Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
S
slapos.core
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Labels
Merge Requests
18
Merge Requests
18
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Jobs
Commits
Open sidebar
nexedi
slapos.core
Commits
d3ed1fe6
Commit
d3ed1fe6
authored
Jul 04, 2017
by
Alain Takoudjou
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
slapos_cloud: use a custom subject CN in signed certificates
parent
73562467
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
26 additions
and
11 deletions
+26
-11
master/bt5/slapos_cloud/DocumentTemplateItem/portal_components/document.erp5.CaucaseRESTClientInterface.py
...al_components/document.erp5.CaucaseRESTClientInterface.py
+9
-3
master/bt5/slapos_cloud/DocumentTemplateItem/portal_components/document.erp5.Person.py
...entTemplateItem/portal_components/document.erp5.Person.py
+3
-1
master/bt5/slapos_cloud/DocumentTemplateItem/portal_components/document.erp5.SoftwareInstance.py
...eItem/portal_components/document.erp5.SoftwareInstance.py
+11
-6
master/bt5/slapos_cloud/WorkflowTemplateItem/portal_workflow/computer_slap_interface_workflow/scripts/Computer_generateCertificate.py
...nterface_workflow/scripts/Computer_generateCertificate.py
+3
-1
No files found.
master/bt5/slapos_cloud/DocumentTemplateItem/portal_components/document.erp5.CaucaseRESTClientInterface.py
View file @
d3ed1fe6
...
@@ -31,7 +31,7 @@ from Products.ERP5Type.Globals import InitializeClass
...
@@ -31,7 +31,7 @@ from Products.ERP5Type.Globals import InitializeClass
from
Products.ERP5Type
import
Permissions
from
Products.ERP5Type
import
Permissions
from
Products.ERP5Type.XMLObject
import
XMLObject
from
Products.ERP5Type.XMLObject
import
XMLObject
import
functools
import
functools
from
json
import
loads
from
json
import
loads
,
dumps
import
urllib2
,
urllib
import
urllib2
,
urllib
from
httplib
import
HTTPSConnection
from
httplib
import
HTTPSConnection
import
urlparse
import
urlparse
...
@@ -120,13 +120,19 @@ class CaucaseRESTClientInterface(XMLObject):
...
@@ -120,13 +120,19 @@ class CaucaseRESTClientInterface(XMLObject):
"""
"""
return
self
.
_request
(
'crt/%s'
%
crt_id
).
read
()
return
self
.
_request
(
'crt/%s'
%
crt_id
).
read
()
def
signCertificate
(
self
,
csr_id
):
def
signCertificate
(
self
,
csr_id
,
subject
=
None
):
"""
"""
Sign a certificate from the CSR id
Sign a certificate from the CSR id
return the certificate ID and URL to download certificate
return the certificate ID and URL to download certificate
"""
"""
data
=
urllib
.
urlencode
({
'csr_id'
:
csr_id
})
if
not
subject
:
data
=
urllib
.
urlencode
({
'csr_id'
:
csr_id
})
else
:
data
=
urllib
.
urlencode
({
'csr_id'
:
csr_id
,
'subject'
:
dumps
(
subject
)
})
response
=
self
.
_request
(
'/crt'
,
data
=
data
,
method
=
'PUT'
)
response
=
self
.
_request
(
'/crt'
,
data
=
data
,
method
=
'PUT'
)
cert_id
=
response
.
headers
[
'Location'
].
split
(
'/'
)[
-
1
]
cert_id
=
response
.
headers
[
'Location'
].
split
(
'/'
)[
-
1
]
return
(
cert_id
,
response
.
headers
[
'Location'
])
return
(
cert_id
,
response
.
headers
[
'Location'
])
...
...
master/bt5/slapos_cloud/DocumentTemplateItem/portal_components/document.erp5.Person.py
View file @
d3ed1fe6
...
@@ -33,7 +33,9 @@ class Person(ERP5Person):
...
@@ -33,7 +33,9 @@ class Person(ERP5Person):
csr_id
=
ca_service
.
putCertificateSigningRequest
(
csr
)
csr_id
=
ca_service
.
putCertificateSigningRequest
(
csr
)
# Sign the csr immediately
# Sign the csr immediately
crt_id
,
url
=
ca_service
.
signCertificate
(
csr_id
)
crt_id
,
url
=
ca_service
.
signCertificate
(
csr_id
,
subject
=
{
'CN'
:
self
.
getReference
()})
# link to the user
# link to the user
certificate_id
=
self
.
newContent
(
certificate_id
=
self
.
newContent
(
...
...
master/bt5/slapos_cloud/DocumentTemplateItem/portal_components/document.erp5.SoftwareInstance.py
View file @
d3ed1fe6
...
@@ -99,13 +99,16 @@ class SoftwareInstance(Item):
...
@@ -99,13 +99,16 @@ class SoftwareInstance(Item):
certificate_id
=
self
.
_getInstanceCertificate
()
certificate_id
=
self
.
_getInstanceCertificate
()
if
certificate_id
is
not
None
:
if
certificate_id
is
not
None
:
# Get new Certificate will automatically revoke the previous
# Get new Certificate will automatically revoke the previous
self
.
revokeCertificate
(
certificate_id
)
self
.
revokeCertificate
(
certificate_id
=
certificate_id
)
ca_service
=
self
.
getPortalObject
().
portal_web_services
.
caucase_adapter
ca_service
=
self
.
getPortalObject
().
portal_web_services
.
caucase_adapter
csr_id
=
ca_service
.
putCertificateSigningRequest
(
certificate_request
)
csr_id
=
ca_service
.
putCertificateSigningRequest
(
certificate_request
)
# Sign the csr immediately
# Sign the csr immediately
crt_id
,
url
=
ca_service
.
signCertificate
(
csr_id
)
crt_id
,
url
=
ca_service
.
signCertificate
(
csr_id
,
subject
=
{
'CN'
:
self
.
getReference
()}
)
# link to the Instance
# link to the Instance
certificate_id
=
self
.
newContent
(
certificate_id
=
self
.
newContent
(
...
@@ -123,11 +126,13 @@ class SoftwareInstance(Item):
...
@@ -123,11 +126,13 @@ class SoftwareInstance(Item):
if
certificate_id
is
None
:
if
certificate_id
is
None
:
certificate_id
=
self
.
_getInstanceCertificate
()
certificate_id
=
self
.
_getInstanceCertificate
()
if
certificate_id
:
if
certificate_id
:
return
self
.
getPortalObject
().
portal_web_services
.
caucase_adapter
\
self
.
getPortalObject
().
portal_web_services
.
caucase_adapter
\
.
revokeCertificate
(
certificate_id
.
getReference
())
.
revokeCertificate
(
certificate_id
.
getReference
())
raise
ValueError
(
certificate_id
.
invalidate
()
"No certificate found for Software Instance %s"
%
self
.
getReference
()
else
:
)
raise
ValueError
(
"No certificate found for Software Instance %s"
%
self
.
getReference
()
)
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getSlaXmlAsDict'
)
'getSlaXmlAsDict'
)
...
...
master/bt5/slapos_cloud/WorkflowTemplateItem/portal_workflow/computer_slap_interface_workflow/scripts/Computer_generateCertificate.py
View file @
d3ed1fe6
...
@@ -20,7 +20,9 @@ if len(certificate_id_list):
...
@@ -20,7 +20,9 @@ if len(certificate_id_list):
ca_service
=
context
.
getPortalObject
().
portal_web_services
.
caucase_adapter
ca_service
=
context
.
getPortalObject
().
portal_web_services
.
caucase_adapter
csr_id
=
ca_service
.
putCertificateSigningRequest
(
certificate_signature_request
)
csr_id
=
ca_service
.
putCertificateSigningRequest
(
certificate_signature_request
)
# Sign the csr immediately
# Sign the csr immediately
crt_id
,
url
=
ca_service
.
signCertificate
(
csr_id
)
crt_id
,
url
=
ca_service
.
signCertificate
(
csr_id
,
subject
=
{
'CN'
:
computer
.
getReference
()})
certificate
=
ca_service
.
getCertificate
(
crt_id
)
certificate
=
ca_service
.
getCertificate
(
crt_id
)
certificate_id
=
computer
.
newContent
(
certificate_id
=
computer
.
newContent
(
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment