Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(2)
Issues Repositories Search
Open Issues | Closed Issues | All Issues | Sign in with your Google Account to create issues and add comments

Side by Side Diff: juju/bootstrap.go

Issue 6842088: cmd/jujud: accept CA cert flag
Patch Set: cmd/jujud: accept CA cert flag Created 12 years, 4 months ago
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
View unified diff | Download patch
« cmd/jujud/agent.go ('K') | « environs/config_test.go ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 package juju 1 package juju
2 2
3 import ( 3 import (
4 "bytes" 4 "bytes"
5 "crypto/rand" 5 "crypto/rand"
6 "crypto/rsa" 6 "crypto/rsa"
7 "crypto/sha1" 7 "crypto/sha1"
8 "crypto/tls" 8 "crypto/tls"
9 "crypto/x509" 9 "crypto/x509"
10 "crypto/x509/pkix" 10 "crypto/x509/pkix"
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after
67 // TODO quote the environment name when we start using 67 // TODO quote the environment name when we start using
68 // Go version 1.1. See Go issue 3791. 68 // Go version 1.1. See Go issue 3791.
69 CommonName: fmt.Sprintf("juju-generated CA for environ ment %s", envName), 69 CommonName: fmt.Sprintf("juju-generated CA for environ ment %s", envName),
70 Organization: []string{"juju"}, 70 Organization: []string{"juju"},
71 }, 71 },
72 NotBefore: now.UTC().Add(-5 * time.Minute), 72 NotBefore: now.UTC().Add(-5 * time.Minute),
73 NotAfter: now.UTC().AddDate(10, 0, 0), // 10 years hence. 73 NotAfter: now.UTC().AddDate(10, 0, 0), // 10 years hence.
74 SubjectKeyId: bigIntHash(priv.N), 74 SubjectKeyId: bigIntHash(priv.N),
75 KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUs ageDigitalSignature | x509.KeyUsageCertSign, 75 KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUs ageDigitalSignature | x509.KeyUsageCertSign,
76 BasicConstraintsValid: true, 76 BasicConstraintsValid: true,
77 » » IsCA: true, 77 » » IsCA: true,
78 » » MaxPathLen: 0, // Disallow delegation for now. 78 » » MaxPathLen: 0, // Disallow delegation for now.
niemeyer 2012/11/26 20:12:21 :-)
79 } 79 }
80 certDER, err := x509.CreateCertificate(rand.Reader, template, template, &priv.PublicKey, priv) 80 certDER, err := x509.CreateCertificate(rand.Reader, template, template, &priv.PublicKey, priv)
81 if err != nil { 81 if err != nil {
82 return nil, fmt.Errorf("canot create certificate: %v", err) 82 return nil, fmt.Errorf("canot create certificate: %v", err)
83 } 83 }
84 var b bytes.Buffer 84 var b bytes.Buffer
85 pem.Encode(&b, &pem.Block{ 85 pem.Encode(&b, &pem.Block{
86 Type: "CERTIFICATE", 86 Type: "CERTIFICATE",
87 Bytes: certDER, 87 Bytes: certDER,
88 }) 88 })
(...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after
184 tlsCert, err := tls.X509KeyPair(pem.EncodeToMemory(certBlock), pem.Encod eToMemory(keyBlock)) 184 tlsCert, err := tls.X509KeyPair(pem.EncodeToMemory(certBlock), pem.Encod eToMemory(keyBlock))
185 if err != nil { 185 if err != nil {
186 return nil, nil, err 186 return nil, nil, err
187 } 187 }
188 priv, ok := tlsCert.PrivateKey.(*rsa.PrivateKey) 188 priv, ok := tlsCert.PrivateKey.(*rsa.PrivateKey)
189 if !ok { 189 if !ok {
190 return nil, nil, fmt.Errorf("CA private key has unexpected type %T", tlsCert.PrivateKey) 190 return nil, nil, fmt.Errorf("CA private key has unexpected type %T", tlsCert.PrivateKey)
191 } 191 }
192 return cert, priv, nil 192 return cert, priv, nil
193 } 193 }
OLDNEW
« cmd/jujud/agent.go ('K') | « environs/config_test.go ('k') | no next file » | no next file with comments »

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b