authority.v1: remove hardcoded agreement data

2024-12-29 09:21:51 +01:00 · 2019-02-23 17:52:07 +01:00 · 2019-02-23 17:52:07 +01:00 · 8e0639f62c
commit 8e0639f62c
parent 3562a6a5a3
4 changed files with 22 additions and 6 deletions
--- a/acertmgr/init.py
+++ b/acertmgr/init.py
@ -42,7 +42,7 @@ def create_authority(settings):

    authority_module = importlib.import_module("acertmgr.authority.{0}".format(settings["api"]))
    authority_class = getattr(authority_module, "ACMEAuthority")
-    return authority_class(settings['authority'], acc_key)
+    return authority_class(settings, acc_key)


 # @brief create a challenge handler for the given configuration
--- a/acertmgr/authority/acme.py
+++ b/acertmgr/authority/acme.py
@ -9,11 +9,11 @@

 class ACMEAuthority:
    # @brief Init class with config
-    # @param ca Certificate authority uri
-    # @param account_key Account key file
-    def __init__(self, ca, key):
-        self.ca = ca
+    # @param config Configuration data
+    # @param key Account key data
+    def __init__(self, config, key):
        self.key = key
+        self.config = config

    # @brief register an account over ACME
    # @param account_key the account key to register
--- a/acertmgr/authority/v1.py
+++ b/acertmgr/authority/v1.py
@ -29,6 +29,14 @@ from acertmgr.authority.acme import ACMEAuthority as AbstractACMEAuthority


 class ACMEAuthority(AbstractACMEAuthority):
+    # @brief Init class with config
+    # @param config Configuration data
+    # @param key Account key data
+    def __init__(self, config, key):
+        AbstractACMEAuthority.__init__(self, config, key)
+        self.ca = config['authority']
+        self.agreement = config['authority_agreement']
+
    # @brief create the header information for ACME communication
    # @param key the account key
    # @return the header for ACME
@ -74,7 +82,7 @@ class ACMEAuthority(AbstractACMEAuthority):
        header = self._prepare_header()
        code, result = self._send_signed(self.ca + "/acme/new-reg", header, {
            "resource": "new-reg",
-            "agreement": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
+            "agreement": self.agreement,
        })
        if code == 201:
            print("Registered!")
--- a/acertmgr/configuration.py
+++ b/acertmgr/configuration.py
@ -24,6 +24,7 @@ DEFAULT_KEY_LENGTH = 4096  # bits
 DEFAULT_TTL = 15  # days
 DEFAULT_API = "v1"
 DEFAULT_AUTHORITY = "https://acme-v01.api.letsencrypt.org"
+DEFAULT_AUTHORITY_AGREEMENT = "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf"


 # @brief augment configuration with defaults
@ -69,6 +70,13 @@ def parse_config_entry(entry, globalconfig, work_dir):
    else:
        config['authority'] = globalconfig.get('authority', DEFAULT_AUTHORITY)

+    # Certificate authority agreement
+    authority_agreements = [x for x in entry if 'authority_agreement' in x]
+    if len(authority_agreements) > 0:
+        config['authority_agreement'] = authority_agreements[0]
+    else:
+        config['authority_agreement'] = globalconfig.get('authority_agreement', DEFAULT_AUTHORITY_AGREEMENT)
+
    # Account key
    acc_keys = [x for x in entry if 'account_key' in x]
    if len(acc_keys) > 0: