Browse Source

fixed multiple bugs with cert operations

master 3.7.1.1
idziubenko 10 months ago
parent
commit
0e890e2a34
  1. 1
      bin/cl-consoled
  2. 4
      pym/console/application/cert_func.py
  3. 26
      pym/console/application/cert_verify.py
  4. 4
      pym/console/application/client_class.py

1
bin/cl-consoled

@ -15,7 +15,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
from __future__ import print_function
from importlib import reload
import socket
import sys, pwd, os

4
pym/console/application/cert_func.py

@ -305,8 +305,8 @@ def client_get_cert(cert_path, args):
(OpenSSL.SSL.FILETYPE_PEM, ca_root)
Issuer = certobj.get_issuer().get_components()
for item in Issuer:
if item[0] == 'CN':
filename = item[1]
if item[0] == b'CN':
filename = item[1].decode("UTF-8")
fc = open(root_cert_md5, "a")
fc.write('%s %s\n' % (md5sum, filename))

26
pym/console/application/cert_verify.py

@ -45,10 +45,10 @@ def verify(server_cert, crl_path, flag):
Issuer = certobj.get_issuer().get_components()
CN, L = None, None
for i in Issuer:
if i[0] == 'CN':
CN = i[1]
elif i[0] == 'L':
L = i[1]
if i[0] == b'CN':
CN = i[1].decode("UTF-8")
elif i[0] == b'L':
L = i[1].decode("UTF-8")
if CN and len(CN) > 2:
crl_file = crl_path + CN
@ -83,8 +83,8 @@ def verify(server_cert, crl_path, flag):
for rvk in revoked_objects:
if serverSerial == int(rvk.get_serial(), 16):
print(_("This certificate has been revoked!"))
print(_("Serial") + _(': %s\n') % rvk.get_serial() + _(
"Revoke date") + _(': %s') % rvk.get_rev_date())
print(_("Serial") + _(': %s\n') % rvk.get_serial().decode("UTF-8") + _(
"Revoke date") + _(': %s') % rvk.get_rev_date().decode("UTF-8"))
raise VerifyError('CRL Exception')
return 0
@ -145,10 +145,10 @@ def get_CRL(path_to_cert):
Subject = certobj.get_subject().get_components()
last_subj = ""
for subj in Subject:
if subj[0] == 'L':
url = "https://" + subj[1] + "/?wsdl"
if subj[0] == 'CN':
CN = subj[1]
if subj[0] == b'L':
url = "https://" + subj[1].decode("UTF-8") + "/?wsdl"
if subj[0] == b'CN':
CN = subj[1].decode("UTF-8")
last_subj = subj
if url:
@ -175,7 +175,7 @@ def get_CRL(path_to_cert):
if CN and len(CN) > 2:
CRL_file = CRL_path + CN
else:
host = last_subj[1].split(':')[0]
host = last_subj[1].split(b':')[0].decode("UTF-8")
CRL_file = CRL_path + host
if new_crl == ' ':
open(CRL_file, 'w').close()
@ -200,8 +200,8 @@ def find_ca_in_crl(CRL_path, all_ca_certs_list):
Issuer = certobj.get_issuer().get_components()
CN = ""
for item in Issuer:
if item[0] == 'CN':
CN = item[1]
if item[0] == b'CN':
CN = item[1].decode("UTF-8")
serverSerial = certobj.get_serial_number()
CRL = CRL_path + CN
if not os.path.exists(CRL):

4
pym/console/application/client_class.py

@ -259,8 +259,8 @@ class CheckingClientHTTPSConnection(httplib.HTTPSConnection):
OpenSSL.SSL.FILETYPE_PEM, cert)
Issuer = certobj.get_issuer().get_components()
for item in Issuer:
if item[0] == 'CN':
filename = item[1]
if item[0] == b'CN':
filename = item[1].decode("UTF-8")
fc = open(root_cert_md5, "a")
fc.write('%s %s\n' % (md5sum, filename))

Loading…
Cancel
Save