Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Matevz Golob
erp5
Commits
1e65ab54
Commit
1e65ab54
authored
Aug 29, 2011
by
Łukasz Nowak
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Reformat.
parent
82df6471
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
26 additions
and
13 deletions
+26
-13
product/ERP5/Tool/CertificateAuthorityTool.py
product/ERP5/Tool/CertificateAuthorityTool.py
+26
-13
No files found.
product/ERP5/Tool/CertificateAuthorityTool.py
View file @
1e65ab54
...
@@ -44,8 +44,8 @@ def popenCommunicate(command_list, input=None, **kwargs):
...
@@ -44,8 +44,8 @@ def popenCommunicate(command_list, input=None, **kwargs):
if
popen
.
returncode
is
None
:
if
popen
.
returncode
is
None
:
popen
.
kill
()
popen
.
kill
()
if
popen
.
returncode
!=
0
:
if
popen
.
returncode
!=
0
:
raise
ValueError
(
'Issue during calling %r, result was:
\
n
%s'
%
(
command_list
,
raise
ValueError
(
'Issue during calling %r, result was:
\
n
%s'
%
(
result
))
command_list
,
result
))
return
result
return
result
class
CertificateAuthorityBusy
(
Exception
):
class
CertificateAuthorityBusy
(
Exception
):
...
@@ -59,7 +59,8 @@ class CertificateAuthorityDamaged(Exception):
...
@@ -59,7 +59,8 @@ class CertificateAuthorityDamaged(Exception):
class
CertificateAuthorityTool
(
BaseTool
):
class
CertificateAuthorityTool
(
BaseTool
):
"""CertificateAuthorityTool
"""CertificateAuthorityTool
This tool assumes that in certificate_authority_path openssl configuration is ready.
This tool assumes that in certificate_authority_path openssl configuration
is ready.
"""
"""
id
=
'portal_certificate_authority'
id
=
'portal_certificate_authority'
...
@@ -91,7 +92,9 @@ class CertificateAuthorityTool(BaseTool):
...
@@ -91,7 +92,9 @@ class CertificateAuthorityTool(BaseTool):
)
)
def
_lockCertificateAuthority
(
self
):
def
_lockCertificateAuthority
(
self
):
"""Checks lock and locks Certificate Authority tool, raises CertificateAuthorityBusy"""
"""Checks lock and locks Certificate Authority tool
Raises CertificateAuthorityBusy"""
if
os
.
path
.
exists
(
self
.
lock
):
if
os
.
path
.
exists
(
self
.
lock
):
raise
CertificateAuthorityBusy
raise
CertificateAuthorityBusy
open
(
self
.
lock
,
'w'
).
write
(
'locked'
)
open
(
self
.
lock
,
'w'
).
write
(
'locked'
)
...
@@ -105,7 +108,9 @@ class CertificateAuthorityTool(BaseTool):
...
@@ -105,7 +108,9 @@ class CertificateAuthorityTool(BaseTool):
'during unlocking'
%
self
.
lock
)
'during unlocking'
%
self
.
lock
)
def
_checkCertificateAuthority
(
self
):
def
_checkCertificateAuthority
(
self
):
"""Checks Certificate Authority configuration, raises CertificateAuthorityDamaged"""
"""Checks Certificate Authority configuration
Raises CertificateAuthorityDamaged"""
if
not
self
.
certificate_authority_path
:
if
not
self
.
certificate_authority_path
:
raise
CertificateAuthorityDamaged
(
'Certificate authority path is not '
raise
CertificateAuthorityDamaged
(
'Certificate authority path is not '
'configured'
)
'configured'
)
...
@@ -151,8 +156,10 @@ class CertificateAuthorityTool(BaseTool):
...
@@ -151,8 +156,10 @@ class CertificateAuthorityTool(BaseTool):
globals
(),
globals
(),
__name__
=
'manage_editCertificateAuthorityToolForm'
)
__name__
=
'manage_editCertificateAuthorityToolForm'
)
security
.
declareProtected
(
Permissions
.
ManageProperties
,
'manage_editCertificateAuthorityTool'
)
security
.
declareProtected
(
Permissions
.
