1
0
mirror of https://github.com/moepman/acertmgr.git synced 2025-01-04 02:35:23 +01:00

authority.v1: remove hardcoded agreement data

This commit is contained in:
Kishi85 2019-02-23 17:52:07 +01:00
parent 3562a6a5a3
commit 8e0639f62c
4 changed files with 22 additions and 6 deletions

View File

@ -42,7 +42,7 @@ def create_authority(settings):
authority_module = importlib.import_module("acertmgr.authority.{0}".format(settings["api"])) authority_module = importlib.import_module("acertmgr.authority.{0}".format(settings["api"]))
authority_class = getattr(authority_module, "ACMEAuthority") authority_class = getattr(authority_module, "ACMEAuthority")
return authority_class(settings['authority'], acc_key) return authority_class(settings, acc_key)
# @brief create a challenge handler for the given configuration # @brief create a challenge handler for the given configuration

View File

@ -9,11 +9,11 @@
class ACMEAuthority: class ACMEAuthority:
# @brief Init class with config # @brief Init class with config
# @param ca Certificate authority uri # @param config Configuration data
# @param account_key Account key file # @param key Account key data
def __init__(self, ca, key): def __init__(self, config, key):
self.ca = ca
self.key = key self.key = key
self.config = config
# @brief register an account over ACME # @brief register an account over ACME
# @param account_key the account key to register # @param account_key the account key to register

View File

@ -29,6 +29,14 @@ from acertmgr.authority.acme import ACMEAuthority as AbstractACMEAuthority
class ACMEAuthority(AbstractACMEAuthority): class ACMEAuthority(AbstractACMEAuthority):
# @brief Init class with config
# @param config Configuration data
# @param key Account key data
def __init__(self, config, key):
AbstractACMEAuthority.__init__(self, config, key)
self.ca = config['authority']
self.agreement = config['authority_agreement']
# @brief create the header information for ACME communication # @brief create the header information for ACME communication
# @param key the account key # @param key the account key
# @return the header for ACME # @return the header for ACME
@ -74,7 +82,7 @@ class ACMEAuthority(AbstractACMEAuthority):
header = self._prepare_header() header = self._prepare_header()
code, result = self._send_signed(self.ca + "/acme/new-reg", header, { code, result = self._send_signed(self.ca + "/acme/new-reg", header, {
"resource": "new-reg", "resource": "new-reg",
"agreement": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "agreement": self.agreement,
}) })
if code == 201: if code == 201:
print("Registered!") print("Registered!")

View File

@ -24,6 +24,7 @@ DEFAULT_KEY_LENGTH = 4096 # bits
DEFAULT_TTL = 15 # days DEFAULT_TTL = 15 # days
DEFAULT_API = "v1" DEFAULT_API = "v1"
DEFAULT_AUTHORITY = "https://acme-v01.api.letsencrypt.org" DEFAULT_AUTHORITY = "https://acme-v01.api.letsencrypt.org"
DEFAULT_AUTHORITY_AGREEMENT = "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf"
# @brief augment configuration with defaults # @brief augment configuration with defaults
@ -69,6 +70,13 @@ def parse_config_entry(entry, globalconfig, work_dir):
else: else:
config['authority'] = globalconfig.get('authority', DEFAULT_AUTHORITY) config['authority'] = globalconfig.get('authority', DEFAULT_AUTHORITY)
# Certificate authority agreement
authority_agreements = [x for x in entry if 'authority_agreement' in x]
if len(authority_agreements) > 0:
config['authority_agreement'] = authority_agreements[0]
else:
config['authority_agreement'] = globalconfig.get('authority_agreement', DEFAULT_AUTHORITY_AGREEMENT)
# Account key # Account key
acc_keys = [x for x in entry if 'account_key' in x] acc_keys = [x for x in entry if 'account_key' in x]
if len(acc_keys) > 0: if len(acc_keys) > 0: