mirror of
https://github.com/moepman/acertmgr.git
synced 2025-01-01 02:11:51 +01:00
configuration: Simplify too complex IDNA conversion
This commit is contained in:
parent
e2f7b09b18
commit
460b0119ac
@ -12,7 +12,7 @@ Requirements
|
|||||||
------------
|
------------
|
||||||
|
|
||||||
* Python (2.7+ and 3.5+ should work)
|
* Python (2.7+ and 3.5+ should work)
|
||||||
* cryptography>=2.1 (older versions break idna handling)
|
* cryptography>=0.6
|
||||||
|
|
||||||
Optional requirements (to use specified features)
|
Optional requirements (to use specified features)
|
||||||
------------------------------------------------------
|
------------------------------------------------------
|
||||||
|
@ -90,9 +90,14 @@ def parse_config_entry(entry, globalconfig, runtimeconfig):
|
|||||||
config['id'] = hashlib.md5(domains.encode('utf-8')).hexdigest()
|
config['id'] = hashlib.md5(domains.encode('utf-8')).hexdigest()
|
||||||
|
|
||||||
# Convert unicode to IDNA domains
|
# Convert unicode to IDNA domains
|
||||||
config['domaintranslation'] = idna_convert(config['domainlist'])
|
config['domainlist_idna_mapped'] = {}
|
||||||
if len(config['domaintranslation']) > 0:
|
for idx in range(0, len(config['domainlist'])):
|
||||||
config['domainlist'] = [x for x, _ in config['domaintranslation']]
|
if any(ord(c) >= 128 for c in config['domainlist'][idx]):
|
||||||
|
domain_human = config['domainlist'][idx]
|
||||||
|
domain_idna = idna_convert(domain_human)
|
||||||
|
if domain_idna != domain_human:
|
||||||
|
config['domainlist'][idx] = domain_idna # Update domain with idna counterpart
|
||||||
|
config['domainlist_idna_mapped'][domain_idna] = domain_human # Store original domain for reference
|
||||||
|
|
||||||
# Action config defaults
|
# Action config defaults
|
||||||
config['defaults'] = globalconfig.get('defaults', {})
|
config['defaults'] = globalconfig.get('defaults', {})
|
||||||
@ -162,8 +167,8 @@ def parse_config_entry(entry, globalconfig, runtimeconfig):
|
|||||||
cfg.update(genericfgs[0])
|
cfg.update(genericfgs[0])
|
||||||
|
|
||||||
# Update handler config with more specific values (use original names for translated unicode domains)
|
# Update handler config with more specific values (use original names for translated unicode domains)
|
||||||
_domain = _domaintranslation_dict.get(domain, domain)
|
specificcfgs = [x for x in handlerconfigs if
|
||||||
specificcfgs = [x for x in handlerconfigs if 'domain' in x and x['domain'] == _domain]
|
'domain' in x and x['domain'] == config['domainlist_idna_mapped'].get(domain, domain)]
|
||||||
if len(specificcfgs) > 0:
|
if len(specificcfgs) > 0:
|
||||||
cfg.update(specificcfgs[0])
|
cfg.update(specificcfgs[0])
|
||||||
|
|
||||||
|
@ -384,26 +384,19 @@ def target_is_current(target, file):
|
|||||||
return target_date >= crt_date
|
return target_date >= crt_date
|
||||||
|
|
||||||
|
|
||||||
# @brief convert domain list to idna representation (if applicable
|
# @brief convert domain to idna representation (if applicable
|
||||||
def idna_convert(domainlist):
|
def idna_convert(domain):
|
||||||
if any(ord(c) >= 128 for c in ''.join(domainlist)):
|
try:
|
||||||
try:
|
if any(ord(c) >= 128 for c in domain):
|
||||||
domaintranslation = list()
|
# Translate IDNA domain name from a unicode domain (handle wildcards separately)
|
||||||
for domain in domainlist:
|
if domain.startswith('*.'):
|
||||||
if any(ord(c) >= 128 for c in domain):
|
idna_domain = "*.{}".format(domain[2:].encode('idna').decode('ascii'))
|
||||||
# Translate IDNA domain name from a unicode domain (handle wildcards separately)
|
else:
|
||||||
if domain.startswith('*.'):
|
idna_domain = domain.encode('idna').decode('ascii')
|
||||||
idna_domain = "*.{}".format(domain[2:].encode('idna').decode('ascii'))
|
return idna_domain
|
||||||
else:
|
except Exception as e:
|
||||||
idna_domain = domain.encode('idna').decode('ascii')
|
log("Unicode domain(s) found but IDNA names could not be translated due to error: {}".format(e), error=True)
|
||||||
result = idna_domain, domain
|
return domain
|
||||||
else:
|
|
||||||
result = domain, domain
|
|
||||||
domaintranslation.append(result)
|
|
||||||
return domaintranslation
|
|
||||||
except Exception as e:
|
|
||||||
log("Unicode domain(s) found but IDNA names could not be translated due to error: {}".format(e), error=True)
|
|
||||||
return [(x, x) for x in domainlist]
|
|
||||||
|
|
||||||
|
|
||||||
# @brief validate the OCSP status for a given certificate by the given issuer
|
# @brief validate the OCSP status for a given certificate by the given issuer
|
||||||
|
Loading…
Reference in New Issue
Block a user