diff options
author | Kali Kaneko <kali@leap.se> | 2015-01-08 14:34:13 -0400 |
---|---|---|
committer | Kali Kaneko <kali@leap.se> | 2015-01-08 14:34:13 -0400 |
commit | fdbfe431c52b2bc5a88a2328fe79de3035201099 (patch) | |
tree | 60d6af48f468f0dcd1922998e663f2273a55c41e /src/leap/bitmask/backend/utils.py | |
parent | 77b576b58f7f533ff4f6a31594bb53d4ffad9d49 (diff) | |
parent | 54521d35d239c2e62d42e9c77690b9d1bc94f7db (diff) |
Merge branch 'release/0.8.x' into debian/experimental
Diffstat (limited to 'src/leap/bitmask/backend/utils.py')
-rw-r--r-- | src/leap/bitmask/backend/utils.py | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/src/leap/bitmask/backend/utils.py b/src/leap/bitmask/backend/utils.py index 65bf6753..18e70743 100644 --- a/src/leap/bitmask/backend/utils.py +++ b/src/leap/bitmask/backend/utils.py @@ -17,6 +17,7 @@ """ Backend utilities to handle ZMQ certificates. """ +import logging import os import shutil import stat @@ -26,10 +27,12 @@ import zmq.auth from leap.bitmask.util import get_path_prefix from leap.common.files import mkdir_p +logger = logging.getLogger(__name__) + KEYS_DIR = os.path.join(get_path_prefix(), 'leap', 'zmq_certificates') -def generate_certificates(): +def generate_zmq_certificates(): """ Generate client and server CURVE certificate files. """ @@ -62,3 +65,24 @@ def get_backend_certificates(base_dir='.'): backend_secret_file = os.path.join(KEYS_DIR, "backend.key_secret") public, secret = zmq.auth.load_certificate(backend_secret_file) return public, secret + + +def _certificates_exist(): + """ + Return whether there are certificates in place or not. + + :rtype: bool + """ + frontend_secret_file = os.path.join(KEYS_DIR, "frontend.key_secret") + backend_secret_file = os.path.join(KEYS_DIR, "backend.key_secret") + return os.path.isfile(frontend_secret_file) and \ + os.path.isfile(backend_secret_file) + + +def generate_zmq_certificates_if_needed(): + """ + Generate the needed ZMQ certificates for backend/frontend communication if + needed. + """ + if not _certificates_exist(): + generate_zmq_certificates() |