示例#1
0
 def wrapped(id):
     err=authenticated(groups)
     if err: return err
     path=ca._incoming+'/'+request.path.split('/')[3]
     print "certifying", path
     cert=ca.signcsr(load(path))
     mailsigned([cert])
     os.unlink(path)
     return redirect('/tlsauth/csrs/')
示例#2
0
 def wrapped(id):
     err = authenticated(groups)
     if err: return err
     path = ca._incoming + '/' + request.path.split('/')[3]
     print "certifying", path
     cert = ca.signcsr(load(path))
     mailsigned([cert])
     os.unlink(path)
     return redirect('/tlsauth/csrs/')
示例#3
0
def certify(request, id):
    """ provides facility for users belonging to `groups` to sign incoming CSRs
    """
    err = authenticated(request, settings.TLS_ADMINGROUPS)
    if err:
        return err
    path = settings.TLS_CA._incoming + "/" + request.path.split("/")[3]
    print "certifying", path
    cert = settings.TLS_CA.signcsr(load(path))
    mailsigned([cert])
    os.unlink(path)
    return HttpResponseRedirect("/tlsauth/csrs/")
示例#4
0
文件: stash.py 项目: stef/stash
 def accept(self):
     """ provides facility for users belonging to `groups` to sign incoming CSRs
     """
     email=authorized(self.environ, CONFIG['admins'])
     if not email:
         return _404(self.environ, self.resp)
     path=self.ca._incoming+'/'+self.environ.get('REQUEST_URI').split('/')[3]
     print "certifying", path
     cert=self.ca.signcsr(load(path))
     mailsigned([cert])
     os.unlink(path)
     status = '302 Found'
     response_headers = [('Location', '/settings/requests')]
     self.resp(status, response_headers)
     return []
示例#5
0
 def accept(self):
     """ provides facility for users belonging to `groups` to sign incoming CSRs
     """
     email = authorized(self.environ, CONFIG['admins'])
     if not email:
         return _404(self.environ, self.resp)
     path = self.ca._incoming + '/' + self.environ.get('REQUEST_URI').split(
         '/')[3]
     print "certifying", path
     cert = self.ca.signcsr(load(path))
     mailsigned([cert])
     os.unlink(path)
     status = '302 Found'
     response_headers = [('Location', '/settings/requests')]
     self.resp(status, response_headers)
     return []
示例#6
0
#     "Have fun and respect",
#     {'emailAddress': '*****@*****.**', 'CN': 's', 'O': 'ctrlc'},
#     ca.dn,
#     ext='p12')

# this is the correct - but less automagic - procedure
sec, pub, csr = genkeycsr('joe', '*****@*****.**', 'ACME Inc.')

# send csr to CA,
ca.submit(csr)

# who the after diligent inspection either does
cert = ca.signcsr(csr)
print cert
# or bulk processes multiple incoming CSRs
certs = ca.signincoming()
#print certs
mailsigned(certs)

# or uses the supplied signcert.sh script. The CA sends the resulting cert

# ...back to the user who after calling
pkcs12(sec, cert, ca._pub)
print "dropped good pkcs12 cert"

# imports both the result and ca._pub.
# and stores sec, cert away in a # safe offline location.

if os.path.exists('test-ca'):
    shutil.rmtree('test-ca')
示例#7
0
文件: test.py 项目: kylekoza/tlsauth
#     "copy and delete this mail and other copies containing it.\n\n" \
#     "Have fun and respect",
#     {'emailAddress': '*****@*****.**', 'CN': 's', 'O': 'ctrlc'},
#     ca.dn,
#     ext='p12')

# this is the correct - but less automagic - procedure
sec, pub, csr = genkeycsr('joe', '*****@*****.**', 'ACME Inc.')

# send csr to CA,
ca.submit(csr)

# who the after diligent inspection either does
cert=ca.signcsr(csr)
print cert
# or bulk processes multiple incoming CSRs
certs=ca.signincoming()
#print certs
mailsigned(certs)

# or uses the supplied signcert.sh script. The CA sends the resulting cert

# ...back to the user who after calling
pkcs12(sec,cert,ca._pub)
print "dropped good pkcs12 cert"

# imports both the result and ca._pub.
# and stores sec, cert away in a # safe offline location.

if os.path.exists('test-ca'): shutil.rmtree('test-ca')