45 lines
2.2 KiB
Python
45 lines
2.2 KiB
Python
import hashlib
|
|
import logging
|
|
from pinecrypt.server import authority, const, config
|
|
from pinecrypt.server.common import cert_to_dn
|
|
from pinecrypt.server.decorators import serialize
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
class BootstrapResource(object):
|
|
@serialize
|
|
def on_get(self, req, resp):
|
|
"""
|
|
Return publicly accessible info unlike /api/session
|
|
"""
|
|
return dict(
|
|
hostname=const.FQDN,
|
|
namespace=const.AUTHORITY_NAMESPACE,
|
|
replicas=[doc["common_name"] for doc in authority.list_replicas()],
|
|
globals=list(config.get_all("Globals")),
|
|
openvpn=dict(
|
|
tls_version_min=config.get("Globals", "OPENVPN_TLS_VERSION_MIN")["value"],
|
|
tls_ciphersuites=config.get("Globals", "OPENVPN_TLS_CIPHERSUITES")["value"],
|
|
tls_cipher=config.get("Globals", "OPENVPN_TLS_CIPHER")["value"],
|
|
cipher=config.get("Globals", "OPENVPN_CIPHER")["value"],
|
|
auth=config.get("Globals", "OPENVPN_AUTH")["value"]
|
|
),
|
|
strongswan=dict(
|
|
dhgroup=config.get("Globals", "STRONGSWAN_DHGROUP")["value"],
|
|
ike=config.get("Globals", "STRONGSWAN_IKE")["value"],
|
|
esp=config.get("Globals", "STRONGSWAN_ESP")["value"],
|
|
),
|
|
certificate=dict(
|
|
algorithm=authority.public_key.algorithm,
|
|
common_name=authority.certificate.subject.native["common_name"],
|
|
distinguished_name=cert_to_dn(authority.certificate),
|
|
md5sum=hashlib.md5(authority.certificate_buf).hexdigest(),
|
|
blob=authority.certificate_buf.decode("ascii"),
|
|
organization=authority.certificate["tbs_certificate"]["subject"].native.get("organization_name"),
|
|
signed=authority.certificate["tbs_certificate"]["validity"]["not_before"].native.replace(tzinfo=None),
|
|
expires=authority.certificate["tbs_certificate"]["validity"]["not_after"].native.replace(tzinfo=None)
|
|
),
|
|
user_enrollment_allowed=const.USER_ENROLLMENT_ALLOWED,
|
|
user_multiple_certificates=const.USER_MULTIPLE_CERTIFICATES,
|
|
)
|