Cleaning up temporary file creation, and revocation checking
This commit is contained in:
parent
45158c64a2
commit
3b109ec578
@ -21,12 +21,12 @@ from tempfile import NamedTemporaryFile
|
||||
@contextmanager
|
||||
def mktempfile():
|
||||
with NamedTemporaryFile(delete=False) as f:
|
||||
fi = f
|
||||
name = f.name
|
||||
|
||||
try:
|
||||
yield fi
|
||||
yield name
|
||||
finally:
|
||||
os.unlink(fi.name)
|
||||
os.unlink(name)
|
||||
|
||||
|
||||
def ocsp_verify(cert_path, issuer_chain_path):
|
||||
@ -113,8 +113,10 @@ def verify_string(cert_string, issuer_string):
|
||||
:return: True if valid, False otherwise
|
||||
"""
|
||||
with mktempfile() as cert_tmp:
|
||||
cert_tmp.write(cert_string)
|
||||
with open(cert_tmp, 'w') as f:
|
||||
f.write(cert_string)
|
||||
with mktempfile() as issuer_tmp:
|
||||
issuer_tmp.write(issuer_string)
|
||||
status = verify(cert_tmp.path, issuer_tmp.path)
|
||||
with open(issuer_tmp, 'w') as f:
|
||||
f.write(issuer_string)
|
||||
status = verify(cert_tmp, issuer_tmp)
|
||||
return status
|
||||
|
@ -148,12 +148,15 @@ def check_revoked():
|
||||
as `unknown`.
|
||||
"""
|
||||
for cert in cert_service.get_all_certs():
|
||||
if cert.chain:
|
||||
status = verify_string(cert.body, cert.chain)
|
||||
else:
|
||||
status = verify_string(cert.body, "")
|
||||
try:
|
||||
if cert.chain:
|
||||
status = verify_string(cert.body, cert.chain)
|
||||
else:
|
||||
status = verify_string(cert.body, "")
|
||||
|
||||
cert.status = 'valid' if status else "invalid"
|
||||
cert.status = 'valid' if status else 'invalid'
|
||||
except Exception as e:
|
||||
cert.status = 'unknown'
|
||||
database.update(cert)
|
||||
|
||||
|
||||
@ -183,7 +186,7 @@ def generate_settings():
|
||||
return output
|
||||
|
||||
|
||||
@manager.option('-s', '--sources', dest='labels', default='', required=False)
|
||||
@manager.option('-s', '--sources', dest='labels')
|
||||
def sync_sources(labels):
|
||||
"""
|
||||
Attempts to run several methods Certificate discovery. This is
|
||||
@ -209,13 +212,14 @@ def sync_sources(labels):
|
||||
try:
|
||||
sync_lock.acquire(timeout=10) # wait up to 10 seconds
|
||||
|
||||
if labels:
|
||||
sys.stdout.write("[+] Staring to sync sources: {labels}!\n".format(labels=labels))
|
||||
labels = labels.split(",")
|
||||
else:
|
||||
sys.stdout.write("[+] Starting to sync ALL sources!\n")
|
||||
sys.stdout.write("[+] Staring to sync sources: {labels}!\n".format(labels=labels))
|
||||
labels = labels.split(",")
|
||||
|
||||
if labels[0] == 'all':
|
||||
sync()
|
||||
else:
|
||||
sync(labels=labels)
|
||||
|
||||
sync(labels=labels)
|
||||
sys.stdout.write(
|
||||
"[+] Finished syncing sources. Run Time: {time}\n".format(
|
||||
time=(time.time() - start_time)
|
||||
|
Loading…
Reference in New Issue
Block a user