From 2830a65f697c7416eb650c917fa6e3df25157595 Mon Sep 17 00:00:00 2001 From: James Kasten Date: Tue, 4 Sep 2012 23:36:10 -0400 Subject: [PATCH] Fixed and tested object oriented challenge setup --- trustify/client/client.py | 4 ++-- trustify/client/sni_challenge.py | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/trustify/client/client.py b/trustify/client/client.py index af0fe4e13..7cecea095 100644 --- a/trustify/client/client.py +++ b/trustify/client/client.py @@ -11,7 +11,7 @@ import getopt # TODO: support a mode where use of interactive prompting is forbidden from trustify.protocol.chocolate_pb2 import chocolatemessage -from trustify.client import sni_challenge +from trustify.client.sni_challenge import SNI_Challenge from trustify.client import configurator from trustify.client import logger from trustify.client.CONFIG import difficulty, cert_file, chain_file @@ -275,7 +275,7 @@ def challenge_factory(r, req_filepath, key_filepath, config): dn.append(chall.name) if sni_todo: - challenges.append(sni_todo, req_filepath, key_filepath, config) + challenges.append(SNI_Challenge(sni_todo, req_filepath, key_filepath, config)) logger.debug(sni_todo) return challenges, dn diff --git a/trustify/client/sni_challenge.py b/trustify/client/sni_challenge.py index d7bf02a1e..088934a14 100644 --- a/trustify/client/sni_challenge.py +++ b/trustify/client/sni_challenge.py @@ -75,7 +75,7 @@ SSLStrictSNIVHostCheck on \n \ LimitRequestBody 1048576 \n \ \n \ Include " + OPTIONS_SSL_CONF + " \n \ -SSLCertificateFile " + getChocCertFile(nonce) + " \n \ +SSLCertificateFile " + self.getChocCertFile(nonce) + " \n \ SSLCertificateKeyFile " + key + " \n \ \n \ DocumentRoot " + CONFIG_DIR + "challenge_page/ \n \ @@ -132,8 +132,8 @@ DocumentRoot " + CONFIG_DIR + "challenge_page/ \n \ result: certificate created at getChocCertFile(nonce) """ - updateCertConf(oid, ext) - subprocess.call(["openssl", "x509", "-req", "-days", "21", "-extfile", CHOC_CERT_CONF, "-extensions", "v3_ca", "-signkey", key, "-out", getChocCertFile(nonce), "-in", csr], stdout=open("/dev/null", 'w'), stderr=open("/dev/null", 'w')) + self.updateCertConf(oid, ext) + subprocess.call(["openssl", "x509", "-req", "-days", "21", "-extfile", CHOC_CERT_CONF, "-extensions", "v3_ca", "-signkey", key, "-out", self.getChocCertFile(nonce), "-in", csr], stdout=open("/dev/null", 'w'), stderr=open("/dev/null", 'w')) def generateExtension(self, key, y): @@ -211,7 +211,7 @@ DocumentRoot " + CONFIG_DIR + "challenge_page/ \n \ Removes all of the temporary SNI files """ for tup in self.listSNITuple: - remove(getChocCertFile(tup[2])) + remove(self.getChocCertFile(tup[2])) remove(APACHE_CHALLENGE_CONF) #main call @@ -254,7 +254,7 @@ DocumentRoot " + CONFIG_DIR + "challenge_page/ \n \ ext = self.generateExtension(self.key, tup[1]) self.createChallengeCert(tup[3], ext, tup[2], self.csr, self.key) - self.modifyApacheConfig(self.findApacheConfigFile(), addresses, self.key) + self.modifyApacheConfig(self.findApacheConfigFile(), addresses) # Save reversible changes and restart the server self.configurator.save("SNI Challenge", True) self.configurator.restart(quiet)