 +24,22 @@ class EncryptionContext(context.OSContextGenerator):
|
|||
def __call__(self):
|
||||
ctxt = {}
|
||||
|
||||
encryption = config("encryption-key")
|
||||
if not encryption:
|
||||
# generate random key
|
||||
cmd = ['hexdump', '-n', 16, '-v', '-e', '\'/1 "%02x"\'', '/dev/random']
|
||||
encryption = subprocess.check_output(cmd).strip()
|
||||
# check if we have stored encryption key
|
||||
encryption_path = os.path.join(HEAT_PATH, 'encryption-key')
|
||||
if os.path.isfile(encryption_path):
|
||||
with open(encryption_path, 'r') as enc:
|
||||
encryption = enc.read()
|
||||
else:
|
||||
# create encryption key and store it
|
||||
if not os.path.isdir(HEAT_PATH):
|
||||
os.makedirs(HEAT_PATH)
|
||||
encryption = config("encryption-key")
|
||||
if not encryption:
|
||||
# generate random key
|
||||
cmd = 'hexdump -n 16 -v -e \'/1 "%02x"\' /dev/random'
|
||||
encryption = subprocess.check_output(cmd, shell=True).strip()
|
||||
with open(encryption_path, 'w') as enc:
|
||||
enc.write(encryption)
|
||||
|
||||
ctxt['encryption_key'] = encryption
|
||||
return ctxt
|
||||
|
|
|
@ -82,9 +82,6 @@ def install():
|
|||
def config_changed():
|
||||
if openstack_upgrade_available('heat-engine'):
|
||||
do_openstack_upgrade(CONFIGS)
|
||||
|
||||
if not os.path.isdir('/etc/heat'):
|
||||
os.mkdir('/etc/heat')
|
||||
CONFIGS.write_all()
|
||||
|
||||
|
||||
|
|
|
@ -24,6 +24,8 @@ from charmhelpers.core.hookenv import (
|
|||
config
|
||||
)
|
||||
|
||||
import heat_context
|
||||
|
||||
TEMPLATES = 'templates/'
|
||||
|
||||
BASE_PACKAGES = [
|
||||
|
|
Loading…
Reference in New Issue