1
0
mirror of https://github.com/laurivosandi/certidude synced 2024-12-23 00:25:18 +00:00

Refactor CertificateAuthorityConfig to accept single configuration file

This commit is contained in:
Priit Laes 2015-08-27 11:48:53 +00:00
parent 2877c32c69
commit 8b35102974
3 changed files with 12 additions and 6 deletions

View File

@ -43,7 +43,7 @@ assert hasattr(crypto.X509Req(), "get_extensions"), "You're running too old vers
# keyUsage, extendedKeyUsage - https://www.openssl.org/docs/apps/x509v3_config.html # keyUsage, extendedKeyUsage - https://www.openssl.org/docs/apps/x509v3_config.html
# strongSwan key paths - https://wiki.strongswan.org/projects/1/wiki/SimpleCA # strongSwan key paths - https://wiki.strongswan.org/projects/1/wiki/SimpleCA
config = CertificateAuthorityConfig("/etc/ssl/openssl.cnf") config = CertificateAuthorityConfig()
# Parse command-line argument defaults from environment # Parse command-line argument defaults from environment
HOSTNAME = socket.gethostname() HOSTNAME = socket.gethostname()

View File

@ -61,13 +61,19 @@ def subject2dn(subject):
class CertificateAuthorityConfig(object): class CertificateAuthorityConfig(object):
""" """
Attempt to parse CA-s from openssl.cnf Certificate Authority configuration
:param path: Absolute path to configuration file.
Defaults to /etc/ssl/openssl.cnf
""" """
def __init__(self, *args): def __init__(self, path='/etc/ssl/openssl.cnf', *args):
#: Path to file where current configuration is loaded from.
self.path = path
self._config = RawConfigParser() self._config = RawConfigParser()
for arg in args: self._config.readfp(itertools.chain(["[global]"], open(self.path)))
self._config.readfp(itertools.chain(["[global]"], open(os.path.expanduser(arg))))
def get(self, section, key, default=""): def get(self, section, key, default=""):
if self._config.has_option(section, key): if self._config.has_option(section, key):

View File

@ -11,7 +11,7 @@ from certidude.api import CertificateAuthorityResource, \
# TODO: deduplicate routing code # TODO: deduplicate routing code
# TODO: set up /run/certidude/api paths and permissions # TODO: set up /run/certidude/api paths and permissions
config = CertificateAuthorityConfig("/etc/ssl/openssl.cnf") config = CertificateAuthorityConfig()
assert os.getenv("PUSH_SUBSCRIBE"), "Please set PUSH_SUBSCRIBE to your web server's subscription URL" assert os.getenv("PUSH_SUBSCRIBE"), "Please set PUSH_SUBSCRIBE to your web server's subscription URL"
assert os.getenv("PUSH_PUBLISH"), "Please set PUSH_PUBLISH to your web server's publishing URL" assert os.getenv("PUSH_PUBLISH"), "Please set PUSH_PUBLISH to your web server's publishing URL"