From d42030d39800b930634dba1efafcf43959c40205 Mon Sep 17 00:00:00 2001
From: Corentin LABBE <clabbe@baylibre.com>
Date: Wed, 4 Jul 2018 14:45:58 +0200
Subject: Handle ZMQ auth

This patch add support for using ZMQ auth.
Basicly adding "zmq_auth: True" to a master is sufficient to enable it.
Since "ZMQ certificates" are using a custom format (vs X509 classic), we need to use the custom generator.
For helping with that a temporary docker is generated which handle generating thoses files.
---
 lava-slave/scripts/setup.sh | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'lava-slave/scripts/setup.sh')

diff --git a/lava-slave/scripts/setup.sh b/lava-slave/scripts/setup.sh
index bf91c7a..e696e57 100755
--- a/lava-slave/scripts/setup.sh
+++ b/lava-slave/scripts/setup.sh
@@ -91,3 +91,11 @@ do
 		fi
 	done
 done
+
+if [ -e /etc/lava-dispatcher/certificates.d/$(hostname).key ];then
+	echo "INFO: Enabling encryption"
+	sed -i 's,.*ENCRYPT=.*,ENCRYPT="--encrypt",' /etc/lava-dispatcher/lava-slave
+	sed -i "s,.*SLAVE_CERT=.*,SLAVE_CERT=\"--slave-cert /etc/lava-dispatcher/certificates.d/$(hostname).key_secret\"," /etc/lava-dispatcher/lava-slave
+	sed -i "s,.*MASTER_CERT=.*,MASTER_CERT=\"--master-cert /etc/lava-dispatcher/certificates.d/$LAVA_MASTER.key\"," /etc/lava-dispatcher/lava-slave
+fi
+exit 0
-- 
cgit 1.2.3-korg