|
|
|
@ -17,6 +17,7 @@
|
|
|
|
|
|
|
|
|
|
import cert_cmd
|
|
|
|
|
import post_request
|
|
|
|
|
import datetime, subprocess
|
|
|
|
|
|
|
|
|
|
from calculate.core.client.cert_func import new_key_req
|
|
|
|
|
from calculate.core.client.function import get_ip_mac_type
|
|
|
|
@ -28,14 +29,51 @@ from os import path
|
|
|
|
|
from calculate.lib.cl_lang import setLocalTranslate
|
|
|
|
|
setLocalTranslate('cl_core',sys.modules[__name__])
|
|
|
|
|
|
|
|
|
|
def createDate(date):
|
|
|
|
|
year = int(date[:4])
|
|
|
|
|
month = int(date[4:6])
|
|
|
|
|
day = int(date[6:8])
|
|
|
|
|
hour = int(date[8:10])
|
|
|
|
|
minute = int(date[10:12])
|
|
|
|
|
sec = int(date[12:14])
|
|
|
|
|
return datetime.datetime(year, month, day, hour, minute, sec)
|
|
|
|
|
|
|
|
|
|
def check(cert, key, cert_path, data_path, certbase, args):
|
|
|
|
|
error_flag = 0
|
|
|
|
|
if not path.isfile(cert):
|
|
|
|
|
error_flag = 1
|
|
|
|
|
print 'Certificate %s not found' %cert
|
|
|
|
|
print _('Certificate %s not found') %cert
|
|
|
|
|
if not path.isfile(key):
|
|
|
|
|
error_flag = 1
|
|
|
|
|
print 'Secret key %s not found' %key
|
|
|
|
|
print _('Secret key %s not found') %key
|
|
|
|
|
if path.isfile(cert) and path.isfile(key):
|
|
|
|
|
# check correspondence certificate and private key
|
|
|
|
|
cmd_cert = 'openssl x509 -noout -modulus -in ' + cert
|
|
|
|
|
cmd_key = 'openssl rsa -noout -modulus -in ' + key
|
|
|
|
|
p_cert = subprocess.Popen(cmd_cert.split(), stdout = subprocess.PIPE, \
|
|
|
|
|
stderr = subprocess.PIPE)
|
|
|
|
|
p_key = subprocess.Popen(cmd_key.split(), stdout = subprocess.PIPE, \
|
|
|
|
|
stderr = subprocess.PIPE)
|
|
|
|
|
if not p_cert.stdout.read().strip() == p_key.stdout.read().strip():
|
|
|
|
|
print _('Certificate does not match the private key')
|
|
|
|
|
error_flag = 1
|
|
|
|
|
|
|
|
|
|
# check certificate date
|
|
|
|
|
cert_data = open(cert, 'r').read()
|
|
|
|
|
certobj = OpenSSL.crypto.load_certificate \
|
|
|
|
|
(OpenSSL.SSL.FILETYPE_PEM, cert_data)
|
|
|
|
|
certobj.get_notBefore()
|
|
|
|
|
notAfter = createDate(certobj.get_notAfter())
|
|
|
|
|
notBefore = createDate(certobj.get_notBefore())
|
|
|
|
|
|
|
|
|
|
date = datetime.datetime.now()
|
|
|
|
|
|
|
|
|
|
if notBefore > date:
|
|
|
|
|
print _('Certificate creation date greater than current date')
|
|
|
|
|
error_flag = 1
|
|
|
|
|
elif notAfter < date:
|
|
|
|
|
print _('Expiry date certificate has passed')
|
|
|
|
|
error_flag = 1
|
|
|
|
|
sys.exit(error_flag)
|
|
|
|
|
|
|
|
|
|
def init(cert, key, cert_path, data_path, certbase, args, port, user_name):
|
|
|
|
|