diff options
| author |   Kevin Hilman <khilman@baylibre.com> | 2018-08-21 13:29:27 -0700 |
|---|---|---|
| committer | Kevin Hilman <khilman@baylibre.com> | 2018-09-13 10:37:24 -0700 |
| commit | 8034ea8a06d29cf148c3170b044385e874e5b7e1 (patch) | |
| tree | e26e0329742d5ef7cf4e0209868f646225d7d747 /lavalab-gen.py | |
| parent | 0d143406d41fcd7a4b03a3941cc3a66c294b21b2 (diff) | |
lavalab-gen: fiz zmq key filename assumptions
The ZMQ key file names are expected to have specific names in the
containers (e.g. $LAVA_MASTER.key). However, when using existing key
files, they are simply copied into the containers, and if they don't
match the exact requirements, encryption will silently fail.
Fix this by allowing arbitrary filenames for existing keys, but ensure
they are copied into the container with the expected filenames.
Related, when using auto-generated keys, the generated master key is
simply "master.key" in the slave. Fix this by ensuring that
"master.key" is copied to $LAVA_MASTER.key when the slave container
starts.
Signed-off-by: Kevin Hilman <khilman@baylibre.com>
Diffstat (limited to 'lavalab-gen.py')
| -rwxr-xr-x | lavalab-gen.py | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/lavalab-gen.py b/lavalab-gen.py index 010839f..634d742 100755 --- a/lavalab-gen.py +++ b/lavalab-gen.py @@ -156,8 +156,8 @@ def main(): master_use_zmq_auth = worker["zmq_auth"] if master_use_zmq_auth: if "zmq_auth_key" in worker: - shutil.copy(worker["zmq_auth_key"], "%s/zmq_auth/" % workerdir) - shutil.copy(worker["zmq_auth_key_secret"], "%s/zmq_auth/" % workerdir) + shutil.copy(worker["zmq_auth_key"], "%s/zmq_auth/%s.key" % (workerdir, name)) + shutil.copy(worker["zmq_auth_key_secret"], "%s/zmq_auth/%s.key_secret" % (workerdir, name)) else: zmq_auth_genlist.write("%s/%s\n" % (host, name)) need_zmq_auth_gen = True @@ -294,12 +294,12 @@ def main(): master_use_zmq_auth = fm["zmq_auth"] if master_use_zmq_auth: if "zmq_auth_key" in fm: - shutil.copy(fm["zmq_auth_key"], "%s/zmq_auth/" % workerdir) + shutil.copy(fm["zmq_auth_key"], "%s/zmq_auth/%s.key" % (workerdir, remote_address)) if "zmq_auth_key" in worker: - shutil.copy(worker["zmq_auth_key"], "%s/zmq_auth/" % workerdir) - shutil.copy(worker["zmq_auth_key_secret"], "%s/zmq_auth/" % workerdir) + shutil.copy(worker["zmq_auth_key"], "%s/zmq_auth/%s.key" % (workerdir, name)) + shutil.copy(worker["zmq_auth_key_secret"], "%s/zmq_auth/%s.key_secret" % (workerdir, name)) if "zmq_auth_key" in fm: - shutil.copy(worker["zmq_auth_key"], "output/%s/%s/zmq_auth/" % (fm["host"], fm["name"])) + shutil.copy(worker["zmq_auth_key"], "output/%s/%s/zmq_auth/%s.key" % (fm["host"], fm["name"], name)) else: zmq_auth_genlist.write("%s/%s %s/%s\n" % (host, name, fm["host"], fm["name"])) need_zmq_auth_gen = True |