• Helga Velroyen's avatar
    Check for SSL encoding inconsistencies · 9179f383
    Helga Velroyen authored
    This fixes bug 853, which was rather subtle: When adding
    nodes with a different openssl library than the master
    node, the SSL server certificate could be encoded
    differently from the master node. This caused
    'gnt-cluster verify' to complain about differing
    'server.pem' files although all certificates would
    work and private keys could be matched sucessfully
    to the public part of the certificate.
    This patch does two things:
    - It checks if the encoded versions of the certificate
      differ and if yes, an error is logged.
    - It writes exactly the file to disk that it receives
      from the master node so that file inconsistency
      is prevented.
    Signed-off-by: default avatarHelga Velroyen <helgav@google.com>
    Reviewed-by: default avatarKlaus Aehlig <aehlig@google.com>
node_daemon_setup.py 6.81 KB