| Current File : //lib/python2.7/site-packages/cloudinit/config/cc_ca_certs.pyc |
��
oB�]c������������@���s����d��Z��d��d��l��Z��d��d��l��m��Z���d��Z��d��Z��d��Z��d��Z��e��j��j �e��e�����Z
�d��d �g��Z��d
����Z��d�����Z
�d�����Z��d
����Z��d��S(����s8���
CA Certs
--------
**Summary:** add ca certificates
This module adds CA certificates to ``/etc/ca-certificates.conf`` and updates
the ssl cert cache using ``update-ca-certificates``. The default certificates
can be removed from the system with the configuration option
``remove-defaults``.
.. note::
certificates must be specified using valid yaml. in order to specify a
multiline certificate, the yaml multiline list syntax must be used
**Internal name:** ``cc_ca_certs``
**Module frequency:** per instance
**Supported distros:** ubuntu, debian
**Config keys**::
ca-certs:
remove-defaults: <true/false>
trusted:
- <single line cert>
- |
-----BEGIN CERTIFICATE-----
YOUR-ORGS-TRUSTED-CA-CERT-HERE
-----END CERTIFICATE-----
i����N(����t����utils����/usr/share/ca-certificates/s����cloud-init-ca-certs.crts����/etc/ca-certificates.confs����/etc/ssl/certs/t����ubuntut����debianc������������C���s����t��j��d��g��d��t������d��S(����sB���
Updates the CA certificate cache on the current machine.
s����update-ca-certificatest����captureN(����R����t����subpt����False(����(����(����s@���/usr/lib/python2.7/site-packages/cloudinit/config/cc_ca_certs.pyt����update_ca_certs2���s������c������������C���s����|��r��d��j��g��|��D]��}��t��|�����^��q�����}��t��j��t��|��d��d������t��j��t�����}��d��j��g��|��j�����D]��}��|��t��k��rf�|��^��qf����}��d��|��j ����t��f���}��t��j��t��|��d��d������n��d��S(����s����
Adds certificates to the system. To actually apply the new certificates
you must also call L{update_ca_certs}.
@param certs: A list of certificate strings.
s����
t����modei����s����%s
%s
t����omodet����wbN(
���t����joint����strR����t
���write_filet����CA_CERT_FULL_PATHt ���load_filet����CA_CERT_CONFIGt
���splitlinest����CA_CERT_FILENAMEt����rstrip(����t����certst����ct����cert_file_contentst����origt����linet����cur_contt����out(����(����s@���/usr/lib/python2.7/site-packages/cloudinit/config/cc_ca_certs.pyt����add_ca_certs9���s��������(�����������c������������C���sJ���t��j��t������t��j��t������t��j��t��d��d��d������d��}��t��j��d��|������d��S( ���s����
Removes all default trusted CA certificates from the system. To actually
apply the change you must also call L{update_ca_certs}.
t����R����i����s8���ca-certificates ca-certificates/trust_new_crts select nos����debconf-set-selectionst����-N(����s����debconf-set-selectionsR����(����R����t����delete_dir_contentst����CA_CERT_PATHt����CA_CERT_SYSTEM_PATHR����R����R����(����t����debconf_sel(����(����s@���/usr/lib/python2.7/site-packages/cloudinit/config/cc_ca_certs.pyt����remove_default_ca_certsO���s
�����
�
�����c������������C���s����d��|��k��r �|��j��d��|������d��S|��d���}��|��j��d��t�����rS�|��j��d������t������n��d��|��k��r��t��j��|��d�����}��|��r��|��j��d��t��|����������t��|������q��n��|��j��d������t������d��S( ���su���
Call to handle ca-cert sections in cloud-config file.
@param name: The module name "ca-cert" from cloud.cfg
@param cfg: A nested dict containing the entire cloud config contents.
@param cloud: The L{CloudInit} object in use.
@param log: Pre-initialized Python logger object to use for logging.
@param args: Any module arguments from cloud.cfg
s����ca-certss<���Skipping module named %s, no 'ca-certs' key in configurationNs����remove-defaultss����Removing default certificatest����trusteds����Adding %d certificatess����Updating certificates( ���t����debugt����getR����R!���R����t����get_cfg_option_listt����lenR����R����(����t����namet����cfgt����_cloudt����logt����_argst����ca_cert_cfgt
���trusted_certs(����(����s@���/usr/lib/python2.7/site-packages/cloudinit/config/cc_ca_certs.pyt����handle[���s�������� �����
���
�
�����������
�(����t����__doc__t����ost ���cloudinitR����R����R����R����R����t����pathR
���R
���t����distrosR����R����R!���R.���(����(����(����s@���/usr/lib/python2.7/site-packages/cloudinit/config/cc_ca_certs.pyt����<module>#���s���������������������� � � �