def __init__(self, **kwargs): cert = defaults.parse_certificate(kwargs['body']) self.issuer = defaults.issuer(cert) self.cn = defaults.common_name(cert) self.san = defaults.san(cert) self.not_before = defaults.not_before(cert) self.not_after = defaults.not_after(cert) # when destinations are appended they require a valid name. if kwargs.get('name'): self.name = kwargs['name'] else: self.name = get_or_increase_name(defaults.certificate_name(self.cn, self.issuer, self.not_before, self.not_after, self.san)) self.owner = kwargs['owner'] self.body = kwargs['body'] self.private_key = kwargs.get('private_key') self.chain = kwargs.get('chain') self.destinations = kwargs.get('destinations', []) self.notifications = kwargs.get('notifications', []) self.description = kwargs.get('description') self.roles = list(set(kwargs.get('roles', []))) self.replaces = kwargs.get('replacements', []) self.signing_algorithm = defaults.signing_algorithm(cert) self.bits = defaults.bitstrength(cert) self.serial = defaults.serial(cert) for domain in defaults.domains(cert): self.domains.append(Domain(name=domain))
def __init__(self, **kwargs): cert = defaults.parse_certificate(kwargs['body']) self.issuer = defaults.issuer(cert) self.cn = defaults.common_name(cert) self.san = defaults.san(cert) self.not_before = defaults.not_before(cert) self.not_after = defaults.not_after(cert) # when destinations are appended they require a valid name. if kwargs.get('name'): self.name = kwargs['name'] else: self.name = get_or_increase_name( defaults.certificate_name(self.cn, self.issuer, self.not_before, self.not_after, self.san)) self.owner = kwargs['owner'] self.body = kwargs['body'] self.private_key = kwargs.get('private_key') self.chain = kwargs.get('chain') self.destinations = kwargs.get('destinations', []) self.notifications = kwargs.get('notifications', []) self.description = kwargs.get('description') self.roles = list(set(kwargs.get('roles', []))) self.replaces = kwargs.get('replacements', []) self.signing_algorithm = defaults.signing_algorithm(cert) self.bits = defaults.bitstrength(cert) self.serial = defaults.serial(cert) for domain in defaults.domains(cert): self.domains.append(Domain(name=domain))
def __init__(self, **kwargs): self.body = kwargs["body"].strip() cert = self.parsed_cert self.issuer = defaults.issuer(cert) self.cn = defaults.common_name(cert) self.san = defaults.san(cert) self.not_before = defaults.not_before(cert) self.not_after = defaults.not_after(cert) self.serial = defaults.serial(cert) self.owner = kwargs["owner"] if kwargs.get("private_key"): self.private_key = kwargs["private_key"].strip() if kwargs.get("chain"): self.chain = kwargs["chain"].strip() if kwargs.get("csr"): self.csr = kwargs["csr"].strip() self.notify = kwargs.get("notify", True) self.notifications = kwargs.get("notifications", []) self.description = kwargs.get("description") self.roles = list(set(kwargs.get("roles", []))) self.replaces = kwargs.get("replaces", []) self.rotation = kwargs.get("rotation") self.rotation_policy = kwargs.get("rotation_policy") self.key_type = kwargs.get("key_type") self.signing_algorithm = defaults.signing_algorithm(cert) self.bits = defaults.bitstrength(cert) self.external_id = kwargs.get("external_id") self.authority_id = kwargs.get("authority_id") self.dns_provider_id = kwargs.get("dns_provider_id") for domain in defaults.domains(cert): self.domains.append(Domain(name=domain)) # when destinations are appended they require a valid name # do not attempt to modify self.destinations before this step if kwargs.get("name"): self.name = get_or_increase_name( defaults.text_to_slug(kwargs["name"]), self.serial) else: self.name = get_or_increase_name( defaults.certificate_name(self.cn, self.issuer, self.not_before, self.not_after, self.san, self.domains), self.serial, ) self.destinations = kwargs.get("destinations", []) # Check integrity before saving anything into the database. # For user-facing API calls, validation should also be done in schema validators. self.check_integrity()
def __init__(self, **kwargs): self.body = kwargs['body'].strip() cert = self.parsed_cert self.issuer = defaults.issuer(cert) self.cn = defaults.common_name(cert) self.san = defaults.san(cert) self.not_before = defaults.not_before(cert) self.not_after = defaults.not_after(cert) self.serial = defaults.serial(cert) # when destinations are appended they require a valid name. if kwargs.get('name'): self.name = get_or_increase_name( defaults.text_to_slug(kwargs['name']), self.serial) else: self.name = get_or_increase_name( defaults.certificate_name(self.cn, self.issuer, self.not_before, self.not_after, self.san), self.serial) self.owner = kwargs['owner'] if kwargs.get('private_key'): self.private_key = kwargs['private_key'].strip() if kwargs.get('chain'): self.chain = kwargs['chain'].strip() if kwargs.get('csr'): self.csr = kwargs['csr'].strip() self.notify = kwargs.get('notify', True) self.destinations = kwargs.get('destinations', []) self.notifications = kwargs.get('notifications', []) self.description = kwargs.get('description') self.roles = list(set(kwargs.get('roles', []))) self.replaces = kwargs.get('replaces', []) self.rotation = kwargs.get('rotation') self.rotation_policy = kwargs.get('rotation_policy') self.signing_algorithm = defaults.signing_algorithm(cert) self.bits = defaults.bitstrength(cert) self.external_id = kwargs.get('external_id') self.authority_id = kwargs.get('authority_id') self.dns_provider_id = kwargs.get('dns_provider_id') for domain in defaults.domains(cert): self.domains.append(Domain(name=domain)) # Check integrity before saving anything into the database. # For user-facing API calls, validation should also be done in schema validators. self.check_integrity()
def __init__(self, **kwargs): self.body = kwargs['body'].strip() cert = self.parsed_cert self.issuer = defaults.issuer(cert) self.cn = defaults.common_name(cert) self.san = defaults.san(cert) self.not_before = defaults.not_before(cert) self.not_after = defaults.not_after(cert) self.serial = defaults.serial(cert) # when destinations are appended they require a valid name. if kwargs.get('name'): self.name = get_or_increase_name(defaults.text_to_slug(kwargs['name']), self.serial) else: self.name = get_or_increase_name( defaults.certificate_name(self.cn, self.issuer, self.not_before, self.not_after, self.san), self.serial) self.owner = kwargs['owner'] if kwargs.get('private_key'): self.private_key = kwargs['private_key'].strip() if kwargs.get('chain'): self.chain = kwargs['chain'].strip() if kwargs.get('csr'): self.csr = kwargs['csr'].strip() self.notify = kwargs.get('notify', True) self.destinations = kwargs.get('destinations', []) self.notifications = kwargs.get('notifications', []) self.description = kwargs.get('description') self.roles = list(set(kwargs.get('roles', []))) self.replaces = kwargs.get('replaces', []) self.rotation = kwargs.get('rotation') self.rotation_policy = kwargs.get('rotation_policy') self.signing_algorithm = defaults.signing_algorithm(cert) self.bits = defaults.bitstrength(cert) self.external_id = kwargs.get('external_id') self.authority_id = kwargs.get('authority_id') self.dns_provider_id = kwargs.get('dns_provider_id') for domain in defaults.domains(cert): self.domains.append(Domain(name=domain)) # Check integrity before saving anything into the database. # For user-facing API calls, validation should also be done in schema validators. self.check_integrity()
def sync_certificates(source, user): new, updated = 0, 0 current_app.logger.debug("Retrieving certificates from {0}".format( source.label)) s = plugins.get(source.plugin_name) certificates = s.get_certificates(source.options) for certificate in certificates: exists = False if certificate.get("search", None): conditions = certificate.pop("search") exists = certificate_service.get_by_attributes(conditions) if not exists and certificate.get("name"): result = certificate_service.get_by_name(certificate["name"]) if result: exists = [result] if not exists and certificate.get("serial"): exists = certificate_service.get_by_serial(certificate["serial"]) if not exists: cert = parse_certificate(certificate["body"]) matching_serials = certificate_service.get_by_serial(serial(cert)) exists = find_matching_certificates_by_hash(cert, matching_serials) if not certificate.get("owner"): certificate["owner"] = user.email certificate["creator"] = user exists = [x for x in exists if x] if not exists: certificate_create(certificate, source) new += 1 else: for e in exists: if certificate.get("external_id"): e.external_id = certificate["external_id"] if certificate.get("authority_id"): e.authority_id = certificate["authority_id"] certificate_update(e, source) updated += 1 return new, updated
