mirror of
https://github.com/laurivosandi/certidude
synced 2024-12-23 00:25:18 +00:00
Refactor CertificateAuthorityConfig to accept single configuration file
This commit is contained in:
parent
2877c32c69
commit
8b35102974
@ -43,7 +43,7 @@ assert hasattr(crypto.X509Req(), "get_extensions"), "You're running too old vers
|
|||||||
# keyUsage, extendedKeyUsage - https://www.openssl.org/docs/apps/x509v3_config.html
|
# keyUsage, extendedKeyUsage - https://www.openssl.org/docs/apps/x509v3_config.html
|
||||||
# strongSwan key paths - https://wiki.strongswan.org/projects/1/wiki/SimpleCA
|
# strongSwan key paths - https://wiki.strongswan.org/projects/1/wiki/SimpleCA
|
||||||
|
|
||||||
config = CertificateAuthorityConfig("/etc/ssl/openssl.cnf")
|
config = CertificateAuthorityConfig()
|
||||||
|
|
||||||
# Parse command-line argument defaults from environment
|
# Parse command-line argument defaults from environment
|
||||||
HOSTNAME = socket.gethostname()
|
HOSTNAME = socket.gethostname()
|
||||||
|
@ -61,13 +61,19 @@ def subject2dn(subject):
|
|||||||
|
|
||||||
class CertificateAuthorityConfig(object):
|
class CertificateAuthorityConfig(object):
|
||||||
"""
|
"""
|
||||||
Attempt to parse CA-s from openssl.cnf
|
Certificate Authority configuration
|
||||||
|
|
||||||
|
:param path: Absolute path to configuration file.
|
||||||
|
Defaults to /etc/ssl/openssl.cnf
|
||||||
"""
|
"""
|
||||||
|
|
||||||
def __init__(self, *args):
|
def __init__(self, path='/etc/ssl/openssl.cnf', *args):
|
||||||
|
|
||||||
|
#: Path to file where current configuration is loaded from.
|
||||||
|
self.path = path
|
||||||
|
|
||||||
self._config = RawConfigParser()
|
self._config = RawConfigParser()
|
||||||
for arg in args:
|
self._config.readfp(itertools.chain(["[global]"], open(self.path)))
|
||||||
self._config.readfp(itertools.chain(["[global]"], open(os.path.expanduser(arg))))
|
|
||||||
|
|
||||||
def get(self, section, key, default=""):
|
def get(self, section, key, default=""):
|
||||||
if self._config.has_option(section, key):
|
if self._config.has_option(section, key):
|
||||||
|
@ -11,7 +11,7 @@ from certidude.api import CertificateAuthorityResource, \
|
|||||||
# TODO: deduplicate routing code
|
# TODO: deduplicate routing code
|
||||||
# TODO: set up /run/certidude/api paths and permissions
|
# TODO: set up /run/certidude/api paths and permissions
|
||||||
|
|
||||||
config = CertificateAuthorityConfig("/etc/ssl/openssl.cnf")
|
config = CertificateAuthorityConfig()
|
||||||
|
|
||||||
assert os.getenv("PUSH_SUBSCRIBE"), "Please set PUSH_SUBSCRIBE to your web server's subscription URL"
|
assert os.getenv("PUSH_SUBSCRIBE"), "Please set PUSH_SUBSCRIBE to your web server's subscription URL"
|
||||||
assert os.getenv("PUSH_PUBLISH"), "Please set PUSH_PUBLISH to your web server's publishing URL"
|
assert os.getenv("PUSH_PUBLISH"), "Please set PUSH_PUBLISH to your web server's publishing URL"
|
||||||
|
Loading…
Reference in New Issue
Block a user