def Commit_Rule (self): vsrv_num = CTK.cfg.get_val ('%s!vsrv_num'%(PREFIX)) auto_cert = int (CTK.cfg.get_val ('%s!gen_autosigned_cert'%(PREFIX), "1")) if not auto_cert: cert_fp = CTK.cfg.get_val ('%s!cert'%(PREFIX)) cert_key_fp = CTK.cfg.get_val ('%s!cert_key'%(PREFIX)) else: # Certs dir cert_dir = os.path.join (CHEROKEE_VAR_LIB, "certs") if not os.path.exists (cert_dir): try: os.makedirs (cert_dir) except Exception, e: return {'ret': 'error', 'errors': {'%s!gen_autosigned_cert'%(PREFIX): str(e)}} # Cert files cert_fp = os.path.join (cert_dir, "autogenerated.crt") cert_key_fp = os.path.join (cert_dir, "autogenerated.key") if not os.path.exists (cert_fp) or \ not os.path.exists (cert_key_fp): error = Certs.create_selfsigned_cert (cert_dir, "autogenerated", "*") if error: return {'ret': 'error', 'errors': {'%s!cert_key'%(PREFIX): error}}
def Commit_Rule(self): vsrv_num = CTK.cfg.get_val('%s!vsrv_num' % (PREFIX)) auto_cert = int( CTK.cfg.get_val('%s!gen_autosigned_cert' % (PREFIX), "1")) if not auto_cert: cert_fp = CTK.cfg.get_val('%s!cert' % (PREFIX)) cert_key_fp = CTK.cfg.get_val('%s!cert_key' % (PREFIX)) else: # Certs dir cert_dir = os.path.join(CHEROKEE_VAR_LIB, "certs") if not os.path.exists(cert_dir): try: os.makedirs(cert_dir) except e: return { 'ret': 'error', 'errors': { '%s!cert_key' % (PREFIX): str(e) } } # Cert files cert_fp = os.path.join(cert_dir, "autogenerated.crt") cert_key_fp = os.path.join(cert_dir, "autogenerated.key") if not os.path.exists (cert_fp) or \ not os.path.exists (cert_key_fp): error = Certs.create_selfsigned_cert(cert_dir, "autogenerated", "*") if error: return { 'ret': 'error', 'errors': { '%s!cert_key' % (PREFIX): error } } # # Tweak the configuration # # General SSL support if not CTK.cfg.get_val('server!tls'): CTK.cfg['server!tls'] = 'libssl' # HTTPS Port k_max = 0 https_found = False for k in CTK.cfg.keys('server!bind'): k_max = max(k_max, int(k)) if CTK.cfg.get_val('server!bind!%s!port' % (k)) == '443': https_found = True if CTK.cfg.get_val('server!bind!%s!tls' % (k)) != '1': CTK.cfg['server!bind!%s!tls' % (k)] = '1' if not https_found: CTK.cfg['server!bind!%s!port' % (k_max + 1)] = '443' CTK.cfg['server!bind!%s!tls' % (k_max + 1)] = '1' # VServer support CTK.cfg['vserver!%s!ssl_certificate_file' % (vsrv_num)] = cert_fp CTK.cfg['vserver!%s!ssl_certificate_key_file' % (vsrv_num)] = cert_key_fp # Default VServer support is mandatory vs = [int(x) for x in CTK.cfg.keys('vserver')] vs.sort() default_pre = "vserver!%s" % (vs[0]) if not CTK.cfg.get_val('%s!ssl_certificate_file' % (default_pre)): CTK.cfg['%s!ssl_certificate_file' % (default_pre)] = cert_fp CTK.cfg['%s!ssl_certificate_key_file' % (default_pre)] = cert_key_fp return CTK.cfg_reply_ajax_ok()
def Commit_Rule (self): vsrv_num = CTK.cfg.get_val ('%s!vsrv_num'%(PREFIX)) auto_cert = int (CTK.cfg.get_val ('%s!gen_autosigned_cert'%(PREFIX), "1")) if not auto_cert: cert_fp = CTK.cfg.get_val ('%s!cert'%(PREFIX)) cert_key_fp = CTK.cfg.get_val ('%s!cert_key'%(PREFIX)) else: # Certs dir cert_dir = os.path.join (CHEROKEE_VAR_LIB, "certs") if not os.path.exists (cert_dir): try: os.makedirs (cert_dir) except e: return {'ret': 'error', 'errors': {'%s!cert_key'%(PREFIX): str(e)}} # Cert files cert_fp = os.path.join (cert_dir, "autogenerated.crt") cert_key_fp = os.path.join (cert_dir, "autogenerated.key") if not os.path.exists (cert_fp) or \ not os.path.exists (cert_key_fp): error = Certs.create_selfsigned_cert (cert_dir, "autogenerated", "*") if error: return {'ret': 'error', 'errors': {'%s!cert_key'%(PREFIX): error}} # # Tweak the configuration # # General SSL support if not CTK.cfg.get_val('server!tls'): CTK.cfg['server!tls'] = 'libssl' # HTTPS Port k_max = 0 https_found = False for k in CTK.cfg.keys('server!bind'): k_max = max (k_max, int(k)) if CTK.cfg.get_val ('server!bind!%s!port'%(k)) == '443': https_found = True if CTK.cfg.get_val ('server!bind!%s!tls'%(k)) != '1': CTK.cfg['server!bind!%s!tls'%(k)] = '1' if not https_found: CTK.cfg['server!bind!%s!port'%(k_max + 1)] = '443' CTK.cfg['server!bind!%s!tls' %(k_max + 1)] = '1' # VServer support CTK.cfg['vserver!%s!ssl_certificate_file' %(vsrv_num)] = cert_fp CTK.cfg['vserver!%s!ssl_certificate_key_file'%(vsrv_num)] = cert_key_fp # Default VServer support is mandatory vs = [int(x) for x in CTK.cfg.keys('vserver')] vs.sort() default_pre = "vserver!%s" %(vs[0]) if not CTK.cfg.get_val('%s!ssl_certificate_file'%(default_pre)): CTK.cfg['%s!ssl_certificate_file' %(default_pre)] = cert_fp CTK.cfg['%s!ssl_certificate_key_file'%(default_pre)] = cert_key_fp return CTK.cfg_reply_ajax_ok()