def sync_certificates(source, user): new, updated = 0, 0 current_app.logger.debug("Retrieving certificates from {0}".format(source.label)) s = plugins.get(source.plugin_name) certificates = s.get_certificates(source.options) for certificate in certificates: exists = False if certificate.get('search', None): conditions = certificate.pop('search') exists = certificate_service.get_by_attributes(conditions) if not exists and certificate.get('name'): result = certificate_service.get_by_name(certificate['name']) if result: exists = [result] if not exists and certificate.get('serial'): exists = certificate_service.get_by_serial(certificate['serial']) if not exists: cert = parse_certificate(certificate['body']) matching_serials = certificate_service.get_by_serial(serial(cert)) exists = find_matching_certificates_by_hash(cert, matching_serials) if not certificate.get('owner'): certificate['owner'] = user.email certificate['creator'] = user exists = [x for x in exists if x] if not exists: certificate_create(certificate, source) new += 1 else: for e in exists: if certificate.get('external_id'): e.external_id = certificate['external_id'] if certificate.get('authority_id'): e.authority_id = certificate['authority_id'] certificate_update(e, source) updated += 1 return new, updated
def __init__(self, **kwargs): cert = lemur.common.utils.parse_certificate(kwargs['body']) self.issuer = defaults.issuer(cert) self.cn = defaults.common_name(cert) self.san = defaults.san(cert) self.not_before = defaults.not_before(cert) self.not_after = defaults.not_after(cert) self.serial = defaults.serial(cert) # when destinations are appended they require a valid name. if kwargs.get('name'): self.name = get_or_increase_name( defaults.text_to_slug(kwargs['name']), self.serial) else: self.name = get_or_increase_name( defaults.certificate_name(self.cn, self.issuer, self.not_before, self.not_after, self.san), self.serial) self.owner = kwargs['owner'] self.body = kwargs['body'].strip() if kwargs.get('private_key'): self.private_key = kwargs['private_key'].strip() if kwargs.get('chain'): self.chain = kwargs['chain'].strip() self.notify = kwargs.get('notify', True) self.destinations = kwargs.get('destinations', []) self.notifications = kwargs.get('notifications', []) self.description = kwargs.get('description') self.roles = list(set(kwargs.get('roles', []))) self.replaces = kwargs.get('replaces', []) self.rotation = kwargs.get('rotation') self.rotation_policy = kwargs.get('rotation_policy') self.signing_algorithm = defaults.signing_algorithm(cert) self.bits = defaults.bitstrength(cert) self.external_id = kwargs.get('external_id') self.authority_id = kwargs.get('authority_id') self.dns_provider_id = kwargs.get('dns_provider_id') for domain in defaults.domains(cert): self.domains.append(Domain(name=domain))
def sync_certificates(source, user): new, updated = 0, 0 current_app.logger.debug("Retrieving certificates from {0}".format( source.label)) s = plugins.get(source.plugin_name) certificates = s.get_certificates(source.options) for certificate in certificates: exists = False if certificate.get('name'): result = certificate_service.get_by_name(certificate['name']) if result: exists = [result] if not exists and certificate.get('serial'): exists = certificate_service.get_by_serial(certificate['serial']) if not exists: cert = parse_certificate(certificate['body']) exists = certificate_service.get_by_serial(serial(cert)) if not certificate.get('owner'): certificate['owner'] = user.email certificate['creator'] = user exists = [x for x in exists if x] if not exists: certificate_create(certificate, source) new += 1 else: for e in exists: if certificate.get('external_id'): e.external_id = certificate['external_id'] if certificate.get('authority_id'): e.authority_id = certificate['authority_id'] certificate_update(e, source) updated += 1 return new, updated
def find_cert(certificate): updated_by_hash = 0 exists = False if certificate.get("search", None): conditions = certificate.pop("search") exists = certificate_service.get_by_attributes(conditions) if not exists and certificate.get("name"): result = certificate_service.get_by_name(certificate["name"]) if result: exists = [result] if not exists and certificate.get("serial"): exists = certificate_service.get_by_serial(certificate["serial"]) if not exists: cert = parse_certificate(certificate["body"]) matching_serials = certificate_service.get_by_serial(serial(cert)) exists = find_matching_certificates_by_hash(cert, matching_serials) updated_by_hash += 1 exists = [x for x in exists if x] return exists, updated_by_hash