Blame SOURCES/centos_cert

fe92a6
#!/usr/bin/python
fe92a6
# -*- coding: utf-8 -*-
fe92a6
fe92a6
import os
fe92a6
import sys
fe92a6
import optparse
fe92a6
import urlparse
fe92a6
import urllib
fe92a6
import requests
fe92a6
fe92a6
from getpass import getpass
fe92a6
fe92a6
from centos import CentOSUserCert
fe92a6
from centos import defaults
fe92a6
fe92a6
def download_cert(username, password, topurl=None, servercacert=None, uploadcacert=None):
fe92a6
    if not topurl:
fe92a6
        topurl = defaults.FAS_TOPURL
fe92a6
fe92a6
    if not servercacert:
fe92a6
        servercacert = defaults.SERVER_CA_CERT_FILE
fe92a6
fe92a6
    if not uploadcacert:
fe92a6
        uploadcacert = defaults.UPLOAD_CA_CERT_FILE
fe92a6
fe92a6
    splittopurl = urlparse.urlsplit(topurl)
fe92a6
fe92a6
    usercertpath = os.path.join(splittopurl.path, 'user/dogencert')
fe92a6
    params = {'user_name': username, 'password': password, 'login':'Login' }
fe92a6
fe92a6
    userspliturl = urlparse.SplitResult(splittopurl.scheme,
fe92a6
                                        splittopurl.netloc,
fe92a6
                                        usercertpath,
fe92a6
                                        None,
fe92a6
                                        None)
fe92a6
fe92a6
    servercapath = os.path.join(splittopurl.path, 'centos-server-ca.cert')
fe92a6
    servercaspliturl = urlparse.SplitResult(splittopurl.scheme,
fe92a6
                                            splittopurl.netloc,
fe92a6
                                            servercapath,
fe92a6
                                            None,
fe92a6
                                            None)
fe92a6
fe92a6
    uploadcapath = os.path.join(splittopurl.path, 'centos-upload-ca.cert')
fe92a6
    uploadcaspliturl = urlparse.SplitResult(splittopurl.scheme,
fe92a6
                                            splittopurl.netloc,
fe92a6
                                            uploadcapath,
fe92a6
                                            None,
fe92a6
                                            None)
fe92a6
fe92a6
    userurl = urlparse.urlunsplit(userspliturl)
fe92a6
    servercaurl = urlparse.urlunsplit(servercaspliturl)
fe92a6
    uploadcaurl = urlparse.urlunsplit(uploadcaspliturl)
fe92a6
fe92a6
fe92a6
    with open(os.path.expanduser(defaults.USER_CERT_FILE), 'w') as usercertfile:
fe92a6
        r = requests.post(userurl, params=params, verify=False)
fe92a6
        if r.status_code <= 400:
fe92a6
            usercertfile.write(r.raw.read())
fe92a6
        print os.path.expanduser(defaults.USER_CERT_FILE)
fe92a6
fe92a6
    with open(os.path.expanduser(defaults.SERVER_CA_CERT_FILE), 'w') as servercacertfile:
fe92a6
        r = requests.get(servercaurl, params=params, verify=False)
fe92a6
        if r.status_code <= 400:
fe92a6
            servercacertfile.write(r.raw.read())
fe92a6
        print os.path.expanduser(defaults.SERVER_CA_CERT_FILE)
fe92a6
fe92a6
    with open(os.path.expanduser(defaults.UPLOAD_CA_CERT_FILE), 'w') as uploadcacertfile:
fe92a6
        r = requests.get(uploadcaurl, params=params, verify=False)
fe92a6
        if r.status_code <= 400:
fe92a6
            uploadcacertfile.write(r.raw.read())
fe92a6
        print os.path.expanduser(defaults.UPLOAD_CA_CERT_FILE)
fe92a6
fe92a6
def main(opts):
fe92a6
fe92a6
    if not opts.certfile:
fe92a6
        certfile = defaults.USER_CERT_FILE
fe92a6
    else:
fe92a6
        certfile = opts.certfile
fe92a6
fe92a6
    if opts.username and not opts.verifycert:
fe92a6
        username = opts.username
fe92a6
    else:
fe92a6
        try:
fe92a6
            cert = CentOSUserCert(certfile)
fe92a6
            username = cert.CN
fe92a6
        except IOError, e:
fe92a6
            print "{0}: {1}".format(os.path.expanduser(certfile), e.strerror)
fe92a6
            exit(1)
fe92a6
fe92a6
    if opts.verifycert:
fe92a6
        if not cert.valid:
fe92a6
            print "Your certificate is not valid"
fe92a6
            sys.exit(1)
fe92a6
        else:
fe92a6
            print "Your certificate is valid"
fe92a6
            sys.exit(0)
fe92a6
fe92a6
    if opts.newcert:
fe92a6
        password = getpass('FAS Password: ')
fe92a6
        download_cert(username, password)
fe92a6
fe92a6
if __name__ == '__main__':
fe92a6
fe92a6
    parser = optparse.OptionParser(usage="%prog [OPTIONS] ")
fe92a6
    parser.add_option('-u', '--username', action='store', dest='username',
fe92a6
                     default=False, help="FAS Username.")
fe92a6
    parser.add_option('-n', '--new-cert', action='store_true', dest='newcert',
fe92a6
                     default=False, help="Generate a new Fedora Certificate.")
fe92a6
    parser.add_option('-f', '--file', action='store', dest='certfile',
fe92a6
                     default=None, help="Verify Certificate.")
fe92a6
    parser.add_option('-v', '--verify-cert', action='store_true', dest='verifycert',
fe92a6
                     default=False, help="Verify Certificate.")
fe92a6
    opts,args = parser.parse_args()
fe92a6
fe92a6
    main(opts)