lauri/certidude
1
0
Fork 0
mirror of https://github.com/laurivosandi/certidude synced 2025-10-31 09:29:13 +00:00
Code Issues Activity

api: revoked: drop usage of global authority import

Browse Source
This commit is contained in:
Priit Laes
2018-02-03 12:51:27 +02:00
parent 916afba685
commit 239538371f
2 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
certidude/api/__init__.py
View File

@@ -250,7 +250,7 @@ def certidude_app(log_handlers=[]):
# Add CRL handler if we have any whitelisted subnets
if config.CRL_SUBNETS:
from .revoked import RevocationListResource
app.add_route("/api/revoked/", RevocationListResource())
app.add_route("/api/revoked/", RevocationListResource(authority))
# Add SCEP handler if we have any whitelisted subnets
if config.SCEP_SUBNETS:

8
certidude/api/revoked.py
View File

@@ -4,12 +4,14 @@ import falcon
import json
import logging
from certidude import const, config
from certidude.authority import export_crl, list_revoked
from certidude.firewall import whitelist_subnets
logger = logging.getLogger(__name__)
class RevocationListResource(object):
def __init__(self, authority):
self.authority = authority
@whitelist_subnets(config.CRL_SUBNETS)
def on_get(self, req, resp):
# Primarily offer DER encoded CRL as per RFC5280
@@ -21,7 +23,7 @@ class RevocationListResource(object):
("attachment; filename=%s.crl" % const.HOSTNAME))
# Convert PEM to DER
logger.debug("Serving revocation list (DER) to %s", req.context.get("remote_addr"))
resp.body = export_crl(pem=False)
resp.body = self.authority.export_crl(pem=False)
elif req.client_accepts("application/x-pem-file"):
if req.get_param_as_bool("wait"):
url = config.LONG_POLL_SUBSCRIBE % "crl"
@@ -35,7 +37,7 @@ class RevocationListResource(object):
"Content-Disposition",
("attachment; filename=%s-crl.pem" % const.HOSTNAME))
logger.debug("Serving revocation list (PEM) to %s", req.context.get("remote_addr"))
resp.body = export_crl()
resp.body = self.authority.export_crl()
else:
logger.debug("Client %s asked revocation list in unsupported format" % req.context.get("remote_addr"))
raise falcon.HTTPUnsupportedMediaType(