def _create_dest(args): pkey = None if args.pkey: with open(args.pkey, 'rb') as f: pkey = crypto.load_private_key(f.read()) with app.app_context(): dest = Destination(user_id=1, host=args.host, port=args.port, user=args.user, password=args.pwd, ssh_priv_key=pkey, ssh_priv_key_pass=args.pkeypass, challengeDestinationPath=args.challengePath, certDestinationPath=args.certPath, exportFormat=args.exportFormat, no_check=args.nocheck) if dest.create(): print("Destination: {} created".format(dest.id)) print(dest.json) else: print( "Error creating destination with given data. Check hostname, password, private key" ) print(dest.json)
def _update_dest(args): with app.app_context(): dest = Destination.query.get(args.id) if not dest: print("There is no such destination {}".format(args.id)) return if dest.user_id != 1: print("This destination does not belong to the admin") return pkey = None if args.pkey: with open(args.pkey, 'rb') as f: pkey = crypto.load_private_key(f.read()) if dest.update(user_id=1, host=args.host, port=args.port, user=args.user, password=args.pwd, ssh_priv_key=pkey, ssh_priv_key_pass=args.pkeypass, challengeDestinationPath=args.challengePath, certDestinationPath=args.certPath, exportFormat=args.exportFormat, no_check=args.nocheck): print("Destination: {} updated".format(dest.id)) print(dest.json) else: print( "Error updating destination with given data. Check hostname, password, private key" ) print(dest.json)
def new_destination(): post_data = post_data = request.form host = post_data.get('host') port = post_data.get('port', 22) user = post_data.get('user', 'root') password = post_data.get('password') ssh_priv_key = post_data.get('ssh_priv_key') ssh_priv_key_pass = post_data.get('ssh_priv_key_pass') challengeDestinationPath = post_data.get('challengeDestinationPath') certDestinationPath = post_data.get('certDestinationPath') exportFormat = post_data.get('exportFormat') if not host: post_data = request.get_json(force=True) host = post_data.get('host') port = post_data.get('port', 22) user = post_data.get('user', 'root') password = post_data.get('password') ssh_priv_key = post_data.get('ssh_priv_key') ssh_priv_key_pass = post_data.get('ssh_priv_key_pass') challengeDestinationPath = post_data.get('challengeDestinationPath') certDestinationPath = post_data.get('certDestinationPath') exportFormat = post_data.get('exportFormat') user_id = g.user.id if host is None: return (jsonify({'status': 'host field missing'}), 400) if password is None and ssh_priv_key is None: return (jsonify({ 'status': 'password and ssh_priv_key fields missing. Provide atleast one' }), 400) key = None if ssh_priv_key: key = crypto.load_private_key(ssh_priv_key.encode('UTF-8')) dest = Destination(user_id=user_id, host=host, port=port, user=user, password=password, ssh_priv_key=key, ssh_priv_key_pass=ssh_priv_key_pass, challengeDestinationPath=challengeDestinationPath, certDestinationPath=certDestinationPath, exportFormat=exportFormat) if dest.create(): return (jsonify({ 'status': 'New destination created', 'id': dest.id }), 201, { 'Location': url_for('get_destination', id=dest.id, _external=True), 'destination_id': dest.id }) else: status = json.loads(dest.json) status[ 'status'] = "Error creating destination with given data. Check hostname, password, private key" return (jsonify(status), 400)
def _issue(args): key = None if args.key_file: with open(args.key_file, 'rb') as f: key = crypto.load_private_key(f.read()) csr = None if args.csr_file: with open(args.csr_file, 'rb') as f: key = crypto.load_csr(f.read()) with app.app_context(): ret, order_id = create_order( account_id=args.account, destination_id=args.destination, domains=args.domains, type=args.type, provider=args.provider, email=args.email, organization=args.organization, organizational_unit=args.organizational_unit, country=args.country, state=args.state, location=args.location, reissue=args.reissue, csr=csr, key=key) if ret: print("Order created with order id: {}".format(order_id)) else: print("Order creation failed.")
