equal
deleted
inserted
replaced
91 |
91 |
92 def sign_user (self, user, spkac, userinfo=None) : |
92 def sign_user (self, user, spkac, userinfo=None) : |
93 """ |
93 """ |
94 Sign given spkac string (base64-encoded) for given user. |
94 Sign given spkac string (base64-encoded) for given user. |
95 |
95 |
96 Returns path to the signed cert. |
96 Returns a name for the signed cert. |
97 """ |
97 """ |
98 |
98 |
99 if not set(user).issubset(self.VALID_USER) : |
99 if not set(user).issubset(self.VALID_USER) : |
100 raise Error("Invalid username: {user}".format(user=user)) |
100 raise Error("Invalid username: {user}".format(user=user)) |
101 |
101 |
117 self.write_spkac(os.path.join(dir, name) + '.spkac', spkac, self.generate_dn(user, userinfo)) |
117 self.write_spkac(os.path.join(dir, name) + '.spkac', spkac, self.generate_dn(user, userinfo)) |
118 |
118 |
119 # sign it |
119 # sign it |
120 if os.path.exists(cert_file) : |
120 if os.path.exists(cert_file) : |
121 log.warning("cert already exists: %s", cert_file) |
121 log.warning("cert already exists: %s", cert_file) |
122 return cert_file |
122 return name |
123 |
123 |
124 if os.path.exists(tmp_file) : |
124 if os.path.exists(tmp_file) : |
125 log.warning("cleaning out previous tmp file: %s", tmp_file) |
125 log.warning("cleaning out previous tmp file: %s", tmp_file) |
126 os.unlink(tmp_file) |
126 os.unlink(tmp_file) |
127 |
127 |
129 self.sign_spkac(tmp_file, spkac_file) |
129 self.sign_spkac(tmp_file, spkac_file) |
130 |
130 |
131 log.debug("%s: rename %s -> %s", user, tmp_file, cert_file) |
131 log.debug("%s: rename %s -> %s", user, tmp_file, cert_file) |
132 os.rename(tmp_file, cert_file) |
132 os.rename(tmp_file, cert_file) |
133 |
133 |
134 return cert_file |
134 return name |
|
135 |
|
136 def open_cert (self, user, name) : |
|
137 """ |
|
138 Return an opened cert file by username / cert name. |
|
139 """ |
|
140 |
|
141 if not set(user).issubset(self.VALID_USER) : |
|
142 raise Error("Invalid username: {user}".format(user=user)) |
|
143 |
|
144 path = os.path.join(self.users, user, name) |
|
145 |
|
146 if not os.path.exists(path) : |
|
147 raise Error("No cert found on server") |
|
148 |
|
149 return open(path) |