def add_extensions(self, parser: CommandParser) -> None: """Add arguments for x509 extensions.""" group = parser.add_argument_group("X509 v3 certificate extensions", self.add_extensions_help) group.add_argument( "--key-usage", metavar="VALUES", action=actions.OrderedSetExtensionAction, extension=KeyUsage, help='The keyUsage extension, e.g. "critical,keyCertSign".', ) group.add_argument( "--ext-key-usage", metavar="VALUES", action=actions.OrderedSetExtensionAction, extension=ExtendedKeyUsage, help='The extendedKeyUsage extension, e.g. "serverAuth,clientAuth".', ) group.add_argument( "--tls-feature", metavar="VALUES", action=actions.OrderedSetExtensionAction, extension=TLSFeature, help="TLS Feature extensions.", )
def create_parser(self, prog_name, subcommand): parser = CommandParser(self, prog="%s %s" % (os.path.basename(prog_name), subcommand), description=u'API文档辅助生成脚本.', add_help=False) parser.set_defaults( **{ 'verbosity': 1, 'pythonpath': None, 'traceback': None, 'no_color': False, 'settings': None }) parser._positionals = parser.add_argument_group(u'位置参数') parser._optionals = parser.add_argument_group(u'关键字参数') parser.add_argument( 'ref', nargs='?', help=u'引用的对象(eg. oeauth.User, commons.login, users)') parser.add_argument('-t', dest='target', help=u'请求的URL的对象(eg. users)') parser.add_argument('-p', dest='prefix', help=u'请求的URL的前缀(eg. auth)') parser.add_argument( '-m', dest='mode', default='ILRCUAD', help=u'包含的模式(Info/Create/List/Get/Update/Delete, eg. iclruad)') parser.add_argument('-o', dest='output', help=u'保存文件名(allinone模式)') parser.add_argument('-u', '--update', dest='update', action='store_true', default=False, help=u'覆盖已经存在的文件(默认不覆盖)') parser.add_argument('-i', '--interactive', dest='interactive', action='store_true', default=False, help=u'覆盖前询问(默认不询问)') parser.add_argument('-s', '--sign', dest='sign', action='store_true', default=False, help=u'添加文档签名(默认不添加)') parser.add_argument('-a', '--allinone', dest='allinone', action='store_true', default=False, help=u'合并到单个rst文件中(默认不合并)') parser.add_argument('-f', '--form-request', dest='form_request', action='store_true', default=False, help=u'表单请求方式(URL请求只包含GET/POST)') parser.add_argument('-h', '--help', action='help', help=u'显示帮助信息') self.parser = parser return parser
def add_arguments(self, parser: CommandParser) -> None: self.add_general_args(parser) self.add_algorithm(parser) self.add_key_type(parser) self.add_key_size(parser) self.add_ecc_curve(parser) parser.add_argument( "--expires", metavar="DAYS", action=ExpiresAction, default=timedelta(365 * 10), help="CA certificate expires in DAYS days (default: %(default)s).", ) self.add_ca( parser, "--parent", no_default=True, help_text= "Make the CA an intermediate CA of the named CA. By default, this is a new root CA.", ) parser.add_argument("name", help="Human-readable name of the CA") self.add_subject( parser, help_text= """The subject of the CA in the format "/key1=value1/key2=value2/...", valid keys are %s. If "CN" is not set, the name is used.""" % self.valid_subject_keys, ) self.add_password( parser, help_text= "Optional password used to encrypt the private key. If no argument is passed, " "you will be prompted.", ) parser.add_argument( "--path", type=pathlib.PurePath, help= "Path where to store Certificate Authorities (relative to CA_DIR).", ) parser.add_argument( "--parent-password", nargs="?", action=PasswordAction, metavar="PASSWORD", prompt="Password for parent CA: ", help="Password for the private key of any parent CA.", ) group = parser.add_argument_group( "Default hostname", "The default hostname is used to compute default URLs for services like OCSP. The hostname is " "usually configured in your settings (current setting: %s), but you can override that value " "here. The value must be just the hostname and optionally a port, *without* a protocol, e.g. " '"ca.example.com" or "ca.example.com:8000".' % ca_settings.CA_DEFAULT_HOSTNAME, ) group = group.add_mutually_exclusive_group() group.add_argument( "--default-hostname", metavar="HOSTNAME", help= "Override the the default hostname configured in your settings.", ) group.add_argument( "--no-default-hostname", dest="default_hostname", action="store_false", help="Disable any default hostname configured in your settings.", ) self.add_acme_group(parser) group = parser.add_argument_group( "pathlen attribute", """Maximum number of CAs that can appear below this one. A pathlen of zero (the default) means it can only be used to sign end user certificates and not further CAs.""", ) group = group.add_mutually_exclusive_group() group.add_argument( "--pathlen", default=0, type=int, help="Maximum number of sublevel CAs (default: %(default)s).") group.add_argument( "--no-pathlen", action="store_const", const=None, dest="pathlen", help="Do not add a pathlen attribute.", ) group = parser.add_argument_group( "X509 v3 certificate extensions for CA", """Extensions added to the certificate authority itself. These options cannot be changed without creating a new authority.""", ) group.add_argument( "--ca-crl-url", action=MultipleURLAction, help= "URL to a certificate revokation list. Can be given multiple times.", ) group.add_argument("--ca-ocsp-url", metavar="URL", action=URLAction, help="URL of an OCSP responder.") group.add_argument( "--ca-issuer-url", metavar="URL", action=URLAction, help="URL to the certificate of your CA (in DER format).", ) nc_group = parser.add_argument_group( "Name Constraints", "Add name constraints to the CA, limiting what certificates this CA can sign." ) nc_group.add_argument( "--permit-name", metavar="NAME", action="append", default=[], help="Add the given name to the permitted-subtree.", ) nc_group.add_argument( "--exclude-name", metavar="NAME", action="append", default=[], help="Add the given name to the excluded-subtree.", ) self.add_ca_args(parser)