def new_order(): post_data = request.get_json(force=True) domains = post_data.get('domains') account = post_data.get('account') destination = post_data.get('destination') type = post_data.get('type') provider = post_data.get('provider') email = post_data.get('email') organization = post_data.get('organization') organizational_unit = post_data.get('organizational_unit') country = post_data.get('country') state = post_data.get('state') location = post_data.get('location') csr = post_data.get('csr') key = post_data.get('key') reissue = post_data.get('reissue') if not destination: if domains is None or domains == []: return (jsonify( {'status': 'Provide atleast one domain or destination'}), 400) else: destination_db = Destination.query.get(destination) if g.user.id != destination_db.user_id: return (jsonify( {'status': 'This destination does not belong to you!'}), 400) account = Account.query.get(account) if g.user.id != account.user_id: return (jsonify({'status': 'This account does not belong to you!'}), 400) pem_key = None if key: pem_key = crypto.load_private_key(key.encode('UTF-8')) pem_csr = None if csr: pem_csr = crypto.load_csr(csr.encode('UTF-8')) ret, order_id = create_order(account.id, destination, domains, type, provider, email, organization, organizational_unit, country, state, location, reissue, pem_csr, pem_key) if ret: return (jsonify({ 'status': 'New order created, Please wait some time before acessing the order', 'id': order_id }), 201, { 'Location': url_for('get_order', id=order_id, _external=True) }) else: return (jsonify({ 'status': 'Order already exists', 'id': order_id }), 200, { 'Location': url_for('get_order', id=order_id, _external=True) })
def new_acme_account(): post_data = post_data = request.form email = post_data.get('email') server = post_data.get('server') organization = post_data.get('organization') organizational_unit = post_data.get('organizational_unit') country = post_data.get('country') state = post_data.get('state') location = post_data.get('location') key = post_data.get('key') if not email: post_data = request.get_json(force=True) email = post_data.get('email') server = post_data.get('server') organization = post_data.get('organization') organizational_unit = post_data.get('organizational_unit') country = post_data.get('country') state = post_data.get('state') location = post_data.get('location') key = post_data.get('key') user_id = g.user.id if email is None: abort(400) if server is None: server = config.LETS_ENCRYPT_PRODUCTION rsa_key = None if key: rsa_key = crypto.load_private_key(key.encode('UTF-8')) ret, account_id = register(user_id, email, server, rsa_key, organization, organizational_unit, country, state, location) if ret: return (jsonify({ 'status': 'New account created', 'id': account_id }), 201, { 'Location': url_for('get_acme_account', id=account_id, _external=True), 'account_id': account_id }) else: return (jsonify({ 'status': 'Account already exists', 'id': account_id }), 200, { 'Location': url_for('get_acme_account', id=account_id, _external=True), 'account_id': account_id })
def __init__(self, account_id=None): if account_id: self.account = Account.query.get(account_id) self.key = jose.JWKRSA( key=crypto.load_private_key(self.account.key.encode("utf8"))) regr = RegistrationResource.from_json( json.loads(self.account.contents)) net = ClientNetwork(self.key, account=regr) self.client = BackwardsCompatibleClientV2( net, self.key, self.account.directory_uri) else: print("Setup ACME Account")
def _register(args): key = None if args.key_file: with open(args.key_file, 'rb') as f: key = crypto.load_private_key(f.read()) with app.app_context(): ret, act_id = register(user_id=1, email=args.email, server=args.server, rsa_key=key, organization=args.organization, organizational_unit=args.organizational_unit, country=args.country, state=args.state, location=args.location) if ret: print("Account created with account id: {}".format(act_id)) print("Pass this account id for issue, revoke, etc...") else: print("Account with same email exists: account id: {}".format(act_id))
def update_destination(id): dest = Destination.query.get(id) if not dest: return (jsonify({'status': 'There is no such destination!'}), 404) if g.user.id != dest.user_id: return (jsonify({'status': 'This destination does not belong to you!'}), 401) post_data = post_data = request.form host = post_data.get('host') port = post_data.get('port', 22) user = post_data.get('user', 'root') password = post_data.get('password') ssh_priv_key = post_data.get('ssh_priv_key') ssh_priv_key_pass = post_data.get('ssh_priv_key_pass') challengeDestinationPath = post_data.get('challengeDestinationPath') certDestinationPath = post_data.get('certDestinationPath') exportFormat = post_data.get('exportFormat') if not (host or port or user or password or ssh_priv_key or ssh_priv_key_pass or challengeDestinationPath or certDestinationPath or exportFormat): post_data = request.get_json(force=True) host = post_data.get('host') port = post_data.get('port', 22) user = post_data.get('user', 'root') password = post_data.get('password') ssh_priv_key = post_data.get('ssh_priv_key') ssh_priv_key_pass = post_data.get('ssh_priv_key_pass') challengeDestinationPath = post_data.get('challengeDestinationPath') certDestinationPath = post_data.get('certDestinationPath') exportFormat = post_data.get('exportFormat') user_id = g.user.id key = None if ssh_priv_key: key = crypto.load_private_key(ssh_priv_key.encode('UTF-8')) ret = dest.update(user_id=user_id, host=host, port=port, user=user, password=password, ssh_priv_key=key, ssh_priv_key_pass=ssh_priv_key_pass, challengeDestinationPath=challengeDestinationPath, certDestinationPath=certDestinationPath, exportFormat=exportFormat) if ret: return (jsonify({ 'status': 'Destination updated', 'id': dest.id }), 202, { 'Location': url_for('get_destination', id=dest.id, _external=True), 'destination_id': dest.id }) else: status = json.loads(dest.json) status[ 'status'] = "Error updating destination with given data. Check hostname, password, private key" return (jsonify(status), 400)
def thumbprint(self): return crypto.generate_jwk_thumbprint( crypto.load_private_key(self.key.encode("utf8")))