def __init__( self, request_handler=http_server.TestingHTTPRequestHandler, protocol_version=None, key_file=ssl_certs.build_path("server_without_pass.key"), cert_file=ssl_certs.build_path("server.crt"), ): http_server.HttpServer.__init__(self, request_handler=request_handler, protocol_version=protocol_version) self.key_file = key_file self.cert_file = cert_file self.temp_files = []
def __init__(self, request_handler=http_server.TestingHTTPRequestHandler, protocol_version=None, key_file=ssl_certs.build_path('server_without_pass.key'), cert_file=ssl_certs.build_path('server.crt')): http_server.HttpServer.__init__(self, request_handler=request_handler, protocol_version=protocol_version) self.key_file = key_file self.cert_file = cert_file self.temp_files = []
def build_server_key(): """Generate an ssl server private key. We generates a key with a password and then copy it without password so that as server can user it without prompting. """ key_path = ssl_certs.build_path('server_with_pass.key') rm_f(key_path) _openssl(['genrsa', '-passout', 'stdin', '-des3', '-out', key_path, '4096'], input='%(server_pass)s\n%(server_pass)s\n' % ssl_params) key_nopass_path = ssl_certs.build_path('server_without_pass.key') rm_f(key_nopass_path) _openssl(['rsa', '-passin', 'stdin', '-in', key_path, '-out', key_nopass_path,], input='%(server_pass)s\n' % ssl_params)
def sign_server_certificate(): """CA signs server csr""" server_csr_path = ssl_certs.build_path('server.csr') ca_cert_path = ssl_certs.build_path('ca.crt') ca_key_path = ssl_certs.build_path('ca.key') needs('Signing server.crt', server_csr_path, ca_cert_path, ca_key_path) server_cert_path = ssl_certs.build_path('server.crt') rm_f(server_cert_path) _openssl(['x509', '-req', '-passin', 'stdin', # Will need to be generated again in 10 years -- vila 20071122 '-days', '3650', '-in', server_csr_path, '-CA', ca_cert_path, '-CAkey', ca_key_path, '-set_serial', '01', '-out', server_cert_path,], input='%(ca_pass)s\n' % ssl_params)
def build_ca_certificate(): """Generate an ssl certificate authority private key.""" key_path = ssl_certs.build_path('ca.key') needs('Building ca.crt', key_path) cert_path = ssl_certs.build_path('ca.crt') rm_f(cert_path) _openssl(['req', '-passin', 'stdin', '-new', '-x509', # Will need to be generated again in 10 years -- vila 20071122 '-days', '3650', '-key', key_path, '-out', cert_path], input='%(ca_pass)s\n' '%(ca_country_code)s\n' '%(ca_state)s\n' '%(ca_locality)s\n' '%(ca_organization)s\n' '%(ca_section)s\n' '%(ca_name)s\n' '%(ca_email)s\n' % ssl_params)
def build_server_signing_request(): """Create a CSR (certificate signing request) to get signed by the CA""" key_path = ssl_certs.build_path('server_with_pass.key') needs('Building server.csr', key_path) server_csr_path = ssl_certs.build_path('server.csr') rm_f(server_csr_path) _openssl(['req', '-passin', 'stdin', '-new', '-key', key_path, '-out', server_csr_path], input='%(server_pass)s\n' '%(server_country_code)s\n' '%(server_state)s\n' '%(server_locality)s\n' '%(server_organization)s\n' '%(server_section)s\n' '%(server_name)s\n' '%(server_email)s\n' '%(server_challenge_pass)s\n' '%(server_optional_company_name)s\n' % ssl_params)
def setUp(self): tests.TestCase.setUp(self) self.server = self.server_class() self.server.start_server() self.addCleanup(self.server.stop_server) # Ensure we don't clobber env self.overrideEnv('BZR_LP_XMLRPC_URL', None) # Ensure we use the right certificates for https. # FIXME: There should be a better way but the only alternative I can # think of involves carrying the ca_certs through the lp_registration # infrastructure to _urllib2_wrappers... -- vila 2012-01-20 bzrlib.global_state.cmdline_overrides._from_cmdline( ['ssl.ca_certs=%s' % ssl_certs.build_path('ca.crt')])
def setUp(self): super(TestXMLRPCTransport, self).setUp() self.server = self.server_class() self.server.start_server() self.addCleanup(self.server.stop_server) # Ensure we don't clobber env self.overrideEnv('BZR_LP_XMLRPC_URL', None) # Ensure we use the right certificates for https. # FIXME: There should be a better way but the only alternative I can # think of involves carrying the ca_certs through the lp_registration # infrastructure to _urllib2_wrappers... -- vila 2012-01-20 bzrlib.global_state.cmdline_overrides._from_cmdline( ['ssl.ca_certs=%s' % ssl_certs.build_path('ca.crt')])
def __init__(self, base, _from_transport=None): super(HTTPS_urllib_transport, self).__init__(base, _from_transport=_from_transport, ca_certs=ssl_certs.build_path('ca.crt'))
def __init__(self, base, _from_transport=None): super(HTTPS_urllib_transport, self).__init__( base, _from_transport=_from_transport, ca_certs=ssl_certs.build_path('ca.crt'))
def build_ca_key(): """Generate an ssl certificate authority private key.""" key_path = ssl_certs.build_path('ca.key') rm_f(key_path) _openssl(['genrsa', '-passout', 'stdin', '-des3', '-out', key_path, '4096'], input='%(ca_pass)s\n%(ca_pass)s\n' % ssl_params)
def __init__(self, base, _from_transport=None): super(HTTPS_pycurl_transport, self).__init__(base, _from_transport) self.cabundle = str(ssl_certs.build_path('ca.crt'))