ManageProperties
,
def
manage_editCertificateAuthorityTool
(
self
,
certificate_authority_path
,
openssl_binary
,
RESPONSE
=
None
):
'manage_editCertificateAuthorityTool'
)
def
manage_editCertificateAuthorityTool
(
self
,
certificate_authority_path
,
openssl_binary
,
RESPONSE
=
None
):
"""Edit the object"""
"""Edit the object"""
error_message
=
''
error_message
=
''
...
@@ -178,17 +185,21 @@ class CertificateAuthorityTool(BaseTool):
...
@@ -178,17 +185,21 @@ class CertificateAuthorityTool(BaseTool):
%
(
self
.
absolute_url
(),
message
)
%
(
self
.
absolute_url
(),
message
)
)
)
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getNewCertificate'
)
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getNewCertificate'
)
def
getNewCertificate
(
self
,
common_name
):
def
getNewCertificate
(
self
,
common_name
):
# No docstring in order to make this method non publishable
# No docstring in order to make this method non publishable
# Returns certificate for passed common name, as dictionary of {key, certificate, id, common_name}
# Returns certificate for passed common name, as dictionary of
# {key, certificate, id, common_name}
self
.
_checkCertificateAuthority
()
self
.
_checkCertificateAuthority
()
self
.
_lockCertificateAuthority
()
self
.
_lockCertificateAuthority
()
try
:
try
:
new_id
=
open
(
self
.
serial
,
'r'
).
read
().
strip
().
lower
()
new_id
=
open
(
self
.
serial
,
'r'
).
read
().
strip
().
lower
()
key
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
'private'
,
new_id
+
'.key'
)
key
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
'private'
,
new_id
+
'.key'
)
csr
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
new_id
+
'.csr'
)
csr
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
new_id
+
'.csr'
)
cert
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
'certs'
,
new_id
+
'.crt'
)
cert
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
'certs'
,
new_id
+
'.crt'
)
try
:
try
:
popenCommunicate
([
self
.
openssl_binary
,
'req'
,
'-nodes'
,
'-config'
,
popenCommunicate
([
self
.
openssl_binary
,
'req'
,
'-nodes'
,
'-config'
,
self
.
openssl_config
,
'-new'
,
'-keyout'
,
key
,
'-out'
,
csr
,
'-days'
,
self
.
openssl_config
,
'-new'
,
'-keyout'
,
key
,
'-out'
,
csr
,
'-days'
,
...
@@ -214,7 +225,8 @@ class CertificateAuthorityTool(BaseTool):
...
@@ -214,7 +225,8 @@ class CertificateAuthorityTool(BaseTool):
finally
:
finally
:
self
.
_unlockCertificateAuthority
()
self
.
_unlockCertificateAuthority
()
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'revokeCertificate'
)
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'revokeCertificate'
)
def
revokeCertificate
(
self
,
serial
):
def
revokeCertificate
(
self
,
serial
):
# No docstring in order to make this method non publishable
# No docstring in order to make this method non publishable
# Revokes certificate with serial, returns dictionary {crl}
# Revokes certificate with serial, returns dictionary {crl}
...
@@ -224,7 +236,8 @@ class CertificateAuthorityTool(BaseTool):
...
@@ -224,7 +236,8 @@ class CertificateAuthorityTool(BaseTool):
new_id
=
open
(
self
.
crl
,
'r'
).
read
().
strip
().
lower
()
new_id
=
open
(
self
.
crl
,
'r'
).
read
().
strip
().
lower
()
crl_path
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
'crl'
)
crl_path
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
'crl'
)
crl
=
os
.
path
.
join
(
crl_path
,
new_id
+
'.crl'
)
crl
=
os
.
path
.
join
(
crl_path
,
new_id
+
'.crl'
)
cert
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
'certs'
,
serial
.
lower
()
+
'.crt'
)
cert
=
os
.
path
.
join
(
self
.
certificate_authority_path
,
'certs'
,
serial
.
lower
()
+
'.crt'
)
if
not
os
.
path
.
exists
(
cert
):
if
not
os
.
path
.
exists
(
cert
):
raise
ValueError
(
'Certificate with serial %r does not exists'
%
serial
)
raise
ValueError
(
'Certificate with serial %r does not exists'
%
serial
)
try
:
try
:
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment