diff --git a/.gitignore b/.gitignore index 724bff929..e998b5d04 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ *.pyc -chocolate_protocol_pb2.py +trustify/protocol/chocolate_pb2.py m3 diff --git a/client-webserver/README b/client-webserver/README deleted file mode 100644 index 1d2051d52..000000000 --- a/client-webserver/README +++ /dev/null @@ -1,10 +0,0 @@ -In this directory are tools that will run on webservers for sysadmins to -automatically obtain their certs - - -Set CHOCOLATESERVER environment variable for client.py, or pass the server -name as a command line argument! - -client.py - experimental tool for making requests and parsing replies -configurator.py - edits Apache config files using Augeas -sni_challenge.py - sets up the Apache server for the DV SNI cert challenge \ No newline at end of file diff --git a/client-webserver/hashcash.py b/client-webserver/hashcash.py deleted file mode 120000 index 3335450d4..000000000 --- a/client-webserver/hashcash.py +++ /dev/null @@ -1 +0,0 @@ -../server-ca/hashcash.py \ No newline at end of file diff --git a/client.py b/client.py new file mode 100644 index 000000000..25e015025 --- /dev/null +++ b/client.py @@ -0,0 +1,6 @@ +#!/usr/bin/env python + +from trustify.client import client + +if __name__ == "__main__": + client.authenticate() diff --git a/server-ca/Makefile b/server-ca/Makefile index 2082e9556..df5b62f2a 100644 --- a/server-ca/Makefile +++ b/server-ca/Makefile @@ -4,9 +4,5 @@ # rsync -av --delete sni_challenge demoCA ${CHOCOLATESERVER}: # ssh ${CHOCOLATESERVER} make -C sni_challenge clean all -chocolate_protocol_pb2.py: chocolate_protocol.proto - protoc chocolate_protocol.proto --python_out=. - cp -p chocolate_protocol_pb2.py ../client-webserver/ - clean: rm -f *.pyc diff --git a/server-ca/chocolate.py b/server-ca/chocolate.py index 3e8e06f28..216980188 100755 --- a/server-ca/chocolate.py +++ b/server-ca/chocolate.py @@ -2,10 +2,10 @@ import web, redis, time, binascii, re, urllib2 import CSR -import hashcash +from trustify.protocol import hashcash from CSR import M2Crypto from Crypto import Random -from chocolate_protocol_pb2 import chocolatemessage +from trustify.protocol.chocolate_pb2 import chocolatemessage from google.protobuf.message import DecodeError from CONFIG import chocolate_server_name, min_keysize, difficulty, polldelay diff --git a/trustify/__init__.py b/trustify/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/client-webserver/.gitignore b/trustify/client/.gitignore similarity index 100% rename from client-webserver/.gitignore rename to trustify/client/.gitignore diff --git a/client-webserver/CONFIG.py b/trustify/client/CONFIG.py similarity index 100% rename from client-webserver/CONFIG.py rename to trustify/client/CONFIG.py diff --git a/trustify/client/__init__.py b/trustify/client/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/client-webserver/choc_cert_extensions.cnf b/trustify/client/choc_cert_extensions.cnf similarity index 100% rename from client-webserver/choc_cert_extensions.cnf rename to trustify/client/choc_cert_extensions.cnf diff --git a/client-webserver/client.py b/trustify/client/client.py similarity index 94% rename from client-webserver/client.py rename to trustify/client/client.py index 5c0f79cf0..9054b3d69 100755 --- a/client-webserver/client.py +++ b/trustify/client/client.py @@ -1,25 +1,19 @@ #!/usr/bin/env python -from chocolate_protocol_pb2 import chocolatemessage import M2Crypto # It is OK to use the upstream M2Crypto here instead of our modified # version. -import urllib2, os, grp, pwd, sys, time, random, sys, hashlib, subprocess +import urllib2 +import os, grp, pwd, sys, time, random, sys +import hashlib +import subprocess import getopt # TODO: support a mode where use of interactive prompting is forbidden -import sni_challenge -import configurator -#from trustify import sni_challenge -#from trustify import configurator - -# bits of hashcash to generate -from CONFIG import difficulty -#from trustify.CONFIG import difficulty - -#Trustify certificate and chain files -from CONFIG import cert_file, chain_file -#from trustify.CONFIG import cert_file, chain_file +from trustify.protocol.chocolate_pb2 import chocolatemessage +from trustify.client import sni_challenge +from trustify.client import configurator +from trustify.client.CONFIG import difficulty, cert_file, chain_file # it's weird to point to chocolate servers via raw IPv6 addresses, and such # addresses can be %SCARY in some contexts, so out of paranoia let's disable @@ -314,7 +308,4 @@ def authenticate(): print "Server reported failure." sys.exit(1) - # vim: set expandtab tabstop=4 shiftwidth=4 - -if __name__ == "__main__": - authenticate() +# vim: set expandtab tabstop=4 shiftwidth=4 diff --git a/client-webserver/configurator.py b/trustify/client/configurator.py similarity index 99% rename from client-webserver/configurator.py rename to trustify/client/configurator.py index e29e3305b..d77344890 100644 --- a/client-webserver/configurator.py +++ b/trustify/client/configurator.py @@ -5,8 +5,7 @@ import os import sys import socket -from CONFIG import SERVER_ROOT, CONFIG_DIR -#from trustify.CONFIG import SERVER_ROOT +from trustify.client.CONFIG import SERVER_ROOT class VH(object): def __init__(self, vh_path, vh_addrs): diff --git a/client-webserver/options-ssl.conf b/trustify/client/options-ssl.conf similarity index 100% rename from client-webserver/options-ssl.conf rename to trustify/client/options-ssl.conf diff --git a/client-webserver/sni_challenge.py b/trustify/client/sni_challenge.py similarity index 94% rename from client-webserver/sni_challenge.py rename to trustify/client/sni_challenge.py index 70b70dfe9..18da8b5cb 100644 --- a/client-webserver/sni_challenge.py +++ b/trustify/client/sni_challenge.py @@ -10,18 +10,11 @@ from os import remove, close, path import binascii import augeas -import configurator -#from trustify import configurator - -from CONFIG import CONFIG_DIR, WORK_DIR, SERVER_ROOT -from CONFIG import CHOC_CERT_CONF, OPTIONS_SSL_CONF, APACHE_CHALLENGE_CONF -from CONFIG import S_SIZE, NONCE_SIZE -#Once directory changes to trustify and becomes package -#from trustify.CONFIG import CONFIG_DIR, WORK_DIR, SERVER_ROOT -#from trustify.CONFIG import CHOC_CERT_CONF, OPTIONS_SSL_CONF -#from trustify.CONFIG import APACHE_CHALLENGE_CONF -#from trustify.CONFIG import S_SIZE, NONCE_SIZE +from trustify.client import configurator +from trustify.client.CONFIG import CONFIG_DIR, WORK_DIR, SERVER_ROOT +from trustify.client.CONFIG import CHOC_CERT_CONF, OPTIONS_SSL_CONF, APACHE_CHALLENGE_CONF +from trustify.client.CONFIG import S_SIZE, NONCE_SIZE def getChocCertFile(nonce): """ diff --git a/trustify/protocol/Makefile b/trustify/protocol/Makefile new file mode 100644 index 000000000..3eaaebd8e --- /dev/null +++ b/trustify/protocol/Makefile @@ -0,0 +1,7 @@ +proto = chocolate.proto + +$(proto:.proto=_pb2.py): $(proto) + protoc $^ --python_out=. + +clean: + rm -f *_pb2.py *_pb2.pyc diff --git a/trustify/protocol/__init__.py b/trustify/protocol/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/server-ca/chocolate_protocol.proto b/trustify/protocol/chocolate.proto similarity index 100% rename from server-ca/chocolate_protocol.proto rename to trustify/protocol/chocolate.proto diff --git a/server-ca/hashcash.py b/trustify/protocol/hashcash.py similarity index 100% rename from server-ca/hashcash.py rename to trustify/protocol/hashcash.py