summaryrefslogtreecommitdiff
path: root/nova/crypto.py
diff options
context:
space:
mode:
authorStephen Finucane <stephen.finucane@intel.com>2016-04-04 13:37:06 +0100
committerStephen Finucane <stephen.finucane@intel.com>2016-04-05 12:01:06 +0100
commite301ed2457996d5143e8a6a8cba1a97b29098485 (patch)
tree95139973a8c86c6bb3e5066ce4e50543ec6c4147 /nova/crypto.py
parentac0fee5d6b8e88f22155fb59872cbe46e720078f (diff)
downloadnova-e301ed2457996d5143e8a6a8cba1a97b29098485.tar.gz
config options: Move crypto options into a group
Move all crypto configuration into [crypto] group. Update references to these configuration options to reflect new group. Change-Id: I660b5c20e2b33f276a9d4c49b0e6279d7d8e41c7
Diffstat (limited to 'nova/crypto.py')
-rw-r--r--nova/crypto.py25
1 files changed, 13 insertions, 12 deletions
diff --git a/nova/crypto.py b/nova/crypto.py
index eb954d19a0..e92438146d 100644
--- a/nova/crypto.py
+++ b/nova/crypto.py
@@ -54,25 +54,25 @@ CONF = nova.conf.CONF
def ca_folder(project_id=None):
- if CONF.use_project_ca and project_id:
- return os.path.join(CONF.ca_path, 'projects', project_id)
- return CONF.ca_path
+ if CONF.crypto.use_project_ca and project_id:
+ return os.path.join(CONF.crypto.ca_path, 'projects', project_id)
+ return CONF.crypto.ca_path
def ca_path(project_id=None):
- return os.path.join(ca_folder(project_id), CONF.ca_file)
+ return os.path.join(ca_folder(project_id), CONF.crypto.ca_file)
def key_path(project_id=None):
- return os.path.join(ca_folder(project_id), CONF.key_file)
+ return os.path.join(ca_folder(project_id), CONF.crypto.key_file)
def crl_path(project_id=None):
- return os.path.join(ca_folder(project_id), CONF.crl_file)
+ return os.path.join(ca_folder(project_id), CONF.crypto.crl_file)
def fetch_ca(project_id=None):
- if not CONF.use_project_ca:
+ if not CONF.crypto.use_project_ca:
project_id = None
ca_file_path = ca_path(project_id)
if not os.path.exists(ca_file_path):
@@ -160,7 +160,7 @@ def generate_key_pair(bits=2048):
def fetch_crl(project_id):
"""Get crl file for project."""
- if not CONF.use_project_ca:
+ if not CONF.crypto.use_project_ca:
project_id = None
crl_file_path = crl_path(project_id)
if not os.path.exists(crl_file_path):
@@ -206,7 +206,7 @@ def revoke_cert(project_id, file_name):
utils.execute('openssl', 'ca', '-config', './openssl.cnf', '-revoke',
file_name, cwd=ca_folder(project_id))
utils.execute('openssl', 'ca', '-gencrl', '-config', './openssl.cnf',
- '-out', CONF.crl_file, cwd=ca_folder(project_id))
+ '-out', CONF.crypto.crl_file, cwd=ca_folder(project_id))
except OSError:
raise exception.ProjectNotFound(project_id=project_id)
except processutils.ProcessExecutionError:
@@ -239,12 +239,13 @@ def revoke_certs_by_user_and_project(user_id, project_id):
def _project_cert_subject(project_id):
"""Helper to generate user cert subject."""
- return CONF.project_cert_subject % (project_id, utils.isotime())
+ return CONF.crypto.project_cert_subject % (project_id, utils.isotime())
def _user_cert_subject(user_id, project_id):
"""Helper to generate user cert subject."""
- return CONF.user_cert_subject % (project_id, user_id, utils.isotime())
+ return CONF.crypto.user_cert_subject % (project_id, user_id,
+ utils.isotime())
def generate_x509_cert(user_id, project_id, bits=2048):
@@ -342,7 +343,7 @@ def generate_vpn_files(project_id):
def sign_csr(csr_text, project_id=None):
- if not CONF.use_project_ca:
+ if not CONF.crypto.use_project_ca:
project_id = None
if not project_id:
return _sign_csr(csr_text, ca_folder())
View Lorry Controller Status