Made quick changes to client to allow for deployment of cert on test servers

2026-06-06 07:12:54 -04:00 · 2012-07-30 18:19:40 -04:00 · 2012-07-30 18:19:40 -04:00 · 2c9629046a
commit 2c9629046a
parent de89d1fe63
2 changed files with 46 additions and 12 deletions
--- a/client-webserver/client.py
+++ b/client-webserver/client.py
@ -110,14 +110,26 @@ if r.failure.IsInitialized():
    sys.exit(1)

 sni_todo = []
+dn = []
 for chall in r.challenge:
    print chall
    if chall.type == r.DomainValidateSNI:
       dvsni_nonce, dvsni_y, dvsni_ext = chall.data
    sni_todo.append( (chall.name, dvsni_y, dvsni_nonce, dvsni_ext) )
+    dn.append(chall.name)
+    

 print sni_todo
 import sni_challenge
+import configurator
+
+config = Configurator()
+config.get_virtual_hosts()
+vhost = set()
+for name in dn:
+    host = config.choose_virtual_host(name)
+    if host is not None:
+        vhost.add(host)

 sni_challenge.perform_sni_cert_challenge(sni_todo, req_file, key_file)

@ -143,7 +155,10 @@ if r.success.IsInitialized():
        with open(chain_file, "w") as f:
            f.write(r.success.chain)
    print "Server issued certificate; certificate written to " + cert_file
-    if r.success.chain: print "Cert chain written to " + chain_file
+    if r.success.chain: 
+        print "Cert chain written to " + chain_file
+    for host in vhost:
+        config.deploy_cert(host, cert_file, chain_file, key_file)
 elif r.failure.IsInitialized():
    print "Server reported failure."
    sys.exit(1)
--- a/client-webserver/configurator.py
+++ b/client-webserver/configurator.py
@ -75,23 +75,37 @@ class Configurator(object):
                print "DEBUG - in ", vhost.path
                print "VirtualHost was not modified"
                # Presumably break here so that the virtualhost is not modified
-                return
-
-        # Testing printout
-        #for k in path.iterkeys():
-        #    print self.aug.get(path[k][0])
+                return False
            
        self.aug.set(path["cert_file"][0], cert)
        self.aug.set(path["cert_key"][0], key)
        if cert_chain is not None:
            self.aug.set(path["cert_chain"][0], cert_chain)
        
-        # Testing printout
-        #for k in path.iterkeys():
-        #    print "Changed: ", path[k][0]
-        #    print self.aug.get(path[k][0])
-        
-        self.aug.save()
+        try:
+            self.aug.save()
+        except IOError:
+            print "Unable to save config - Is the script running as root?"
+            return False
+        return True
+
+    def choose_virtual_host(self, name):
+        """
+        TODO: Finish this function correctly
+              This is currently just a very basic demo version
+        """
+        for v in self.vhosts:
+            for n in v.names:
+                # TODO: Or a converted FQDN address
+                if n == name:
+                    return v
+        for v in self.vhosts:
+            for a in v.addrs:
+                if a == "_default_:443":
+                    return v
+        return None
+                    
+                

    def add_servernames(self, host):
        """
@ -376,6 +390,11 @@ def main():
            print a, config.is_name_vhost(a)

    print config.make_server_sni_ready("example.com:443")
+    setHost = set()
+    setHost.add(config.choose_virtual_host("example.com"))
+    setHost.add(config.choose_virtual_host("example2.com"))
+    for s in setHost:
+        print s.path

    #for m in config.aug.match("/augeas/load/Httpd/incl"):
    #    print m, config.aug.get(m)