Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
R
re6stnet
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
zhifan huang
re6stnet
Commits
5609588d
Commit
5609588d
authored
May 03, 2022
by
zhifan huang
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
conf upgrade to 3
parent
a46f4b11
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
33 additions
and
26 deletions
+33
-26
re6st/cli/conf.py
re6st/cli/conf.py
+22
-16
re6st/tests/test_unit/test_conf.py
re6st/tests/test_unit/test_conf.py
+11
-10
No files found.
re6st/cli/conf.py
View file @
5609588d
...
...
@@ -6,7 +6,9 @@ if 're6st' not in sys.modules:
sys
.
path
[
0
]
=
os
.
path
.
dirname
(
os
.
path
.
dirname
(
sys
.
path
[
0
]))
from
re6st
import
registry
,
utils
,
x509
def
create
(
path
,
text
=
None
,
mode
=
0666
):
def
create
(
path
,
text
=
None
,
mode
=
0o666
):
if
isinstance
(
text
,
str
):
text
=
text
.
encode
()
fd
=
os
.
open
(
path
,
os
.
O_CREAT
|
os
.
O_WRONLY
|
os
.
O_TRUNC
,
mode
)
try
:
os
.
write
(
fd
,
text
)
...
...
@@ -64,12 +66,13 @@ def main():
fingerprint
=
binascii
.
a2b_hex
(
fingerprint
)
if
hashlib
.
new
(
alg
).
digest_size
!=
len
(
fingerprint
):
raise
ValueError
(
"wrong size"
)
except
StandardError
,
e
:
# StandardError is removed
except
StandardError
as
e
:
parser
.
error
(
"invalid fingerprint: %s"
%
e
)
if
x509
.
fingerprint
(
ca
,
alg
).
digest
()
!=
fingerprint
:
sys
.
exit
(
"CA fingerprint doesn't match"
)
else
:
print
"WARNING: it is strongly recommended to use --fingerprint option."
print
(
"WARNING: it is strongly recommended to use --fingerprint option."
)
network
=
x509
.
networkFromCa
(
ca
)
if
config
.
is_needed
:
route
,
err
=
subprocess
.
Popen
((
'ip'
,
'-6'
,
'-o'
,
'route'
,
'get'
,
...
...
@@ -87,20 +90,23 @@ def main():
try
:
with
open
(
cert_path
)
as
f
:
cert
=
loadCert
(
f
.
read
())
# TODO the result of get_compoonents is bytes, need to convert to string
components
=
dict
(
cert
.
get_subject
().
get_components
())
for
k
in
reserved
:
components
.
pop
(
k
,
None
)
except
IOError
,
e
:
except
IOError
as
e
:
if
e
.
errno
!=
errno
.
ENOENT
:
raise
components
=
{}
if
config
.
req
:
components
.
update
(
config
.
req
)
subj
=
req
.
get_subject
()
for
k
,
v
in
components
.
ite
rite
ms
():
for
k
,
v
in
components
.
items
():
if
k
in
reserved
:
sys
.
exit
(
k
+
" field is reserved."
)
if
v
:
if
isinstance
(
k
,
bytes
):
k
=
k
.
decode
()
setattr
(
subj
,
k
,
v
)
cert_fd
=
token_advice
=
None
...
...
@@ -112,26 +118,26 @@ def main():
token
=
''
elif
not
token
:
if
not
config
.
email
:
config
.
email
=
raw_
input
(
'Please enter your email address: '
)
config
.
email
=
input
(
'Please enter your email address: '
)
s
.
requestToken
(
config
.
email
)
token_advice
=
"Use --token to retry without asking a new token
\
n
"
while
not
token
:
token
=
raw_
input
(
'Please enter your token: '
)
token
=
input
(
'Please enter your token: '
)
try
:
with
open
(
key_path
)
as
f
:
pkey
=
crypto
.
load_privatekey
(
crypto
.
FILETYPE_PEM
,
f
.
read
())
key
=
None
print
"Reusing existing key."
except
IOError
,
e
:
print
(
"Reusing existing key."
)
except
FileNotFoundError
as
e
:
if
e
.
errno
!=
errno
.
ENOENT
:
raise
bits
=
ca
.
get_pubkey
().
bits
()
print
"Generating %s-bit key ..."
%
bits
print
(
"Generating %s-bit key ..."
%
bits
)
pkey
=
crypto
.
PKey
()
pkey
.
generate_key
(
crypto
.
TYPE_RSA
,
bits
)
key
=
crypto
.
dump_privatekey
(
crypto
.
FILETYPE_PEM
,
pkey
)
create
(
key_path
,
key
,
0600
)
create
(
key_path
,
key
,
0
o
600
)
req
.
set_pubkey
(
pkey
)
req
.
sign
(
pkey
,
'sha512'
)
...
...
@@ -139,8 +145,8 @@ def main():
# First make sure we can open certificate file for writing,
# to avoid using our token for nothing.
cert_fd
=
os
.
open
(
cert_path
,
os
.
O_CREAT
|
os
.
O_WRONLY
,
0666
)
print
"Requesting certificate ..."
cert_fd
=
os
.
open
(
cert_path
,
os
.
O_CREAT
|
os
.
O_WRONLY
,
0
o
666
)
print
(
"Requesting certificate ..."
)
cert
=
s
.
requestCertificate
(
token
,
req
)
if
not
cert
:
token_advice
=
None
...
...
@@ -179,12 +185,12 @@ key %s
#O--verb
#O3
"""
%
(
config
.
registry
,
ca_path
,
cert_path
,
key_path
))
print
"Sample configuration file created."
print
(
"Sample configuration file created."
)
cn
=
x509
.
subnetFromCert
(
cert
)
subnet
=
network
+
utils
.
binFromSubnet
(
cn
)
print
"Your subnet: %s/%u (CN=%s)"
\
%
(
utils
.
ipFromBin
(
subnet
),
len
(
subnet
),
cn
)
print
(
"Your subnet: %s/%u (CN=%s)"
\
%
(
utils
.
ipFromBin
(
subnet
),
len
(
subnet
),
cn
)
)
if
__name__
==
"__main__"
:
main
()
re6st/tests/test_unit/test_conf.py
View file @
5609588d
...
...
@@ -6,8 +6,8 @@ import os
import
sys
import
unittest
from
shutil
import
rmtree
from
StringIO
import
StringIO
from
mock
import
patch
from
io
import
StringIO
from
unittest.
mock
import
patch
from
re6st.cli
import
conf
from
re6st.tests.tools
import
generate_cert
,
serial2prefix
...
...
@@ -39,8 +39,8 @@ class TestConf(unittest.TestCase):
with
open
(
"registry.key"
)
as
f
:
cls
.
pkey
=
f
.
read
()
cls
.
command
=
"re6st-conf --registry http://localhost/"
\
" --dir %s"
%
cls
.
work_dir
cls
.
command
=
(
"re6st-conf --registry http://localhost/"
" --dir %s"
%
cls
.
work_dir
)
cls
.
serial
=
0
...
...
@@ -71,17 +71,18 @@ class TestConf(unittest.TestCase):
# go back to original dir
os
.
chdir
(
self
.
origin_dir
)
@
patch
(
"
__builtin__.raw_
input"
)
def
test_basic
(
self
,
mock_
raw_
input
):
@
patch
(
"
builtins.
input"
)
def
test_basic
(
self
,
mock_input
):
""" go through all the step
getCa, requestToken, requestCertificate
"""
mail
=
"example@email.com"
token
=
"a_token"
mock_raw_input
.
side_effect
=
[
mail
,
token
]
command
=
self
.
command
\
+
" --fingerprint sha1:a1861330f1299b98b529fa52c3d8e5d1a94dc63a"
\
+
" --req L lille"
mock_input
.
side_effect
=
[
mail
,
token
]
command
=
self
.
command
command
+=
(
" --fingerprint sha1:a1861330f1299b98b529fa52c3d8e5d1a94dc63a"
" --req L lille"
)
sys
.
argv
=
command
.
split
()
conf
.
main
()
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment