Exemplo n.º 1
0
Arquivo: dns.py Projeto: mattmb/spoke
    def _validate_input(self, ns=None, email=None, serial=None,
                        slave_refresh=None, slave_retry=None,
                        slave_expire=None, min_ttl=None):
        """Check and process inputs; return dictionary."""
        ns = common.validate_domain(ns)    
        email = common.validate_domain(email)
        
        if serial is None:
            serial = self.dns_serial_start
        serial = self._validate_number('serial', serial)

        if slave_refresh is None:
            slave_refresh = self.dns_slave_refresh
        slave_refresh = self._validate_number('slave_refresh', slave_refresh)
        
        if slave_retry is None:
            slave_retry = self.dns_slave_retry
        slave_retry = self._validate_number('slave_retry', slave_retry)
        
        if slave_expire is None:
            slave_expire = self.dns_slave_expire
        slave_expire = self._validate_number('slave_expire', slave_expire)
        
        if min_ttl is None:
            min_ttl = self.dns_min_ttl
        min_ttl = self._validate_number('min_ttl', min_ttl)
        
        return (ns, email, serial, slave_refresh, slave_retry, slave_expire,
                min_ttl) 
Exemplo n.º 2
0
    def _validate_input(self,
                        ns=None,
                        email=None,
                        serial=None,
                        slave_refresh=None,
                        slave_retry=None,
                        slave_expire=None,
                        min_ttl=None):
        """Check and process inputs; return dictionary."""
        ns = common.validate_domain(ns)
        email = common.validate_domain(email)

        if serial is None:
            serial = self.dns_serial_start
        serial = self._validate_number('serial', serial)

        if slave_refresh is None:
            slave_refresh = self.dns_slave_refresh
        slave_refresh = self._validate_number('slave_refresh', slave_refresh)

        if slave_retry is None:
            slave_retry = self.dns_slave_retry
        slave_retry = self._validate_number('slave_retry', slave_retry)

        if slave_expire is None:
            slave_expire = self.dns_slave_expire
        slave_expire = self._validate_number('slave_expire', slave_expire)

        if min_ttl is None:
            min_ttl = self.dns_min_ttl
        min_ttl = self._validate_number('min_ttl', min_ttl)

        return (ns, email, serial, slave_refresh, slave_retry, slave_expire,
                min_ttl)
Exemplo n.º 3
0
Arquivo: dns.py Projeto: mattmb/spoke
 def _validate_input(self, entry):
     """Check input and add trailing period."""
     rdn = entry[0]
     hostname = entry[1]
     hostname = common.validate_domain(hostname)
     entry = [rdn, hostname + '.']
     return entry
Exemplo n.º 4
0
 def _validate_input(self, entry):
     """Check input and add trailing period."""
     rdn = entry[0]
     hostname = entry[1]
     hostname = common.validate_domain(hostname)
     entry = [rdn, hostname + '.']
     return entry
Exemplo n.º 5
0
 def create(self, alt_name=None):
     """Sign a certificate request; return a certificate."""
     if alt_name:
         self.alt_name = common.validate_domain(alt_name)
     req = self._do_req()
     issuer = self.signca._gen_x509_name(self.signca.ca_cn)
     cert = X509.X509()
     cert.set_version(2)
     serialnumber = self.signca._increment_serial()
     cert.set_serial_number(serialnumber)
     cert.set_issuer_name(issuer)
     cert.set_subject(req.get_subject())
     certpubkey = req.get_pubkey()
     cert.set_pubkey(certpubkey)
     pubkey_fprint = self._gen_pubkey_fingerprint(certpubkey)
     cert = self._set_duration(cert)
     # Create and add certificate extensions
     cert = self._add_extensions(cert, pubkey_fprint)          
     # Sign the cert with the CA key
     cakey = RSA.load_key(self.signca.ca_key_file, 
                              callback = self.signca._pass_callback)
     capkey = EVP.PKey()
     capkey.assign_rsa(cakey, 1)
     cert.sign(capkey, 'sha1')   
     self._save_cert(cert)
     result = self.get()
     return result
Exemplo n.º 6
0
Arquivo: ca.py Projeto: mattmb/spoke
 def create(self, alt_name=None):
     """Sign a certificate request; return a certificate."""
     if alt_name:
         self.alt_name = common.validate_domain(alt_name)
     req = self._do_req()
     issuer = self.signca._gen_x509_name(self.signca.ca_cn)
     cert = X509.X509()
     cert.set_version(2)
     serialnumber = self.signca._increment_serial()
     cert.set_serial_number(serialnumber)
     cert.set_issuer_name(issuer)
     cert.set_subject(req.get_subject())
     certpubkey = req.get_pubkey()
     cert.set_pubkey(certpubkey)
     pubkey_fprint = self._gen_pubkey_fingerprint(certpubkey)
     cert = self._set_duration(cert)
     # Create and add certificate extensions
     cert = self._add_extensions(cert, pubkey_fprint)
     # Sign the cert with the CA key
     cakey = RSA.load_key(self.signca.ca_key_file,
                          callback=self.signca._pass_callback)
     capkey = EVP.PKey()
     capkey.assign_rsa(cakey, 1)
     cert.sign(capkey, 'sha1')
     self._save_cert(cert)
     result = self.get()
     return result
Exemplo n.º 7
0
Arquivo: ca.py Projeto: mattmb/spoke
 def __init__(self, cn, requester):
     self.cn = common.validate_domain(cn)
     SpokeCert.__init__(self, cn, requester)
     self.key_file = os.path.join(self.signca.ca_dir,
                                  '%s.key.pem' % self.cn)
     self.req_file = os.path.join(self.signca.ca_dir, '%s.req' % self.cn)
     self.cert_file = os.path.join(self.signca.ca_dir,
                                   '%s.cert.pem' % self.cn)
Exemplo n.º 8
0
 def __init__(self, org_name, domain_name):
     """Get config, setup logging and LDAP connection."""
     SpokeLDAP.__init__(self)
     self.config = config.setup()
     self.log = logging.getLogger(__name__)
     self.base_dn = self.config.get('LDAP', 'basedn')
     self.search_scope = 2  # ldap.SUB
     self.retrieve_attr = None
     self.org_name = org_name
     self.org = self._get_org(self.org_name)
     self.org_dn = self.org['data'][0].__getitem__(0)
     self.org_attrs = self.org['data'][0].__getitem__(1)
     self.org_classes = self.org_attrs['objectClass']
     self.dns_cont_attr = self.config.get('DNS', 'dns_cont_attr', 'ou')
     self.dns_cont_name = self.config.get('DNS', 'dns_cont_name', 'dns')
     self.dns_cont_class = self.config.get('ATTR_MAP', \
                                     'container_class', 'organizationalUnit')
     self.dns_zone_name_attr = self.config.get('DNS', 'dns_zone_attr',
                                               'zoneName')
     self.dns_zone_class = self.config.get('DNS', 'dns_zone_class',
                                           'dNSZone')
     self.dns_resource_attr = self.config.get('DNS', 'dns_resource_attr',
                                              'relativeDomainName')
     self.dns_record_class = self.config.get('DNS', 'dns_record_class',
                                             'IN')
     self.dns_default_ttl = self.config.get('DNS', 'dns_default_ttl',
                                            '86400')
     self.dns_min_ttl = self.config.get('DNS', 'dns_min_ttl', '3600')
     self.dns_serial_start = self.config.get('DNS', 'dns_serial_start', '1')
     self.dns_slave_refresh = self.config.get('DNS', 'dns_slave_refresh',
                                              '3600')
     self.dns_slave_retry = self.config.get('DNS', 'dns_slave_retry', '600')
     self.dns_slave_expire = self.config.get('DNS', 'dns_slave_expire',
                                             '86400')
     self.dns_ns_attr = self.config.get('DNS', 'dns_ns_attr', 'nSRecord')
     self.dns_soa_attr = self.config.get('DNS', 'dns_soa_attr', 'sOARecord')
     self.dns_a_attr = self.config.get('DNS', 'dns_a_attr', 'aRecord')
     self.dns_cname_attr = self.config.get('DNS', 'dns_cname_attr',
                                           'cNAMERecord')
     self.dns_mx_attr = self.config.get('DNS', 'dns_mx_attr', 'mXRecord')
     self.dns_txt_attr = self.config.get('TXT', 'dns_txt_attr', 'tXTRecord')
     self.dns_ptr_attr = self.config.get('PTR', 'dns_ptr_attr', 'pTRRecord')
     self.dns_type_attrs = {
         'SOA': self.dns_soa_attr,
         'NS': self.dns_ns_attr,
         'A': self.dns_a_attr,
         'CNAME': self.dns_cname_attr,
         'MX': self.dns_mx_attr,
         'TXT': self.dns_txt_attr,
         'PTR': self.dns_ptr_attr
     }
     self.domain_name = common.validate_domain(domain_name)
     self.dns_dn = '%s=%s,%s' % (self.dns_cont_attr, self.dns_cont_name, \
                                                             self.org_dn)
     self.zone_dn = '%s=%s,%s' % (self.dns_zone_name_attr, \
                                             self.domain_name, self.dns_dn)
Exemplo n.º 9
0
 def get(self, email_dom=None):
     """Find an email domain; return result list."""
     if email_dom:
         email_dom = common.validate_domain(email_dom)
         filter = '%s=%s' % (self.smtp_domain, email_dom)
     else:
         filter = '%s=*' % self.smtp_domain 
     dn = self.org_dn
     result = self._get_object(dn, self.search_scope, filter, 
                               attr=self.retrieve_attr)
     self.log.debug('Result: %s' % result)
     return result
Exemplo n.º 10
0
 def get(self, email_dom=None):
     """Find an email domain; return result list."""
     if email_dom:
         email_dom = common.validate_domain(email_dom)
         filter = '%s=%s' % (self.smtp_domain, email_dom)
     else:
         filter = '%s=*' % self.smtp_domain 
     dn = self.org_dn
     result = self._get_object(dn, self.search_scope, filter, 
                               attr=self.retrieve_attr)
     self.log.debug('Result: %s' % result)
     return result
Exemplo n.º 11
0
Arquivo: dns.py Projeto: mattmb/spoke
 def __init__(self, org_name, domain_name):
     """Get config, setup logging and LDAP connection."""
     SpokeLDAP.__init__(self)
     self.config = config.setup()
     self.log = logger.setup(__name__)
     self.base_dn = self.config.get('LDAP', 'basedn')
     self.search_scope = 2 # ldap.SUB
     self.retrieve_attr = None
     self.org_name = org_name
     self.org = self._get_org(self.org_name)
     self.org_dn = self.org['data'][0].__getitem__(0)
     self.org_attrs = self.org['data'][0].__getitem__(1)
     self.org_classes = self.org_attrs['objectClass']
     self.dns_cont_attr = self.config.get('DNS', 'dns_cont_attr', 'ou')
     self.dns_cont_name = self.config.get('DNS', 'dns_cont_name', 'dns')
     self.dns_cont_class = self.config.get('ATTR_MAP', \
                                     'container_class', 'organizationalUnit')
     self.dns_zone_name_attr = self.config.get('DNS', 'dns_zone_attr', 'zoneName')
     self.dns_zone_class = self.config.get('DNS', 'dns_zone_class', 'dNSZone')
     self.dns_resource_attr = self.config.get('DNS','dns_resource_attr', 'relativeDomainName')
     self.dns_record_class = self.config.get('DNS','dns_record_class', 'IN')
     self.dns_default_ttl = self.config.get('DNS', 'dns_default_ttl', '86400')
     self.dns_min_ttl = self.config.get('DNS', 'dns_min_ttl', '3600')
     self.dns_serial_start = self.config.get('DNS', 'dns_serial_start', '1')
     self.dns_slave_refresh = self.config.get('DNS','dns_slave_refresh', '3600')
     self.dns_slave_retry = self.config.get('DNS', 'dns_slave_retry', '600')
     self.dns_slave_expire = self.config.get('DNS', 'dns_slave_expire', '86400')
     self.dns_ns_attr = self.config.get('DNS', 'dns_ns_attr', 'nSRecord')
     self.dns_soa_attr = self.config.get('DNS', 'dns_soa_attr', 'sOARecord')
     self.dns_a_attr = self.config.get('DNS', 'dns_a_attr', 'aRecord')
     self.dns_cname_attr = self.config.get('DNS', 'dns_cname_attr', 'cNAMERecord')
     self.dns_mx_attr = self.config.get('DNS', 'dns_mx_attr', 'mXRecord')
     self.dns_txt_attr = self.config.get('TXT', 'dns_txt_attr', 'tXTRecord')
     self.dns_ptr_attr = self.config.get('PTR', 'dns_ptr_attr', 'pTRRecord')
     self.dns_type_attrs = {'SOA':self.dns_soa_attr,
                            'NS':self.dns_ns_attr,
                            'A':self.dns_a_attr,
                            'CNAME':self.dns_cname_attr,
                            'MX': self.dns_mx_attr,
                            'TXT': self.dns_txt_attr,
                            'PTR': self.dns_ptr_attr}
     self.domain_name = common.validate_domain(domain_name)
     self.dns_dn = '%s=%s,%s' % (self.dns_cont_attr, self.dns_cont_name, \
                                                             self.org_dn)
     self.zone_dn = '%s=%s,%s' % (self.dns_zone_name_attr, \
                                             self.domain_name, self.dns_dn)
Exemplo n.º 12
0
 def create(self, email_dom):
     """Create an email domain."""
     email_dom = common.validate_domain(email_dom)
     dn = self.base_dn
     filter = '%s=%s' % (self.smtp_domain, email_dom)
     # Global search
     result = self._get_object(dn, self.search_scope, filter, unique=True)
     if result['data'] != []:
         self.log.info('Email domain %s already exists.' % email_dom)
         raise error.AlreadyExists(result)
     dn_info = []
     if not self.smtp_class in self.org_classes:
         dn_info.append((0, 'objectClass', self.smtp_class))
     dn_info.append((0, self.smtp_domain, email_dom))
     self.log.debug('Adding email domain %s to org %s ' %
                    (email_dom, self.org_name))
     result = self._create_object(self.org_dn, dn_info)
     self.log.debug('Result: %s' % result)
     return result
Exemplo n.º 13
0
 def create(self, email_dom):
     """Create an email domain."""
     email_dom = common.validate_domain(email_dom)
     dn = self.base_dn
     filter = '%s=%s' % (self.smtp_domain, email_dom)
     # Global search
     result = self._get_object(dn, self.search_scope, filter, unique=True)
     if result['data'] != []:
         self.log.info('Email domain %s already exists.' % email_dom)
         raise error.AlreadyExists(result)
     dn_info = []
     if not self.smtp_class in self.org_classes:
         dn_info.append((0, 'objectClass', self.smtp_class))
     dn_info.append((0, self.smtp_domain, email_dom))
     self.log.debug('Adding email domain %s to org %s ' %
                       (email_dom, self.org_name))
     result = self._create_object(self.org_dn, dn_info)
     self.log.debug('Result: %s' % result)
     return result
Exemplo n.º 14
0
Arquivo: dns.py Projeto: mattmb/spoke
 def _validate_input(self, entry):
     """Check input and add trailing period to hostname."""
     entry_list = entry.split(' ')
     if len(entry_list) > 2:
         msg = 'Too many entries: do you have a space somewhere?'
         self.log.error(msg)
         raise error.InputError(msg)
     if len(entry_list) < 2:
         msg = 'Too few entries: are you missing the priority?'
         self.log.error(msg)
         raise error.InputError(msg)
     priority = entry_list[0]
     hostname = entry_list[1]
     try:
         int(priority)
     except:
         msg = 'MX record priority:%s must be an integer.' % priority
         self.log.error(msg)
         raise error.InputError(msg)       
     hostname = common.validate_domain(hostname)
     return priority + ' ' + hostname + '.'
Exemplo n.º 15
0
 def _validate_input(self, entry):
     """Check input and add trailing period to hostname."""
     entry_list = entry.split(' ')
     if len(entry_list) > 2:
         msg = 'Too many entries: do you have a space somewhere?'
         self.log.error(msg)
         raise error.InputError(msg)
     if len(entry_list) < 2:
         msg = 'Too few entries: are you missing the priority?'
         self.log.error(msg)
         raise error.InputError(msg)
     priority = entry_list[0]
     hostname = entry_list[1]
     try:
         int(priority)
     except:
         msg = 'MX record priority:%s must be an integer.' % priority
         self.log.error(msg)
         raise error.InputError(msg)
     hostname = common.validate_domain(hostname)
     return priority + ' ' + hostname + '.'
Exemplo n.º 16
0
 def __init__(self, cn, requester=None, ca=None):    
     """Get config, setup logging."""
     self.config = config.setup()
     self.log = logger.log_to_console()
     if not requester:
         requester = self.config.get('CA', 'ca_default_ca')
     requester = common.is_shell_safe(requester)
     self.is_a_ca = ca
     self.reqca = SpokeCA(requester)
     if not self.reqca.get()['data']:
         msg = 'CA %s does not exist; please create' % requester
         raise error.NotFound(msg)
     if self.is_a_ca:
         self.cn = common.is_shell_safe(cn)
         self.req_file = self.reqca.ca_req_file
         self.key_file = self.reqca.ca_key_file
     else: # We're dealing with a host CSR
         self.cn = common.validate_domain(cn)
         key_name = '%s.key.pem' % cn
         req_name = '%s.req' % cn
         self.key_file = os.path.join(self.reqca.ca_dir, key_name)
         self.req_file = os.path.join(self.reqca.ca_dir, req_name)
Exemplo n.º 17
0
Arquivo: ca.py Projeto: mattmb/spoke
 def __init__(self, cn, requester=None, ca=None):
     """Get config, setup logging."""
     self.config = config.setup()
     self.log = logger.setup(self.__module__)
     if not requester:
         requester = self.config.get('CA', 'ca_default_ca')
     requester = common.is_shell_safe(requester)
     self.is_a_ca = ca
     self.reqca = SpokeCA(requester)
     if not self.reqca.get()['data']:
         msg = 'CA %s does not exist; please create' % requester
         raise error.NotFound(msg)
     if self.is_a_ca:
         self.cn = common.is_shell_safe(cn)
         self.req_file = self.reqca.ca_req_file
         self.key_file = self.reqca.ca_key_file
     else:  # We're dealing with a host CSR
         self.cn = common.validate_domain(cn)
         key_name = '%s.key.pem' % cn
         req_name = '%s.req' % cn
         self.key_file = os.path.join(self.reqca.ca_dir, key_name)
         self.req_file = os.path.join(self.reqca.ca_dir, req_name)
Exemplo n.º 18
0
 def __init__(self, cn, requester):
     self.cn = common.validate_domain(cn)
     SpokeCert.__init__(self, cn, requester)
     self.key_file = os.path.join(self.signca.ca_dir, '%s.key.pem' % self.cn)
     self.req_file = os.path.join(self.signca.ca_dir, '%s.req' % self.cn)
     self.cert_file = os.path.join(self.signca.ca_dir, '%s.cert.pem' % self.cn)
Exemplo n.º 19
0
Arquivo: dns.py Projeto: mattmb/spoke
 def _validate_input(self, entry):
     """Check input and add trailing period."""
     entry = common.validate_domain(entry)
     return entry + '.'
Exemplo n.º 20
0
 def _validate_input(self, entry):
     """Check input and add trailing period."""
     rdn = entry[0]
     value = common.validate_domain(entry[1]) + '.'
     return [rdn, value]
Exemplo n.º 21
0
Arquivo: dns.py Projeto: mattmb/spoke
 def _validate_input(self, entry):
     """Check input and add trailing period."""
     rdn = entry[0]
     value = common.validate_domain(entry[1]) + '.'
     return [rdn, value]
Exemplo n.º 22
0
 def _validate_input(self, entry):
     """Check input and add trailing period."""
     entry = common.validate_domain(entry)
     return entry + '.'