def set_node_model(opts: CommonOpts, node_ssl_service) -> None:
"""
Must be executed after set_network_info
:param self:
:param opts:
:param node_ssl_service:
:return:
"""
node_model = None
if opts.node_id:
# Test network, get pre-configured peers from the SDN.
node_model = sdn_http_service.fetch_node_attributes(opts.node_id)
if not node_model:
node_model = _register_node(opts, node_ssl_service)
if node_model.cert is not None:
private_cert = ssl_serializer.deserialize_cert(node_model.cert)
node_ssl_service.blocking_store_node_certificate(private_cert)
ssl_context = node_ssl_service.create_ssl_context(SSLCertificateType.PRIVATE)
sdn_http_service.reset_pool(ssl_context)
# Add opts from SDN, but don't overwrite CLI args
default_values_to_update = [None, -1]
for key, val in node_model.__dict__.items():
if opts.__dict__.get(key) in default_values_to_update:
opts.__dict__[key] = val
def fetch_cert(url: str) -> Certificate:
"""
Fetch a certificate from a URL.
:param url: the URL to the certificate file
:return: a certificate object
"""
with fetch_file(url) as cert_file:
return ssl_serializer.deserialize_cert(cert_file.read())
def get_socket_cert(
ssl_socket: Union[SSLSocket, ssl.SSLObject]) -> Certificate:
"""
Obtain a peer certificate from an SSL socket.
:param ssl_socket: the SSL socket object
:return: a certificate object
"""
der_cert = ssl_socket.getpeercert(True)
pem_cert = ssl.DER_cert_to_PEM_cert(der_cert) # pyre-ignore
return ssl_serializer.deserialize_cert(pem_cert)
def test_deserialize_cert(self):
with open(self.cert_file_path, "rb") as template_cert_file:
cert = ssl_serializer.deserialize_cert(template_cert_file.read())
self.assertEqual(self.template_cert, cert)