lauri
/
certidude
mirror of https://github.com/laurivosandi/certidude
1
0
Fork 0
Code Issues Activity

Add log message for failing lease update

This commit is contained in:
Lauri Võsandi 2018-05-16 11:51:07 +00:00
parent 5bda254c56
commit adff4a0a50
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
certidude/api/lease.py
View File

@ -39,6 +39,9 @@ class LeaseResource(AuthorityHandler):
path, buf, cert, signed, expires = self.authority.get_signed(client_common_name) # TODO: catch exceptions
if req.get_param("serial") and cert.serial_number != req.get_param_as_int("serial"): # OCSP-ish solution for OpenVPN, not exposed for StrongSwan
logger.info("Gateway %s attempted to submit lease information for %s with expired/unknown serial %x, expected %x" % (
req.context["machine"], client_common_name,
req.get_param_as_int("serial"), cert.serial_number))
raise falcon.HTTPForbidden("Forbidden", "Invalid serial number supplied")
now = datetime.utcnow().strftime("%Y-%m-%dT%H:%M:%S.%f")[:-3] + "Z"