1
0
mirror of https://github.com/laurivosandi/certidude synced 2024-12-23 00:25:18 +00:00

Refactor CertificateAuthorityConfig to accept single configuration file

This commit is contained in:
Priit Laes 2015-08-27 11:48:53 +00:00
parent 2877c32c69
commit 8b35102974
3 changed files with 12 additions and 6 deletions

View File

@ -43,7 +43,7 @@ assert hasattr(crypto.X509Req(), "get_extensions"), "You're running too old vers
# keyUsage, extendedKeyUsage - https://www.openssl.org/docs/apps/x509v3_config.html
# strongSwan key paths - https://wiki.strongswan.org/projects/1/wiki/SimpleCA
config = CertificateAuthorityConfig("/etc/ssl/openssl.cnf")
config = CertificateAuthorityConfig()
# Parse command-line argument defaults from environment
HOSTNAME = socket.gethostname()

View File

@ -61,13 +61,19 @@ def subject2dn(subject):
class CertificateAuthorityConfig(object):
"""
Attempt to parse CA-s from openssl.cnf
Certificate Authority configuration
:param path: Absolute path to configuration file.
Defaults to /etc/ssl/openssl.cnf
"""
def __init__(self, *args):
def __init__(self, path='/etc/ssl/openssl.cnf', *args):
#: Path to file where current configuration is loaded from.
self.path = path
self._config = RawConfigParser()
for arg in args:
self._config.readfp(itertools.chain(["[global]"], open(os.path.expanduser(arg))))
self._config.readfp(itertools.chain(["[global]"], open(self.path)))
def get(self, section, key, default=""):
if self._config.has_option(section, key):

View File

@ -11,7 +11,7 @@ from certidude.api import CertificateAuthorityResource, \
# TODO: deduplicate routing code
# TODO: set up /run/certidude/api paths and permissions
config = CertificateAuthorityConfig("/etc/ssl/openssl.cnf")
config = CertificateAuthorityConfig()
assert os.getenv("PUSH_SUBSCRIBE"), "Please set PUSH_SUBSCRIBE to your web server's subscription URL"
assert os.getenv("PUSH_PUBLISH"), "Please set PUSH_PUBLISH to your web server's publishing URL"