From ee48169642cab475c4ceba26aa84eabd40fab80f Mon Sep 17 00:00:00 2001 From: jbjohnso Date: Mon, 25 Mar 2013 19:36:20 +0000 Subject: [PATCH] Fix issue where powershell instrumentation fired up with no hope of successfully performing SSL git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@15657 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd --- xCAT-server/lib/xcat/plugins/windows.pm | 21 ++++++++++++++++++- .../xcat/netboot/windows/nextdestiny.ps1 | 13 ++++++++++-- 2 files changed, 31 insertions(+), 3 deletions(-) diff --git a/xCAT-server/lib/xcat/plugins/windows.pm b/xCAT-server/lib/xcat/plugins/windows.pm index 6c154f6b4..8c19fa01a 100644 --- a/xCAT-server/lib/xcat/plugins/windows.pm +++ b/xCAT-server/lib/xcat/plugins/windows.pm @@ -212,6 +212,18 @@ sub applyimagescript { :END ENDAPPLY } + +sub get_server_certname { + my @certdata = `openssl x509 -in /etc/xcat/cert/server-cert.pem -text -noout`; + foreach (@certdata) { + if (/Subject:/) { + s/.*=//; + return $_; + last; + } + } +} + #Don't sweat os type as for mkimage it is always 'imagex' if it got here sub mkinstall { @@ -235,6 +247,11 @@ sub mkinstall }); return; } + my $xcatsslname=get_server_certname(); + unless (-r "$installroot/xcat/ca.pem" and stat("/etc/xcat/cert/ca.pem")->mtime <= stat("$installroot/xcat/ca.pem")->mtime) { + mkpath("$installroot/xcat/"); + copy("/etc/xcat/cert/ca.pem","$installroot/xcat/ca.pem"); + } require xCAT::Template; foreach $node (@nodes) { @@ -349,7 +366,7 @@ sub mkinstall "nextdestiny.ps1", ); foreach my $utilfile (@utilfiles) { - unless (-r "$installroot/utils/windows/$utilfile" and stat("$::XCATROOT/share/xcat/netboot/windows/$utilfile")->mtime < stat("$installroot/utils/windows/$utilfile")) { + unless (-r "$installroot/utils/windows/$utilfile" and stat("$::XCATROOT/share/xcat/netboot/windows/$utilfile")->mtime <= stat("$installroot/utils/windows/$utilfile")->mtime) { mkpath("$installroot/utils/windows/"); copy("$::XCATROOT/share/xcat/netboot/windows/$utilfile","$installroot/utils/windows/$utilfile"); } @@ -455,6 +472,8 @@ sub mkinstall print $shandle "%instdrv%\\postscripts\\upflagx64 %XCATD% 3002 next\r\n"; print $shandle "GOTO END\r\n"; print $shandle ":PSH\n"; + print $shandle "set mastername=$xcatsslname\n"; + print $shandle "set master=%XCATD%\n"; print $shandle "mkdir x:\\windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\xCAT\r\n"; print $shandle "copy %instdrv%\\utils\\windows\\xCAT.* x:\\windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\xCAT\r\n"; print $shandle "powershell set-executionpolicy bypass CurrentUser\r\n"; diff --git a/xCAT-server/share/xcat/netboot/windows/nextdestiny.ps1 b/xCAT-server/share/xcat/netboot/windows/nextdestiny.ps1 index 68c11ff30..0a85b3029 100644 --- a/xCAT-server/share/xcat/netboot/windows/nextdestiny.ps1 +++ b/xCAT-server/share/xcat/netboot/windows/nextdestiny.ps1 @@ -1,2 +1,11 @@ -$command=@{'command'='nextdestiny'} -Send-xCATCommand $command +$command=@{'command'='nextdestiny'} +if (!(Test-Path HKCU:\Software\xCAT)) { + mkdir HKCU:\Software\xCAT + $certstore = New-Object System.Security.Cryptography.X509Certificates.X509Store("My","CurrentUser") + $certstore.Open([System.Security.Cryptopgraphy.X509Certificates.OpenFlags]'Readwrite') + $cacert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("$env:instdrv\xcat\ca.pem") + Set-ItemProperty HKCU:\Software\xCAT cacertthumb $cacert.thumbprint + Set-ItemProperty HKCU:\Software\xCAT serveraddress $env:master + Set-ItemProperty HKCU:\Software\xCAT servername $env:mastername +} +Send-xCATCommand $command