Commit 21b16280 authored by ale's avatar ale

Fix CRL generation with older OpenSSL versions

The 'digest' argument to OpenSSL.crypto.CRL.export has only been added
in recent versions.
parent a03b822c
import OpenSSL
from OpenSSL import crypto from OpenSSL import crypto
import logging import logging
import os import os
...@@ -9,6 +10,12 @@ from autoca import certutil ...@@ -9,6 +10,12 @@ from autoca import certutil
log = logging.getLogger(__name__) log = logging.getLogger(__name__)
crl_export_args = {
'digest': 'sha256',
}
if OpenSSL.__version__.startswith('0.'):
crl_export_args = {}
class CA(object): class CA(object):
"""A Certification Authority stored on the local filesystem.""" """A Certification Authority stored on the local filesystem."""
...@@ -134,7 +141,7 @@ class CA(object): ...@@ -134,7 +141,7 @@ class CA(object):
crl.add_revoked(revoked) crl.add_revoked(revoked)
self.storage.set_crl( self.storage.set_crl(
crl.export(self.ca_crt, self.ca_key, crypto.FILETYPE_PEM, 30, crl.export(self.ca_crt, self.ca_key, crypto.FILETYPE_PEM, 30,
digest='sha256')) **crl_export_args))
self._load_crl() self._load_crl()
def _load_crl(self): def _load_crl(self):
...@@ -144,7 +151,7 @@ class CA(object): ...@@ -144,7 +151,7 @@ class CA(object):
crl = crypto.CRL() crl = crypto.CRL()
self.crl_data_pem = crl.export(self.ca_crt, self.ca_key, self.crl_data_pem = crl.export(self.ca_crt, self.ca_key,
crypto.FILETYPE_PEM, 30, crypto.FILETYPE_PEM, 30,
digest='sha256') **crl_export_args)
self.storage.set_crl(self.crl_data_pem) self.storage.set_crl(self.crl_data_pem)
# Re-read the CRL data in DER and PEM formats. # Re-read the CRL data in DER and PEM formats.
......
autoca (0.3.2) unstable; urgency=low
* Fix CRL generation with older OpenSSL versions.
-- Autistici/Inventati <debian@autistici.org> Sat, 2 Sep 2017 05:40:32 +0000
autoca (0.3.1) unstable; urgency=low autoca (0.3.1) unstable; urgency=low
* Added command to update the CRL. * Added command to update the CRL.
......
...@@ -4,7 +4,7 @@ from setuptools import setup, find_packages ...@@ -4,7 +4,7 @@ from setuptools import setup, find_packages
setup( setup(
name="autoca", name="autoca",
version="0.3.1", version="0.3.2",
description="Automated CA management.", description="Automated CA management.",
author="Ale", author="Ale",
author_email="ale@incal.net", author_email="ale@incal.net",
......
...@@ -4,8 +4,8 @@ deps= ...@@ -4,8 +4,8 @@ deps=
coverage coverage
mox mox
commands= commands=
nosetests \ nosetests -v \
--with-coverage --cover-package=autoca,autovpn --cover-erase --cover-html --cover-html-dir=htmlcov \ --with-coverage --cover-package=autoca --cover-erase --cover-html --cover-html-dir=htmlcov \
--with-xunit \ --with-xunit \
[] # substitute with tox' positional arguments [] # substitute with tox' positional arguments
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment