Index: /trunk/packages/invirt-vnc-client/debian/changelog
===================================================================
--- /trunk/packages/invirt-vnc-client/debian/changelog	(revision 1412)
+++ /trunk/packages/invirt-vnc-client/debian/changelog	(revision 1413)
@@ -1,2 +1,8 @@
+invirt-vnc-client (0.0.4) unstable; urgency=low
+
+  * Get certificates from remctl, instead of from the filesystems
+
+ -- Evan Broder <broder@mit.edu>  Tue, 28 Oct 2008 23:55:43 -0400
+
 invirt-vnc-client (0.0.3) unstable; urgency=low
 
Index: /trunk/packages/invirt-vnc-client/debian/invirt-update-vnc-cert
===================================================================
--- /trunk/packages/invirt-vnc-client/debian/invirt-update-vnc-cert	(revision 1412)
+++ /trunk/packages/invirt-vnc-client/debian/invirt-update-vnc-cert	(revision 1413)
@@ -1,18 +1,30 @@
-#!/bin/bash
+#!/usr/bin/python
 
-if [ "$(ls /etc/invirt/vnc-cert.d)" == "" ]; then
-    echo "E: No certs in /etc/invirt/vnc-cert.d/" >&2
-    echo "   Put certificates for all Invirt VNC proxy servers in" >&2
-    echo "   /etc/invirt/vnc-cert.d, then run this script again" >&2
-    exit 1
-fi
+from invirt.config import structs as config
+from subprocess import Popen, call, PIPE
+import tempfile
+import os
+import sys
+import shutil
 
-TMP_DIR="$(mktemp -d)"
-for i in /etc/invirt/vnc-cert.d/*.crt; do
-    keytool -import -noprompt -alias "$(basename "${i%.crt}")" -file \
-	"$i" -keystore "$TMP_DIR/trust.store" -storepass "foobar"
-done
+def main():
+    subprocess.call(['kinit', '-k', 'daemon/%s' % config.web.hostname])
+    
+    temp_dir = tempfile.mkdtemp()
+    keystore = os.path.join(temp_dir, 'trust.store')
+    for host in config.hosts:
+        cert = subprocess.Popen(['remctl', config.remote.hostname, 'web',
+                                 'vnccert', host.hostname],
+                                stdout=PIPE)
+        cert.wait()
+        subprocess.call(['keytool', '-import', '-noprompt', '-alias',
+                         host.hostname, '-keystore', keystore, '-storepass',
+                         'foobar'], stdin=cert.stdout)
+    
+    subprocess.call(['jar', 'uf', '/usr/share/invirt-vnc-client/VncViewer.jar',
+                     '-C', temp_dir, 'trust.store'])
+    
+    shutil.rmtree(temp_dir)
 
-jar uf /usr/share/invirt-vnc-client/VncViewer.jar -C "$TMP_DIR" trust.store
-
-rm -rf "$TMP_DIR"
+if __name__ == '__main__':
+    sys.exit(main())
Index: /trunk/packages/invirt-vnc-client/debian/invirt-vnc-client.dirs
===================================================================
--- /trunk/packages/invirt-vnc-client/debian/invirt-vnc-client.dirs	(revision 1412)
+++ /trunk/packages/invirt-vnc-client/debian/invirt-vnc-client.dirs	(revision 1413)
@@ -1,2 +1,1 @@
-etc/invirt/vnc-cert.d
 usr/share/invirt-vnc-client