From 85cac4dfe70bcf49827645e24683792c3b032aa2 Mon Sep 17 00:00:00 2001 From: dlorenc Date: Thu, 12 Apr 2018 13:37:00 -0700 Subject: [PATCH] Update docker-machine for hyper-v fix. --- Godeps/Godeps.json | 128 +++++++++--------- .../docker/machine/drivers/hyperv/hyperv.go | 34 ++--- .../machine/drivers/hyperv/powershell.go | 2 +- .../machine/libmachine/cert/bootstrap.go | 127 +++++++++++------ .../docker/machine/libmachine/cert/cert.go | 25 ++++ 5 files changed, 195 insertions(+), 121 deletions(-) diff --git a/Godeps/Godeps.json b/Godeps/Godeps.json index eb6cff38d7..e6d4539373 100644 --- a/Godeps/Godeps.json +++ b/Godeps/Godeps.json @@ -1260,163 +1260,163 @@ }, { "ImportPath": "github.com/docker/machine/commands/mcndirs", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/drivers/errdriver", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/drivers/hyperv", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/drivers/none", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/drivers/virtualbox", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/drivers/vmwarefusion", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/auth", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/cert", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/check", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/drivers", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/drivers/plugin", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/drivers/plugin/localbinary", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/drivers/rpc", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/engine", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/host", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/log", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/mcndockerclient", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/mcnerror", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/mcnflag", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/mcnutils", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/persist", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/provision", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/provision/pkgaction", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/provision/serviceaction", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/shell", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/ssh", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/state", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/swarm", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/version", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/libmachine/versioncmp", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/machine/version", - "Comment": "docs-v0.8.2-2016-09-26-351-ga950319e", - "Rev": "a950319ea4041615add4a243e684b1baadb6436f" + "Comment": "docs-v0.8.2-2016-09-26-373-g1e3b6b64", + "Rev": "1e3b6b64504f2970252b06119d6dc1fb1982b4b4" }, { "ImportPath": "github.com/docker/spdystream", diff --git a/vendor/github.com/docker/machine/drivers/hyperv/hyperv.go b/vendor/github.com/docker/machine/drivers/hyperv/hyperv.go index 629fbbe7c9..cf86801d43 100644 --- a/vendor/github.com/docker/machine/drivers/hyperv/hyperv.go +++ b/vendor/github.com/docker/machine/drivers/hyperv/hyperv.go @@ -128,7 +128,7 @@ func (d *Driver) GetURL() (string, error) { } func (d *Driver) GetState() (state.State, error) { - stdout, err := cmdOut("(", "hyper-v\\Get-VM", d.MachineName, ").state") + stdout, err := cmdOut("(", "Hyper-V\\Get-VM", d.MachineName, ").state") if err != nil { return state.None, fmt.Errorf("Failed to find the VM status") } @@ -205,7 +205,7 @@ func (d *Driver) Create() error { return err } - if err := cmd("hyper-v\\New-VM", + if err := cmd("Hyper-V\\New-VM", d.MachineName, "-Path", fmt.Sprintf("'%s'", d.ResolveStorePath(".")), "-SwitchName", quote(virtualSwitch), @@ -214,7 +214,7 @@ func (d *Driver) Create() error { } if d.CPU > 1 { - if err := cmd("hyper-v\\Set-VMProcessor", + if err := cmd("Hyper-V\\Set-VMProcessor", d.MachineName, "-Count", fmt.Sprintf("%d", d.CPU)); err != nil { return err @@ -222,7 +222,7 @@ func (d *Driver) Create() error { } if d.MacAddr != "" { - if err := cmd("hyper-v\\Set-VMNetworkAdapter", + if err := cmd("Hyper-V\\Set-VMNetworkAdapter", "-VMName", d.MachineName, "-StaticMacAddress", fmt.Sprintf("\"%s\"", d.MacAddr)); err != nil { return err @@ -230,7 +230,7 @@ func (d *Driver) Create() error { } if d.VLanID > 0 { - if err := cmd("hyper-v\\Set-VMNetworkAdapterVlan", + if err := cmd("Hyper-V\\Set-VMNetworkAdapterVlan", "-VMName", d.MachineName, "-Access", "-VlanId", fmt.Sprintf("%d", d.VLanID)); err != nil { @@ -238,13 +238,13 @@ func (d *Driver) Create() error { } } - if err := cmd("hyper-v\\Set-VMDvdDrive", + if err := cmd("Hyper-V\\Set-VMDvdDrive", "-VMName", d.MachineName, "-Path", quote(d.ResolveStorePath("boot2docker.iso"))); err != nil { return err } - if err := cmd("hyper-v\\Add-VMHardDiskDrive", + if err := cmd("Hyper-V\\Add-VMHardDiskDrive", "-VMName", d.MachineName, "-Path", quote(diskImage)); err != nil { return err @@ -257,7 +257,7 @@ func (d *Driver) Create() error { func (d *Driver) chooseVirtualSwitch() (string, error) { if d.VSwitch == "" { // Default to the first external switche and in the process avoid DockerNAT - stdout, err := cmdOut("(hyper-v\\Get-VMSwitch -SwitchType External).Name") + stdout, err := cmdOut("(Hyper-V\\Get-VMSwitch -SwitchType External).Name") if err != nil { return "", err } @@ -271,7 +271,7 @@ func (d *Driver) chooseVirtualSwitch() (string, error) { return switches[0], nil } - stdout, err := cmdOut("(hyper-v\\Get-VMSwitch).Name") + stdout, err := cmdOut("(Hyper-V\\Get-VMSwitch).Name") if err != nil { return "", err } @@ -327,7 +327,7 @@ func (d *Driver) waitStopped() error { // Start starts an host func (d *Driver) Start() error { - if err := cmd("hyper-v\\Start-VM", d.MachineName); err != nil { + if err := cmd("Hyper-V\\Start-VM", d.MachineName); err != nil { return err } @@ -343,7 +343,7 @@ func (d *Driver) Start() error { // Stop stops an host func (d *Driver) Stop() error { - if err := cmd("hyper-v\\Stop-VM", d.MachineName); err != nil { + if err := cmd("Hyper-V\\Stop-VM", d.MachineName); err != nil { return err } @@ -369,7 +369,7 @@ func (d *Driver) Remove() error { } } - return cmd("hyper-v\\Remove-VM", d.MachineName, "-Force") + return cmd("Hyper-V\\Remove-VM", d.MachineName, "-Force") } // Restart stops and starts an host @@ -384,7 +384,7 @@ func (d *Driver) Restart() error { // Kill force stops an host func (d *Driver) Kill() error { - if err := cmd("hyper-v\\Stop-VM", d.MachineName, "-TurnOff"); err != nil { + if err := cmd("Hyper-V\\Stop-VM", d.MachineName, "-TurnOff"); err != nil { return err } @@ -406,7 +406,7 @@ func (d *Driver) GetIP() (string, error) { return "", drivers.ErrHostIsNotRunning } - stdout, err := cmdOut("((", "hyper-v\\Get-VM", d.MachineName, ").networkadapters[0]).ipaddresses[0]") + stdout, err := cmdOut("((", "Hyper-V\\Get-VM", d.MachineName, ").networkadapters[0]).ipaddresses[0]") if err != nil { return "", err } @@ -440,7 +440,7 @@ func (d *Driver) generateDiskImage() (string, error) { } log.Infof("Creating VHD") - if err := cmd("hyper-v\\New-VHD", "-Path", quote(fixed), "-SizeBytes", fixedDiskSize, "-Fixed"); err != nil { + if err := cmd("Hyper-V\\New-VHD", "-Path", quote(fixed), "-SizeBytes", fixedDiskSize, "-Fixed"); err != nil { return "", err } @@ -462,12 +462,12 @@ func (d *Driver) generateDiskImage() (string, error) { } file.Close() - if err := cmd("hyper-v\\Convert-VHD", "-Path", quote(fixed), "-DestinationPath", quote(diskImage), "-VHDType", "Dynamic", "-DeleteSource"); err != nil { + if err := cmd("Hyper-V\\Convert-VHD", "-Path", quote(fixed), "-DestinationPath", quote(diskImage), "-VHDType", "Dynamic", "-DeleteSource"); err != nil { return "", err } if isWindowsAdmin { - if err := cmd("hyper-v\\Resize-VHD", "-Path", quote(diskImage), "-SizeBytes", toMb(d.DiskSize)); err != nil { + if err := cmd("Hyper-V\\Resize-VHD", "-Path", quote(diskImage), "-SizeBytes", toMb(d.DiskSize)); err != nil { return "", err } } diff --git a/vendor/github.com/docker/machine/drivers/hyperv/powershell.go b/vendor/github.com/docker/machine/drivers/hyperv/powershell.go index d34c624965..5175791fd5 100644 --- a/vendor/github.com/docker/machine/drivers/hyperv/powershell.go +++ b/vendor/github.com/docker/machine/drivers/hyperv/powershell.go @@ -55,7 +55,7 @@ func parseLines(stdout string) []string { } func hypervAvailable() error { - stdout, err := cmdOut("@(Get-Command hyper-v\\Get-VM).ModuleName") + stdout, err := cmdOut("@(Get-Module -ListAvailable hyper-v).Name | Get-Unique") if err != nil { return err } diff --git a/vendor/github.com/docker/machine/libmachine/cert/bootstrap.go b/vendor/github.com/docker/machine/libmachine/cert/bootstrap.go index ec5fe0e0de..59543bcb05 100644 --- a/vendor/github.com/docker/machine/libmachine/cert/bootstrap.go +++ b/vendor/github.com/docker/machine/libmachine/cert/bootstrap.go @@ -10,13 +10,74 @@ import ( "github.com/docker/machine/libmachine/mcnutils" ) -func BootstrapCertificates(authOptions *auth.Options) error { +func createCACert(authOptions *auth.Options, caOrg string, bits int) error { + caCertPath := authOptions.CaCertPath + caPrivateKeyPath := authOptions.CaPrivateKeyPath + + log.Infof("Creating CA: %s", caCertPath) + + // check if the key path exists; if so, error + if _, err := os.Stat(caPrivateKeyPath); err == nil { + return errors.New("certificate authority key already exists") + } + + if err := GenerateCACertificate(caCertPath, caPrivateKeyPath, caOrg, bits); err != nil { + return fmt.Errorf("generating CA certificate failed: %s", err) + } + + return nil +} + +func createCert(authOptions *auth.Options, org string, bits int) error { certDir := authOptions.CertDir caCertPath := authOptions.CaCertPath caPrivateKeyPath := authOptions.CaPrivateKeyPath clientCertPath := authOptions.ClientCertPath clientKeyPath := authOptions.ClientKeyPath + log.Infof("Creating client certificate: %s", clientCertPath) + + if _, err := os.Stat(certDir); err != nil { + if os.IsNotExist(err) { + if err := os.Mkdir(certDir, 0700); err != nil { + return fmt.Errorf("failure creating machine client cert dir: %s", err) + } + } else { + return err + } + } + + // check if the key path exists; if so, error + if _, err := os.Stat(clientKeyPath); err == nil { + return errors.New("client key already exists") + } + + // Used to generate the client certificate. + certOptions := &Options{ + Hosts: []string{""}, + CertFile: clientCertPath, + KeyFile: clientKeyPath, + CAFile: caCertPath, + CAKeyFile: caPrivateKeyPath, + Org: org, + Bits: bits, + SwarmMaster: false, + } + + if err := GenerateCert(certOptions); err != nil { + return fmt.Errorf("failure generating client certificate: %s", err) + } + + return nil +} + +func BootstrapCertificates(authOptions *auth.Options) error { + certDir := authOptions.CertDir + caCertPath := authOptions.CaCertPath + clientCertPath := authOptions.ClientCertPath + clientKeyPath := authOptions.ClientKeyPath + caPrivateKeyPath := authOptions.CaPrivateKeyPath + // TODO: I'm not super happy about this use of "org", the user should // have to specify it explicitly instead of implicitly basing it on // $USER. @@ -28,7 +89,7 @@ func BootstrapCertificates(authOptions *auth.Options) error { if _, err := os.Stat(certDir); err != nil { if os.IsNotExist(err) { if err := os.MkdirAll(certDir, 0700); err != nil { - return fmt.Errorf("Creating machine certificate dir failed: %s", err) + return fmt.Errorf("creating machine certificate dir failed: %s", err) } } else { return err @@ -36,51 +97,39 @@ func BootstrapCertificates(authOptions *auth.Options) error { } if _, err := os.Stat(caCertPath); os.IsNotExist(err) { - log.Infof("Creating CA: %s", caCertPath) - - // check if the key path exists; if so, error - if _, err := os.Stat(caPrivateKeyPath); err == nil { - return errors.New("certificate authority key already exists") + if err := createCACert(authOptions, caOrg, bits); err != nil { + return err } - - if err := GenerateCACertificate(caCertPath, caPrivateKeyPath, caOrg, bits); err != nil { - return fmt.Errorf("Generating CA certificate failed: %s", err) + } else { + current, err := CheckCertificateDate(caCertPath) + if err != nil { + return err + } + if !current { + log.Info("CA certificate is outdated and needs to be regenerated") + os.Remove(caPrivateKeyPath) + if err := createCACert(authOptions, caOrg, bits); err != nil { + return err + } } } if _, err := os.Stat(clientCertPath); os.IsNotExist(err) { - log.Infof("Creating client certificate: %s", clientCertPath) - - if _, err := os.Stat(certDir); err != nil { - if os.IsNotExist(err) { - if err := os.Mkdir(certDir, 0700); err != nil { - return fmt.Errorf("failure creating machine client cert dir: %s", err) - } - } else { + if err := createCert(authOptions, org, bits); err != nil { + return err + } + } else { + current, err := CheckCertificateDate(clientCertPath) + if err != nil { + return err + } + if !current { + log.Info("Client certificate is outdated and needs to be regenerated") + os.Remove(clientKeyPath) + if err := createCert(authOptions, org, bits); err != nil { return err } } - - // check if the key path exists; if so, error - if _, err := os.Stat(clientKeyPath); err == nil { - return errors.New("client key already exists") - } - - // Used to generate the client certificate. - certOptions := &Options{ - Hosts: []string{""}, - CertFile: clientCertPath, - KeyFile: clientKeyPath, - CAFile: caCertPath, - CAKeyFile: caPrivateKeyPath, - Org: org, - Bits: bits, - SwarmMaster: false, - } - - if err := GenerateCert(certOptions); err != nil { - return fmt.Errorf("failure generating client certificate: %s", err) - } } return nil diff --git a/vendor/github.com/docker/machine/libmachine/cert/cert.go b/vendor/github.com/docker/machine/libmachine/cert/cert.go index eaa08a05b9..a0d9c732ed 100644 --- a/vendor/github.com/docker/machine/libmachine/cert/cert.go +++ b/vendor/github.com/docker/machine/libmachine/cert/cert.go @@ -267,3 +267,28 @@ func (xcg *X509CertGenerator) ValidateCertificate(addr string, authOptions *auth return true, nil } + +func CheckCertificateDate(certPath string) (bool, error) { + log.Debugf("Reading certificate data from %s", certPath) + certBytes, err := ioutil.ReadFile(certPath) + if err != nil { + return false, err + } + + log.Debug("Decoding PEM data...") + pemBlock, _ := pem.Decode(certBytes) + if pemBlock == nil { + return false, errors.New("Failed to decode PEM data") + } + + log.Debug("Parsing certificate...") + cert, err := x509.ParseCertificate(pemBlock.Bytes) + if err != nil { + return false, err + } + if time.Now().After(cert.NotAfter) { + return false, nil + } + + return true, nil +}