always regenerate the CA config file if necessary

author ale <ale@incal.net>

Mon, 10 Dec 2012 20:14:37 +0000 (20:14 +0000)

committer ale <ale@incal.net>

Mon, 10 Dec 2012 20:14:37 +0000 (20:14 +0000)
author ale <ale@incal.net>
Mon, 10 Dec 2012 20:14:37 +0000 (20:14 +0000)
committer ale <ale@incal.net>
Mon, 10 Dec 2012 20:14:37 +0000 (20:14 +0000)
diff --git a/cam/ca.py b/cam/ca.py

index 72ae773..a19835f 100644 (file)
--- a/cam/ca.py
+++ b/cam/ca.py
@@ -66,6 +66,10 @@ class CA(object):
          fcntl.lockf(self._lockfd, fcntl.LOCK_UN)
          self._lockfd.close()
  
+    def _update_config(self):
+        # Create the OpenSSL configuration file.
+        utils.render(self.files.conf, 'openssl_config', self.config)
+
      def close(self):
          self._unlock()
  
@@ -92,8 +96,7 @@ class CA(object):
              with open(self.files.crlnumber, 'w') as fd:
                  fd.write('01\n')
  
-        # Create the OpenSSL configuration file.
-        utils.render(self.files.conf, 'openssl_config', self.config)
+        self._update_config()
  
          # Generate keys if they do not exist.
          if not os.path.exists(self.files.public_key):
@@ -128,6 +131,9 @@ class CA(object):
  
      def gencrl(self):
          log.info('generating CRL')
+
+        self._update_config()
+
          # Write the CRL in PEM format to a temporary file.
          tmpf = self.files.crl + '.tmp'
          openssl_wrap.run_with_config(
@@ -150,6 +156,8 @@ class CA(object):
          self.gencrl()
  
      def generate(self, cert):
+        self._update_config()
+
          expiry = cert.get_expiration_date()
          if expiry and expiry > time.time():
              log.warn('certificate is still valid, revoking previous version')
author	ale <ale@incal.net>
	Mon, 10 Dec 2012 20:14:37 +0000 (20:14 +0000)
committer	ale <ale@incal.net>
	Mon, 10 Dec 2012 20:14:37 +0000 (20:14 +0000)