Commit 2bec7494 authored by ale's avatar ale
Browse files

allow the user to provide a shared secret for authentication

parent fa26c3af
import optparse import optparse
import os
import logging import logging
import sys import sys
from OpenSSL import crypto from OpenSSL import crypto
...@@ -30,13 +31,21 @@ def main(): ...@@ -30,13 +31,21 @@ def main():
parser.add_option('--subject', dest='subject', parser.add_option('--subject', dest='subject',
help='specify the X.509 subject as a set of ' help='specify the X.509 subject as a set of '
'comma-separated ATTR=VALUE assignments') 'comma-separated ATTR=VALUE assignments')
parser.add_option('--secret', dest='secret',
help='shared secret for authentication')
opts, args = parser.parse_args() opts, args = parser.parse_args()
if len(args) < 1: if len(args) < 1:
parser.error('No command specified') parser.error('No command specified')
if not opts.url: if not opts.url:
parser.error('Must specify --url') parser.error('Must specify --url')
ca = ca_stub.CaStub(opts.url) secret = opts.secret
if not secret:
if os.getenv('AUTOCA_SECRET'):
with open(os.getenv('AUTOCA_SECRET'), 'r') as fd:
secret = fd.read().strip()
ca = ca_stub.CaStub(opts.url, secret)
cmd, args = args[0], args[1:] cmd, args = args[0], args[1:]
if cmd == 'get-ca': if cmd == 'get-ca':
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment