calculate
/
calculate-utils-3-console
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

TG-290

Browse Source 
Добавлен "--cert-passwd" флаг для ввода пароля rsa
master 3.7.3.1
root 11 months ago
parent edba820db9
commit b60bca77fe
3 changed files with 25 additions and 8 deletions
Show Stats Download Patch File Download Diff File

23
pym/console/application/cl_client.py
Unescape View File

@ -128,12 +128,25 @@ def connect_with_cert(cert, path_to_cert, url, args, wait_thread, clVarsCore,
return None, 1, crypto_Error, False, None
client = None
bio = M2Crypto.BIO.openfile(CERT_KEY)
rsa = M2Crypto.m2.rsa_read_key(bio._ptr(), lambda *unused: "")
rsa_password = args.cert_passwd or ""
with open(CERT_KEY) as inf:
if 'ENCRYPTED' in inf.readline():
if not args.cert_passwd:
Connect_Error = 1
return None, 1, crypto_Error, False, _("RSA key contain ENCRYPTED. Use '--cert-passwd' to provide password")
try:
bio = M2Crypto.BIO.openfile(CERT_KEY)
rsa = M2Crypto.m2.rsa_read_key(bio._ptr(), lambda *unused: bytes(rsa_password, 'utf-8'))
except SystemError as e:
Connect_Error = 1
return None, 1, crypto_Error, False, _("Failed to read rsa key")
store_passwd = None
if not rsa:
port = args.port or clVarsCore.Get('core.cl_core_port')
store_passwd = get_password_from_daemon(args.host, port, wait_thread)
try:
port = args.port or clVarsCore.Get('core.cl_core_port')
store_passwd = get_password_from_daemon(args.host, port, wait_thread)
except TypeError:
return None, 1, crypto_Error, False, _("Failed to get password from daemon or provided password is incorrect")
key_passwd = store_passwd
er = None
try:
@ -141,7 +154,7 @@ def connect_with_cert(cert, path_to_cert, url, args, wait_thread, clVarsCore,
client = Client_suds(
url, transport=HTTPSClientCertTransport(
CERT_KEY, CERT_FILE, path_to_cert, password=key_passwd,
ca_certs=ca_certs, wait_thread=wait_thread))
ca_certs=ca_certs, wait_thread=wait_thread, rsa_password=bytes(rsa_password, 'utf-8')))
if not wait_thread.is_alive():
wait_thread = StoppableThread()
flag_thread_start = True

7
pym/console/application/client_class.py
Unescape View File

@ -557,11 +557,12 @@ class HTTPSClientCertTransport(HttpTransport):
client_keyfile=None, client_certfile=None,
client_keyobj=None, client_certobj=None,
cookie_callback=None, user_agent_string=None,
wait_thread=None, **kwargs):
wait_thread=None, rsa_password=None, **kwargs):
Transport.__init__(self)
self.key = key
self.cert = cert
self.cert_path = path_to_cert
self.rsa_password = rsa_password or b""
if key:
with open(cert) as cert_file:
client_certobj = OpenSSL.crypto.load_certificate \
@ -574,12 +575,12 @@ class HTTPSClientCertTransport(HttpTransport):
else:
import M2Crypto
bio = M2Crypto.BIO.openfile(key)
rsa = M2Crypto.m2.rsa_read_key(bio._ptr(),lambda *unused: b"")
rsa = M2Crypto.m2.rsa_read_key(bio._ptr(),lambda *unused: self.rsa_password)
if not rsa:
raise OpenSSL.crypto.Error
with open(key) as key_file:
client_keyobj = OpenSSL.crypto.load_privatekey(OpenSSL.SSL.FILETYPE_PEM,
key_file.read())
key_file.read(), passphrase=self.rsa_password or None)
Unskin(self.options).update(kwargs)
self.cookiejar = CookieJar(DefaultCookiePolicy())

3
pym/console/application/methods_func.py
Unescape View File

@ -94,6 +94,9 @@ def parse():
'--stdin-passwords', action='store_true', default=False,
dest='stdin_passwd',
help=_("use passwords from standard input for users accounts"))
parser.add_argument(
'--cert-passwd', default=None, dest='cert_passwd',
help=_("password for rsa key"), metavar='PASSWORD')
return parser

Write Preview
Loading…
Cancel
Save