Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Laurent S
erp5
Commits
1e65ab54
Commit
1e65ab54
authored
Aug 29, 2011
by
Łukasz Nowak
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Reformat.
parent
82df6471
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
26 additions
and
13 deletions
+26
-13
product/ERP5/Tool/CertificateAuthorityTool.py
product/ERP5/Tool/CertificateAuthorityTool.py
+26
-13
No files found.
product/ERP5/Tool/CertificateAuthorityTool.py
View file @
1e65ab54
...
@@ -44,8 +44,8 @@ def popenCommunicate(command_list, input=None, **kwargs):
...
@@ -44,8 +44,8 @@ def popenCommunicate(command_list, input=None, **kwargs):
if
popen
.
returncode
is
None
:
if
popen
.
returncode
is
None
:
popen
.
kill
()
popen
.
kill
()
if
popen
.
returncode
!=
0
:
if
popen
.
returncode
!=
0
:
raise
ValueError
(
'Issue during calling %r, result was:
\
n
%s'
%
(
command_list
,
raise
ValueError
(
'Issue during calling %r, result was:
\
n
%s'
%
(
result
))
command_list
,
result
))
return
result
return
result
class
CertificateAuthorityBusy
(
Exception
):
class
CertificateAuthorityBusy
(
Exception
):
...
@@ -59,7 +59,8 @@ class CertificateAuthorityDamaged(Exception):
...
@@ -59,7 +59,8 @@ class CertificateAuthorityDamaged(Exception):
class
CertificateAuthorityTool
(
BaseTool
):
class
CertificateAuthorityTool
(
BaseTool
):
"""CertificateAuthorityTool
"""CertificateAuthorityTool
This tool assumes that in certificate_authority_path openssl configuration is ready.
This tool assumes that in certificate_authority_path openssl configuration
is ready.
"""
"""
id
=
'portal_certificate_authority'
id
=
'portal_certificate_authority'
...
@@ -91,7 +92,9 @@ class CertificateAuthorityTool(BaseTool):
...
@@ -91,7 +92,9 @@ class CertificateAuthorityTool(BaseTool):
)
)
def
_lockCertificateAuthority
(
self
):
def
_lockCertificateAuthority
(
self
):
"""Checks lock and locks Certificate Authority tool, raises CertificateAuthorityBusy"""
"""Checks lock and locks Certificate Authority tool
Raises CertificateAuthorityBusy"""
if
os
.
path
.
exists
(
self
.
lock
):
if
os
.
path
.
exists
(
self
.
lock
):
raise
CertificateAuthorityBusy
raise
CertificateAuthorityBusy
open
(
self
.
lock
,
'w'
).
write
(
'locked'
)
open
(
self
.
lock
,
'w'
).
write
(
'locked'
)
...
@@ -105,7 +108,9 @@ class CertificateAuthorityTool(BaseTool):
...
@@ -105,7 +108,9 @@ class CertificateAuthorityTool(BaseTool):
'during unlocking'
%
self
.
lock
)
'during unlocking'
%
self
.
lock
)
def
_checkCertificateAuthority
(
self
):
def
_checkCertificateAuthority
(
self
):
"""Checks Certificate Authority configuration, raises CertificateAuthorityDamaged"""
"""Checks Certificate Authority configuration
Raises CertificateAuthorityDamaged"""
if
not
self
.
certificate_authority_path
:
if
not
self
.
certificate_authority_path
:
raise
CertificateAuthorityDamaged
(
'Certificate authority path is not '
raise
CertificateAuthorityDamaged
(
'Certificate authority path is not '
'configured'
)
'configured'
)
...
@@ -151,8 +156,10 @@ class CertificateAuthorityTool(BaseTool):
...
@@ -151,8 +156,10 @@ class CertificateAuthorityTool(BaseTool):
globals
(),
globals
(),
__name__
=
'manage_editCertificateAuthorityToolForm'
)
__name__
=
'manage_editCertificateAuthorityToolForm'
)
security
.
declareProtected
(
Permissions
.
ManageProperties
,
'manage_editCertificateAuthorityTool'
)
security
.
declareProtected
(
Permissions
.
