1
0
mirror of https://github.com/laurivosandi/certidude synced 2024-12-23 00:25:18 +00:00

api: Fix CRL generation

This commit is contained in:
Lauri Võsandi 2016-01-02 01:08:04 +02:00
parent 0fb605ce27
commit 6a45592cd0

View File

@ -114,16 +114,16 @@ def list_revoked(directory=config.REVOKED_DIR):
yield Certificate(open(os.path.join(directory, filename))) yield Certificate(open(os.path.join(directory, filename)))
def export_crl(self): def export_crl():
sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
sock.connect(config.SIGNER_SOCKET_PATH) sock.connect(config.SIGNER_SOCKET_PATH)
sock.send(b"export-crl\n") sock.send(b"export-crl\n")
for filename in os.listdir(self.revoked_dir): for filename in os.listdir(config.REVOKED_DIR):
if not filename.endswith(".pem"): if not filename.endswith(".pem"):
continue continue
serial_number = filename[:-4] serial_number = filename[:-4]
# TODO: Assert serial against regex # TODO: Assert serial against regex
revoked_path = os.path.join(self.revoked_dir, filename) revoked_path = os.path.join(config.REVOKED_DIR, filename)
# TODO: Skip expired certificates # TODO: Skip expired certificates
s = os.stat(revoked_path) s = os.stat(revoked_path)
sock.send(("%s:%d\n" % (serial_number, s.st_ctime)).encode("ascii")) sock.send(("%s:%d\n" % (serial_number, s.st_ctime)).encode("ascii"))