mirror of
https://github.com/laurivosandi/certidude
synced 2024-12-23 00:25:18 +00:00
api: More detailed logging for CRL API call
This commit is contained in:
parent
a754c1275d
commit
e228963bd2
@ -13,8 +13,6 @@ logger = logging.getLogger(__name__)
|
|||||||
|
|
||||||
class RevocationListResource(object):
|
class RevocationListResource(object):
|
||||||
def on_get(self, req, resp):
|
def on_get(self, req, resp):
|
||||||
logger.debug(u"Revocation list requested by %s", req.context.get("remote_addr"))
|
|
||||||
|
|
||||||
# Primarily offer DER encoded CRL as per RFC5280
|
# Primarily offer DER encoded CRL as per RFC5280
|
||||||
# This is also what StrongSwan expects
|
# This is also what StrongSwan expects
|
||||||
if req.client_accepts("application/x-pkcs7-crl"):
|
if req.client_accepts("application/x-pkcs7-crl"):
|
||||||
@ -23,6 +21,7 @@ class RevocationListResource(object):
|
|||||||
"Content-Disposition",
|
"Content-Disposition",
|
||||||
("attachment; filename=%s.crl" % const.HOSTNAME).encode("ascii"))
|
("attachment; filename=%s.crl" % const.HOSTNAME).encode("ascii"))
|
||||||
# Convert PEM to DER
|
# Convert PEM to DER
|
||||||
|
logger.debug(u"Serving revocation list to %s in DER format", req.context.get("remote_addr"))
|
||||||
resp.body = x509.load_pem_x509_crl(export_crl(),
|
resp.body = x509.load_pem_x509_crl(export_crl(),
|
||||||
default_backend()).public_bytes(Encoding.DER)
|
default_backend()).public_bytes(Encoding.DER)
|
||||||
elif req.client_accepts("application/x-pem-file"):
|
elif req.client_accepts("application/x-pem-file"):
|
||||||
@ -37,7 +36,9 @@ class RevocationListResource(object):
|
|||||||
resp.append_header(
|
resp.append_header(
|
||||||
"Content-Disposition",
|
"Content-Disposition",
|
||||||
("attachment; filename=%s-crl.pem" % const.HOSTNAME).encode("ascii"))
|
("attachment; filename=%s-crl.pem" % const.HOSTNAME).encode("ascii"))
|
||||||
|
logger.debug(u"Serving revocation list to %s in PEM format", req.context.get("remote_addr"))
|
||||||
resp.body = export_crl()
|
resp.body = export_crl()
|
||||||
else:
|
else:
|
||||||
|
logger.debug(u"Client %s asked revocation list in unsupported format" % req.context.get("remote_addr"))
|
||||||
raise falcon.HTTPUnsupportedMediaType(
|
raise falcon.HTTPUnsupportedMediaType(
|
||||||
"Client did not accept application/x-pkcs7-crl or application/x-pem-file")
|
"Client did not accept application/x-pkcs7-crl or application/x-pem-file")
|
||||||
|
Loading…
Reference in New Issue
Block a user