ManageProperties
,
def
manage_editCertificateAuthorityTool
(
self
,
certificate_authority_path
,
openssl_binary
,
RESPONSE
=
None
):
'manage_editCertificateAuthorityTool'
)
def
manage_editCertificateAuthorityTool
(
self
,
certificate_authority_path
,
openssl_binary
,
RESPONSE
=
None
):
"""Edit the object"""
"""Edit the object"""
error_message
=
''
error_message
=
''
...
@@ -178,17 +185,21 @@ class CertificateAuthorityTool(BaseTool):
...
@@ -178,17 +185,21 @@ class CertificateAuthorityTool(BaseTool):
%
(
self
.
absolute_url
(),
message
)
%
(
self
.
absolute_url
(),
message
)
)
)
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getNewCertificate'
)
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getNewCertificate'
)
def
getNewCertificate
(
self
,
common_name
):
def
getNewCertificate
(
self
,
common_name
):
# No docstring in order to make this method non publishable
# No docstring in order to make this method non publishable
# Returns certificate for passed common name, as dictionary of {key, certificate, id, common_name}
# Returns certificate for passed common name, as dictionary of
# {key, certificate, id, common_name}
self
.
_checkCertificateAuthority
()
self
.
_checkCertificateAuthority
()
self
.
_lockCertificateAuthority
()
self
.
_lockCertificateAuthority
()
try
:
try
:
new_id
=
open
(
self
.
serial
,
'r'
).
read
().
strip
().
lower
()
new_id
=
open
(
self
.
serial
,
'r'
).
read
().
strip
().
lower
()
key
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
'private'
,
new_id
+
'.key'
)
key
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
'private'
,
new_id
+
'.key'
)
csr
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
new_id
+
'.csr'
)
csr
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
new_id
+
'.csr'
)
cert
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
'certs'
,
new_id
+
'.crt'
)
cert
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
'certs'
,
new_id
+
'.crt'
)
try
:
try
:
popenCommunicate
([
self
.
openssl_binary
,
'req'
,
'-nodes'
,
'-config'
,
popenCommunicate
([
self
.
openssl_binary
,
'req'
,
'-nodes'
,
'-config'
,
self
.
openssl_config
,
'-new'
,
'-keyout'
,
key
,
'-out'
,
csr
,
'-days'
,
self
.
openssl_config
,
'-new'
,
'-keyout'
,
key
,
'-out'
,
csr
,
'-days'
,
...
@@ -214,7 +225,8 @@ class CertificateAuthorityTool(BaseTool):
...
@@ -214,7 +225,8 @@ class CertificateAuthorityTool(BaseTool):
finally
:
finally
:
self
.
_unlockCertificateAuthority
()
self
.
_unlockCertificateAuthority
()
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'revokeCertificate'
)
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'revokeCertificate'
)
def
revokeCertificate
(
self
,
serial
):
def
revokeCertificate
(
self
,
serial
):
# No docstring in order to make this method non publishable
# No docstring in order to make this method non publishable
# Revokes certificate with serial, returns dictionary {crl}
# Revokes certificate with serial, returns dictionary {crl}
...
@@ -224,7 +236,8 @@ class CertificateAuthorityTool(BaseTool):
...
@@ -224,7 +236,8 @@ class CertificateAuthorityTool(BaseTool):
new_id
=
open
(
self
.
crl
,
'r'
).
read
().
strip
().
lower
()
new_id
=
open
(
self
.
crl
,
'r'
).
read
().
strip
().
lower
()
crl_path
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
'crl'
)
crl_path
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
'crl'
)
crl
=
os
.
path
.
join
(
crl_path
,
new_id
+
'.crl'
)
crl
=
os
.
path
.
join
(
crl_path
,
new_id
+
'.crl'
)
cert
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
'certs'
,
serial
.
lower
()
+
'.crt'
)
cert
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
'certs'
,
serial
.
lower
()
+
'.crt'
)
if
not
os
.
path
.
exists
(
cert
):
if
not
os
.
path
.
exists
(
cert
):
raise
ValueError
(
'Certificate with serial %r does not exists'
%
serial
)
raise
ValueError
(
'Certificate with serial %r does not exists'
%
serial
)
try
:
try
:
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment