You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficcontrol.apache.org by da...@apache.org on 2016/11/02 19:05:39 UTC
[1/4] incubator-trafficcontrol git commit: fix ort to actually work
with wildcard certs
Repository: incubator-trafficcontrol
Updated Branches:
refs/heads/master 0e0df834f -> c5a7b9efb
fix ort to actually work with wildcard certs
Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/6e1a3e6d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/6e1a3e6d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/6e1a3e6d
Branch: refs/heads/master
Commit: 6e1a3e6de7dae04a9db0867c526686b06bed37cb
Parents: 3a4a64f
Author: Dave Neuman <ne...@apache.org>
Authored: Wed Nov 2 12:36:01 2016 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Wed Nov 2 13:04:41 2016 -0600
----------------------------------------------------------------------
traffic_ops/bin/traffic_ops_ort.pl | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/6e1a3e6d/traffic_ops/bin/traffic_ops_ort.pl
----------------------------------------------------------------------
diff --git a/traffic_ops/bin/traffic_ops_ort.pl b/traffic_ops/bin/traffic_ops_ort.pl
index da53cbb..0d9f018 100755
--- a/traffic_ops/bin/traffic_ops_ort.pl
+++ b/traffic_ops/bin/traffic_ops_ort.pl
@@ -2523,11 +2523,17 @@ sub adv_processing_ssl {
foreach my $keypair ( @{ $ssl_tracker->{'db_config'} } ) {
( $log_level >> $DEBUG ) && print "DEBUG Processing SSL key: " . $keypair->{'key_name'} . "\n";
-
my $remap = $keypair->{'key_name'};
$remap =~ s/\.key$//;
+ if ($remap !~ /^edge/) {
+ #remove routing name (ccr/tr) and add * for wildcard certs
+ $remap =~ /^(.*?)(\..*)/;
+ $remap = "*$2";
+ }
+ my $found = 0;
foreach my $record (@$certs){
if ($record->{'hostname'} eq $remap){
+ $found = 1;
my $ssl_key = decode_base64($record->{'certificate'}->{'key'});
my $ssl_cert = decode_base64($record->{'certificate'}->{'crt'});
( $log_level >> $DEBUG ) && print "DEBUG private key for $remap is:\n$ssl_key\n";
@@ -2544,14 +2550,16 @@ sub adv_processing_ssl {
$cfg_file_tracker->{ $keypair->{'cert_name'} }->{'component'} = "SSL";
$cfg_file_tracker->{ $keypair->{'cert_name'} }->{'contents'} = $ssl_cert;
$cfg_file_tracker->{ $keypair->{'cert_name'} }->{'fname-in-TO'} = $keypair->{'cert_name'};
- return 0;
}
}
- #if no cert is found, log error and exit
+ #if no cert is found, log error and exit
+ if (!$found) {
( $log_level >> $FATAL ) && print "FATAL SSL certificate for $remap not found!\n";
exit 1;
+ }
}
}
+ return 0;
}
sub setup_lwp {
[4/4] incubator-trafficcontrol git commit: This closes #35
Posted by da...@apache.org.
This closes #35
Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/c5a7b9ef
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/c5a7b9ef
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/c5a7b9ef
Branch: refs/heads/master
Commit: c5a7b9efb465414114f99b67d4d322d895593968
Parents: 6e1a3e6
Author: Dan Kirkwood <da...@gmail.com>
Authored: Wed Nov 2 13:05:29 2016 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Wed Nov 2 13:05:29 2016 -0600
----------------------------------------------------------------------
----------------------------------------------------------------------
[3/4] incubator-trafficcontrol git commit: update
update_riak_for_search to not error if keys are not found for a DS
Posted by da...@apache.org.
update update_riak_for_search to not error if keys are not found for a DS
Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/9e5a9d3f
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/9e5a9d3f
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/9e5a9d3f
Branch: refs/heads/master
Commit: 9e5a9d3f22b4553c9686af95a612a606faf0016b
Parents: 0e0df83
Author: Dave Neuman <ne...@apache.org>
Authored: Wed Nov 2 09:24:05 2016 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Wed Nov 2 13:04:41 2016 -0600
----------------------------------------------------------------------
traffic_ops/app/script/update_riak_for_search.pl | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/9e5a9d3f/traffic_ops/app/script/update_riak_for_search.pl
----------------------------------------------------------------------
diff --git a/traffic_ops/app/script/update_riak_for_search.pl b/traffic_ops/app/script/update_riak_for_search.pl
index cc9d184..5eb2950 100755
--- a/traffic_ops/app/script/update_riak_for_search.pl
+++ b/traffic_ops/app/script/update_riak_for_search.pl
@@ -40,6 +40,9 @@ foreach my $ds (@$dss) {
my $xml_id = $ds->{xmlId};
my $cdn = $ds->{cdnName};
my $record = &get_riak_record($xml_id, $to_url, $ua);
+ if (!defined($record)) {
+ next;
+ }
$record->{deliveryservice} = $xml_id;
$record->{cdn} = $cdn;
$record->{certificate}->{crt} = decode_base64($record->{certificate}->{crt});
@@ -117,8 +120,8 @@ sub get_riak_record {
my $response = $ua->get( $url );
if(!$response->is_success() || $response->code() > 400) {
- print "Could not get ssl record for $xml_id from riak! Response was ". $response->{_rc} . " - " . $response->{_msg} . "\n";
- exit 1;
+ print "Could not get ssl record for $xml_id from riak! Response was ". $response->{_rc} . " - " . $response->{_msg} . "Skipping...\n";
+ return;
}
my $content = decode_json($response->{_content});
[2/4] incubator-trafficcontrol git commit: log FATAL and exit if a
SSL certificate is not found for a HTTPS enabled DS. This fixes TC-19
Posted by da...@apache.org.
log FATAL and exit if a SSL certificate is not found for a HTTPS enabled DS. This fixes TC-19
Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/3a4a64f5
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/3a4a64f5
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/3a4a64f5
Branch: refs/heads/master
Commit: 3a4a64f56e5b571ab1f92aaf800440773f8d1839
Parents: 9e5a9d3
Author: Dave Neuman <ne...@apache.org>
Authored: Wed Nov 2 09:48:16 2016 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Wed Nov 2 13:04:41 2016 -0600
----------------------------------------------------------------------
traffic_ops/bin/traffic_ops_ort.pl | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/3a4a64f5/traffic_ops/bin/traffic_ops_ort.pl
----------------------------------------------------------------------
diff --git a/traffic_ops/bin/traffic_ops_ort.pl b/traffic_ops/bin/traffic_ops_ort.pl
index 95f4087..da53cbb 100755
--- a/traffic_ops/bin/traffic_ops_ort.pl
+++ b/traffic_ops/bin/traffic_ops_ort.pl
@@ -2544,11 +2544,14 @@ sub adv_processing_ssl {
$cfg_file_tracker->{ $keypair->{'cert_name'} }->{'component'} = "SSL";
$cfg_file_tracker->{ $keypair->{'cert_name'} }->{'contents'} = $ssl_cert;
$cfg_file_tracker->{ $keypair->{'cert_name'} }->{'fname-in-TO'} = $keypair->{'cert_name'};
+ return 0;
}
}
+ #if no cert is found, log error and exit
+ ( $log_level >> $FATAL ) && print "FATAL SSL certificate for $remap not found!\n";
+ exit 1;
}
}
- return 0;
}
sub setup_lwp {