fix password in cert

core/client/cert_func.py

@@ -64,15 +64,11 @@ def client_post_cert (client):
 
 #Creation of secret key of the client
 def new_key_req(key, cert_path, server_host_name, auto = False):
-    from create_cert import generateRSAKey, makePKey, makeRequest,\
-                                    passphrase_callback
     rsa = generateRSAKey()
-    rsa.save_key(key+'_pub',\
-                        cipher=None, callback=passphrase_callback)
+    rsa.save_key(key+'_pub', cipher=None, callback=passphrase_callback)
     
     pkey = makePKey(rsa)
-    pkey.save_key(key,\
-                        cipher=None, callback=passphrase_callback)
+    pkey.save_key(key, cipher=None, callback=passphrase_callback)
     
     req = makeRequest(rsa, pkey, server_host_name, auto)
     crtreq = req.as_pem()

core/client/client_class.py

@@ -30,7 +30,7 @@ from suds.options import Options
 #import cert_func.verify
 
 flag = 0
-        
+
 class Client_suds(Client):
     def __init__(self, url, **kwargs):
         Client.__init__(self, url, **kwargs)

core/client/function.py

@@ -123,12 +123,11 @@ def create_obj(client, method_name):
     if not info:
         raise suds.MethodNotFound(method_name)
     type_op = info.binding.input.param_defs(info)[param][inf_param]
-    str_type = type_op.__getattribute__('type')[param_type]
+    str_type = type_op.type[param_type]
     
     # get prefix
-    str_ns = type_op.__getattribute__('type')[ns_type]
-    
-    client.wsdl.schema.root.normalizePrefixes()
+    str_ns = type_op.type[ns_type]
+    ##client.wsdl.schema.root.normalizePrefixes()
     nsprefix = sd.prefixes
     
     # Find a match prefix

core/server/baseClass.py

@@ -361,19 +361,6 @@ class Basic (DefinitionBase) :
     def active_client ( self, sid) :
         return self.active_clients (sid)
 
-    #@rpc(String, String, String, String, \
-                                #_returns = Array( String ))
-    #def post_client_request ( self, request, ip, mac, client_type) :
-        #import post_request, send_cert, writetodb
-        #num = post_request.serv_post_client_request (request, self.data_path,\
-                            #self.ssl_certificate, self.ssl_private_key)
-        #results = []
-        #temp = str(writetodb.writeToDb (num, ip, mac, client_type, \
-                                        #self.data_path, self.certbase))
-        #results.append (temp)
-        #results.append (send_cert.serv_send_cert (num, self.data_path))
-        #return results
-
     @rpc(String, String, String, String, _returns = String)
     def post_client_request ( self, request, ip, mac, client_type) :
         res = post_request.serv_post_client_request (request, self.data_path,\

core/server/bootstrap.py

@@ -151,15 +151,15 @@ def check_user_path(user_name):
         if not os.path.isdir(directory):
             if not makeDirectory(directory):
                 return None
-            os.chown(directory, pwdObj.pw_uid, pwdObj.pw_gid)
-            os.chmod(directory, 0755)
+        os.chown(directory, pwdObj.pw_uid, pwdObj.pw_gid)
+        os.chmod(directory, 0755)
 
     for path in os.walk(cert_dir):
         os.chown(path[0], pwdObj.pw_uid, pwdObj.pw_gid)
-        for file in path[2]:
-            os.chown('/'.join([path[0], file]),pwdObj.pw_uid,pwdObj.pw_gid)
-            os.chmod(directory, 0644)
-
+        for _file in path[2]:
+            if os.path.isfile(_file):
+                os.chown('/'.join([path[0], _file]),pwdObj.pw_uid,pwdObj.pw_gid)
+                os.chmod(directory, 0644)
     return cert_dir
 
 def create_request(server_cert, cert_path, data_path, certbase, \
@@ -262,8 +262,8 @@ def get_certificate(cert_path, data_path, certbase, client_cert_path,user_name):
         ca_dir = os.path.join(client_cert_path, 'ca')
         if not os.path.isdir(ca_dir):
             os.makedirs(ca_dir)
-            os.chown(ca_dir, pwdObj.pw_uid, pwdObj.pw_gid)
-            os.chmod(ca_dir, 0755)
+        os.chown(ca_dir, pwdObj.pw_uid, pwdObj.pw_gid)
+        os.chmod(ca_dir, 0755)
         root_cert_md5 = os.path.join(ca_dir, "cert_list")
 
         md5 = hashlib.md5()

core/server/cert_cmd.py

@@ -114,12 +114,12 @@ def check_server_certificate(cert, key, cert_path, args, port, auto = False):
 
         # Generating public key
         rsa = generateRSAKey()
-        rsa.save_key(cert_path+'/root.key'+'_pub', \
+        rsa.save_key(cert_path+'/root.key'+'_pub', cipher = None, \
                      callback=passphrase_callback)
 
         # Generating private key
         pkey = makePKey(rsa)
-        pkey.save_key(cert_path+'/root.key', \
+        pkey.save_key(cert_path+'/root.key', cipher = None, \
                       callback=passphrase_callback)
 
         # Generating request

core/server/cl_server.py

@@ -40,25 +40,9 @@ class OpenSSLAdapter (pyOpenSSLAdapter):
     def verify_func(self, connection, x509, errnum, errdepth, ok):
         # get client certificate
         curThread = threading.currentThread()
-        #print '#######################',errdepth,'####################################'
-        #if not OpenSSL.crypto.dump_certificate \
-                        #(OpenSSL.crypto.FILETYPE_PEM, x509) in self.ca_certs:
-            #print '!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!'
-            #return 0
         if errdepth == 0:
             curThread.client_cert = OpenSSL.crypto.dump_certificate \
                                         (OpenSSL.crypto.FILETYPE_PEM, x509)
-            #cert = OpenSSL.crypto.load_certificate(OpenSSL.SSL.FILETYPE_PEM,
-                                                #curThread.client_cert)
-            #subject = cert.get_subject()
-
-            #if ok:
-                #try:
-                    #country = len (subject.get_components()) - 1
-                    #language = 1
-                    #curThread.lang = subject.get_components()[country][language]
-                #except:
-                    #curThread.lang = "En"
         else:
             curThread.client_cert = None
         return ok
@@ -66,10 +50,8 @@ class OpenSSLAdapter (pyOpenSSLAdapter):
     def get_context(self):
         """Return an SSL.Context from self attributes."""
         # See http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/442473
-
         c = SSL.Context(SSL.SSLv23_METHOD)
-        print 11111111111111
-        c.set_passwd_cb(lambda *unused: 'qqqq')
+        #c.set_passwd_cb(lambda *unused: 'qqqq')
         c.use_privatekey_file(self.private_key)
         c.set_verify(SSL.VERIFY_PEER, self.verify_func)
 

core/server/create_cert.py

@@ -22,7 +22,7 @@ from calculate.lib.cl_lang import setLocalTranslate
 setLocalTranslate('cl_core',sys.modules[__name__])
 
 def passphrase_callback(v):
-    return 'qqqq'
+    return None
 
 def generateRSAKey():
     return RSA.gen_key(2048, m2.RSA_F4)

core/server/func_metaclass.py

@@ -39,7 +39,7 @@ class Table (ClassSerializer):
         body = Array (String)
         values = Array (Array (String))
 
-list_module = ["clean", "gen_pid", "check_rights", "test",\
+list_module = ["clean", "gen_pid", "check_rights", \
                "sid_pid_file", "gen_sid", "func", "api_types", \
                'system_update', 'request', 'certificate', 'edit_groups']
 

core/server/server_class.py

@@ -87,7 +87,6 @@ class ClApplication(Application):
         rights = curThread.server.rights
         group_rights = curThread.server.group_rights
         data_path = curThread.server.data_path
-
         ip = req_env.get('REMOTE_ADDR')
         permitted_methods = ['post_server_request', 'post_client_request', \
                              'get_server_cert', 'get_client_cert', \