class certmap_match(MethodOverride): takes_args = (File( 'file?', label=_("Input file"), doc=_("File to load the certificate from"), include='cli', ), ) def get_args(self): for arg in super(certmap_match, self).get_args(): if arg.name != 'certificate' or self.api.env.context != 'cli': yield arg def get_options(self): for arg in super(certmap_match, self).get_args(): if arg.name == 'certificate' and self.api.env.context == 'cli': yield arg.clone(required=False) for option in super(certmap_match, self).get_options(): yield option def forward(self, *args, **options): if self.api.env.context == 'cli': if args and 'certificate' in options: raise errors.MutuallyExclusiveError( reason=_("cannot specify both raw certificate and file")) if args: args = [x509.load_unknown_x509_certificate(args[0])] elif 'certificate' in options: args = [options.pop('certificate')] else: args = [] return super(certmap_match, self).forward(*args, **options)
class cert_find(MethodOverride): takes_options = (File( 'file?', label=_("Input filename"), doc=_('File to load the certificate from.'), include='cli', ), ) def forward(self, *args, **options): if self.api.env.context == 'cli': if 'certificate' in options and 'file' in options: raise errors.MutuallyExclusiveError( reason=_("cannot specify both raw certificate and file")) if 'certificate' not in options and 'file' in options: options['certificate'] = x509.strip_header(options.pop('file')) return super(cert_find, self).forward(*args, **options)
class cert_get_requestdata(Local): __doc__ = _('Gather data for a certificate signing request.') NO_CLI = True takes_options = ( Principal( 'principal', label=_('Principal'), doc=_('Principal for this certificate (e.g.' ' HTTP/test.example.com)'), ), Str( 'profile_id?', label=_('Profile ID'), doc=_('CSR Generation Profile to use'), ), File( 'public_key_info', label=_('Subject Public Key Info'), doc=_('DER-encoded SubjectPublicKeyInfo structure'), ), Str( 'out?', doc=_('Write CertificationRequestInfo to file'), ), ) has_output = (output.Output( 'result', type=dict, doc=_('Dictionary mapping variable name to value'), ), ) has_output_params = (Str( 'request_info', label=_('CertificationRequestInfo structure'), )) def execute(self, *args, **options): if 'out' in options: util.check_writable_file(options['out']) principal = options.get('principal') profile_id = options.get('profile_id') if profile_id is None: profile_id = dogtag.DEFAULT_PROFILE public_key_info = options.get('public_key_info') public_key_info = base64.b64decode(public_key_info) if self.api.env.in_server: backend = self.api.Backend.ldap2 else: backend = self.api.Backend.rpcclient if not backend.isconnected(): backend.connect() try: if principal.is_host: principal_obj = api.Command.host_show(principal.hostname, all=True) elif principal.is_service: principal_obj = api.Command.service_show(unicode(principal), all=True) elif principal.is_user: principal_obj = api.Command.user_show(principal.username, all=True) except errors.NotFound: raise errors.NotFound( reason=_("The principal for this request doesn't exist.")) principal_obj = principal_obj['result'] config = api.Command.config_show()['result'] generator = csrgen.CSRGenerator(csrgen.FileRuleProvider()) csr_config = generator.csr_config(principal_obj, config, profile_id) request_info = base64.b64encode( csrgen_ffi.build_requestinfo(csr_config.encode('utf8'), public_key_info)) result = {} if 'out' in options: with open(options['out'], 'wb') as f: f.write(request_info) else: result = dict(request_info=request_info) return dict(result=result)