diff --git a/src/cert.go b/src/cert.go index 70057e6a1..31656d575 100644 --- a/src/cert.go +++ b/src/cert.go @@ -1,59 +1,54 @@ package main import ( + "bytes" "encoding/json" "fmt" "os" "os/exec" + "path" "strings" "text/template" log "github.com/sirupsen/logrus" ) -func parsecfsslInput(i *[]byte) (out string) { - in := strings.Split(string(*i), "{") - for i, s := range in { - if i != 0 { - out += s - } - } - return "{" + out -} - -func cfssljson(i *[]byte, file string) { +func cfssljson(b []byte, file string, node *Node) { var input = map[string]interface{}{} var err error var cert string var key string var csr string - err = json.Unmarshal([]byte(parsecfsslInput(i)), &input) + //log.Debugf("cfssl output:\n%s", string(b)) + err = json.Unmarshal(b, &input) if err != nil { fmt.Fprintf(os.Stderr, "Failed to parse input: %v\n", err) os.Exit(1) } if contents, ok := input["cert"]; ok { cert = contents.(string) - } else if contents, ok = input["certificate"]; ok { - cert = contents.(string) + if node != nil { + node.TLSCert = strings.Replace(cert, "\n", "", -1) + } } createFile(file+".pem", cert) if contents, ok := input["key"]; ok { key = contents.(string) - } else if contents, ok = input["private_key"]; ok { - key = contents.(string) + if node != nil { + node.TLSKey = strings.Replace(key, "\n", "", -1) + } } createFile(file+"-key.pem", key) if contents, ok := input["csr"]; ok { csr = contents.(string) - } else if contents, ok = input["certificate_request"]; ok { - csr = contents.(string) } createFile(file+".csr", csr) - + if node != nil { + log.Debugf("node: %+v", node) + } } func (c *cLab) createRootCA() (err error) { @@ -91,20 +86,27 @@ func (c *cLab) createRootCA() (err error) { } log.Debug(fmt.Sprintf("CopyFile GoTemplate src %s -> dat %s succeeded\n", src, dst)) - var cmd *exec.Cmd - cmd = exec.Command("cfssl", "gencert", "-initca", dst) - o, err := cmd.CombinedOutput() - //fmt.Println(string(o)) + cmd := exec.Command("cfssl", "gencert", "-initca", dst) + o, err := cmd.Output() if err != nil { - log.Errorf("cmd.Run() failed with %s\n", err) + log.Errorf("cmd.Run() failed with %s", err) + } + if debug { + jsCert := new(bytes.Buffer) + json.Indent(jsCert, o, "", " ") + log.Debugf("'cfssl gencert -initca' output:\n%s", jsCert.String()) } - cfssljson(&o, c.Dir.LabCARoot+"/"+"root-ca") + cfssljson(o, c.Dir.LabCARoot+"/"+"root-ca", nil) return nil } func (c *cLab) createCERT(shortdutName string) (err error) { + node, ok := c.Nodes[shortdutName] + if !ok { + return fmt.Errorf("unknown dut name: %s", shortdutName) + } //create dut cert diretcory createDirectory(c.Nodes[shortdutName].CertDir, 0755) @@ -113,7 +115,7 @@ func (c *cLab) createCERT(shortdutName string) (err error) { // copy topology to node specific directory in lab src = "ca_config/templates/csr.json" - dst = c.Nodes[shortdutName].CertDir + "/" + "csr" + "-" + shortdutName + ".json" + dst = path.Join(node.CertDir, "csr"+"-"+shortdutName+".json") tpl, err := template.ParseFiles(src) if err != nil { log.Fatalln(err) @@ -139,16 +141,19 @@ func (c *cLab) createCERT(shortdutName string) (err error) { log.Debug(fmt.Sprintf("CopyFile GoTemplate src %s -> dat %s succeeded\n", src, dst)) var cmd *exec.Cmd - rootCert := c.Dir.LabCARoot + "/" + "root-ca.pem" - rootKey := c.Dir.LabCARoot + "/" + "root-ca-key.pem" + rootCert := path.Join(c.Dir.LabCARoot, "root-ca.pem") + rootKey := path.Join(c.Dir.LabCARoot, "root-ca-key.pem") cmd = exec.Command("cfssl", "gencert", "-ca", rootCert, "-ca-key", rootKey, dst) - o, err := cmd.CombinedOutput() - //fmt.Println(string(o)) + o, err := cmd.Output() if err != nil { - log.Errorf("cmd.Run() failed with %s\n", err) + log.Errorf("'cfssl gencert -ca rootCert -caKey rootKey' failed with: %v", err) + } + if debug { + jsCert := new(bytes.Buffer) + json.Indent(jsCert, o, "", " ") + log.Debugf("'cfssl gencert -ca rootCert -caKey rootKey' output:\n%s", jsCert.String()) } - cfssljson(&o, c.Nodes[shortdutName].CertDir+"/"+shortdutName) - + cfssljson(o, path.Join(node.CertDir, shortdutName), node) return nil }