Commit 59e7da94 authored by Vincent Pelletier's avatar Vincent Pelletier Committed by Vincent Pelletier

http: Do not use chained add_extension syntax on a single statement.

For consistency with other places in caucase.
parent f15d0bad
......@@ -37,7 +37,7 @@ from .exceptions import (
NotACertificateSigningRequest,
)
__all__ = ('CertificateAuthority', 'UserCertificateAuthority')
__all__ = ('CertificateAuthority', 'UserCertificateAuthority', 'Extension')
_cryptography_backend = default_backend()
_AUTO_SIGNED_NO = 0
......
......@@ -41,7 +41,7 @@ import pem
from . import exceptions
from . import utils
from .wsgi import Application
from .ca import CertificateAuthority, UserCertificateAuthority
from .ca import CertificateAuthority, UserCertificateAuthority, Extension
from .storage import SQLite3Storage
from .http_wsgirequesthandler import WSGIRequestHandler
......@@ -226,14 +226,14 @@ def getSSLContext(
csr_id = cas.appendCertificateSigningRequest(
csr_pem=utils.dump_certificate_request(
x509.CertificateSigningRequestBuilder(
).subject_name(
x509.Name([
subject_name=x509.Name([
x509.NameAttribute(
oid=x509.oid.NameOID.COMMON_NAME,
value=hostname.decode('ascii'),
),
]),
).add_extension(
extensions=[
Extension(
x509.KeyUsage(
# pylint: disable=bad-whitespace
digital_signature =True,
......@@ -248,11 +248,14 @@ def getSSLContext(
# pylint: enable=bad-whitespace
),
critical=True,
).add_extension(
),
Extension(
x509.SubjectAlternativeName([
x509.DNSName(hostname.decode('ascii')),
]),
critical=True,
),
],
).sign(
private_key=new_key,
algorithm=utils.DEFAULT_DIGEST_CLASS(),
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment