Cleaning up temporary file creation, and revocation checking

This commit is contained in:
kevgliss 2015-09-02 09:12:05 -07:00
parent 45158c64a2
commit 3b109ec578
2 changed files with 24 additions and 18 deletions

View File

@ -21,12 +21,12 @@ from tempfile import NamedTemporaryFile
@contextmanager @contextmanager
def mktempfile(): def mktempfile():
with NamedTemporaryFile(delete=False) as f: with NamedTemporaryFile(delete=False) as f:
fi = f name = f.name
try: try:
yield fi yield name
finally: finally:
os.unlink(fi.name) os.unlink(name)
def ocsp_verify(cert_path, issuer_chain_path): def ocsp_verify(cert_path, issuer_chain_path):
@ -113,8 +113,10 @@ def verify_string(cert_string, issuer_string):
:return: True if valid, False otherwise :return: True if valid, False otherwise
""" """
with mktempfile() as cert_tmp: with mktempfile() as cert_tmp:
cert_tmp.write(cert_string) with open(cert_tmp, 'w') as f:
f.write(cert_string)
with mktempfile() as issuer_tmp: with mktempfile() as issuer_tmp:
issuer_tmp.write(issuer_string) with open(issuer_tmp, 'w') as f:
status = verify(cert_tmp.path, issuer_tmp.path) f.write(issuer_string)
status = verify(cert_tmp, issuer_tmp)
return status return status

View File

@ -148,12 +148,15 @@ def check_revoked():
as `unknown`. as `unknown`.
""" """
for cert in cert_service.get_all_certs(): for cert in cert_service.get_all_certs():
try:
if cert.chain: if cert.chain:
status = verify_string(cert.body, cert.chain) status = verify_string(cert.body, cert.chain)
else: else:
status = verify_string(cert.body, "") status = verify_string(cert.body, "")
cert.status = 'valid' if status else "invalid" cert.status = 'valid' if status else 'invalid'
except Exception as e:
cert.status = 'unknown'
database.update(cert) database.update(cert)
@ -183,7 +186,7 @@ def generate_settings():
return output return output
@manager.option('-s', '--sources', dest='labels', default='', required=False) @manager.option('-s', '--sources', dest='labels')
def sync_sources(labels): def sync_sources(labels):
""" """
Attempts to run several methods Certificate discovery. This is Attempts to run several methods Certificate discovery. This is
@ -209,13 +212,14 @@ def sync_sources(labels):
try: try:
sync_lock.acquire(timeout=10) # wait up to 10 seconds sync_lock.acquire(timeout=10) # wait up to 10 seconds
if labels:
sys.stdout.write("[+] Staring to sync sources: {labels}!\n".format(labels=labels)) sys.stdout.write("[+] Staring to sync sources: {labels}!\n".format(labels=labels))
labels = labels.split(",") labels = labels.split(",")
else:
sys.stdout.write("[+] Starting to sync ALL sources!\n")
if labels[0] == 'all':
sync()
else:
sync(labels=labels) sync(labels=labels)
sys.stdout.write( sys.stdout.write(
"[+] Finished syncing sources. Run Time: {time}\n".format( "[+] Finished syncing sources. Run Time: {time}\n".format(
time=(time.time() - start_time) time=(time.time() - start_time)