def load_context(self, new_serial = None): if new_serial is None and self.context_failed(): logging.warn("no SSL context available for %s, PKCS12 failed", self) return False serial = new_serial or self.serial self.p12 = self.p12 or cert.load_p12bytes(serial) self.context = cert.make_context(serial, self.p12) or _PKCS12_FAILED if self.context_failed(): # so we don't try this more than once logging.warn("%s context failed", self) return False return True
def load_context(self, new_serial=None): if new_serial is None and self.context_failed(): logging.warn("no SSL context available for %s, PKCS12 failed", self) return False serial = new_serial or self.serial self.p12 = cert.load_p12bytes(serial) or self.p12 self.context = cert.make_context(serial, self.p12) or _PKCS12_FAILED if self.context_failed(): # so we don't try this more than once logging.warn("%s context failed", self) return False return True
def update_pkcs12(device, cookie = None, fiona_id = None, pkcs12_bytes = None): if cookie: device.last_cookie = cookie[:64] if fiona_id: device.fiona_id = fiona_id if pkcs12_bytes: test_context = _certificate.make_context(device.serial, pkcs12_bytes) if not test_context: logging.error("%s tried to update PKCS12 key with invalid data -- ignored") else: logging.warn("%s updated its PKCS12 client key", device) device.p12 = pkcs12_bytes # Even though we're updating the client certificate, active connections will still work with the old one. # Actually, the old certificate will still be able to open new connections for an unknown amount of time. # So there's no point in destroying the current SSL context and creating a new one. _db.update(device)
def update(device, alias=None, cookie=None, fiona_id=None, pkcs12_bytes=None): if alias: device.alias = alias if cookie: device.last_cookie = cookie[:64] if fiona_id: device.fiona_id = fiona_id if pkcs12_bytes: test_context = _certificate.make_context(device.serial, pkcs12_bytes) if not test_context: logging.error( "%s tried to update PKCS12 key with invalid data -- ignored") else: logging.warn("%s updated its PKCS12 client key", device) device.p12 = pkcs12_bytes # Even though we're updating the client certificate, active connections will still work with the old one. # Actually, the old certificate will still be able to open new connections for an unknown amount of time. # So there's no point in destroying the current SSL context and creating a new one. _db.update(device)