Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitaf59334

Browse files
committed
make_ssl_certs: make it possible to pass in expiration dates from command line
Note that the defaults are same as they were, so if nothing isspecified, the script works exactly as before.Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
1 parent309351d commitaf59334

File tree

1 file changed

+26
-17
lines changed

1 file changed

+26
-17
lines changed

‎Lib/test/certdata/make_ssl_certs.py

Lines changed: 26 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,16 @@
11
"""Make the custom certificate and private key files used by test_ssl
22
and friends."""
33

4+
importargparse
45
importos
56
importpprint
67
importshutil
78
importtempfile
89
fromsubprocessimport*
910

1011
startdate="20180829142316Z"
11-
enddate="20371028142316Z"
12+
enddate_default="20371028142316Z"
13+
days_default="7000"
1214

1315
req_template="""
1416
[ default ]
@@ -79,8 +81,8 @@
7981
default_startdate = {startdate}
8082
enddate = {enddate}
8183
default_enddate = {enddate}
82-
default_days =7000
83-
default_crl_days =7000
84+
default_days ={days}
85+
default_crl_days ={days}
8486
certificate = pycacert.pem
8587
private_key = pycakey.pem
8688
serial = $dir/serial
@@ -117,7 +119,7 @@
117119
here=os.path.abspath(os.path.dirname(__file__))
118120

119121

120-
defmake_cert_key(hostname,sign=False,extra_san='',
122+
defmake_cert_key(cmdlineargs,hostname,sign=False,extra_san='',
121123
ext='req_x509_extensions_full',key='rsa:3072'):
122124
print("creating cert for "+hostname)
123125
tempnames= []
@@ -130,11 +132,12 @@ def make_cert_key(hostname, sign=False, extra_san='',
130132
hostname=hostname,
131133
extra_san=extra_san,
132134
startdate=startdate,
133-
enddate=enddate
135+
enddate=cmdlineargs.enddate,
136+
days=cmdlineargs.days
134137
)
135138
withopen(req_file,'w')asf:
136139
f.write(req)
137-
args= ['req','-new','-nodes','-days','7000',
140+
args= ['req','-new','-nodes','-days',cmdlineargs.days,
138141
'-newkey',key,'-keyout',key_file,
139142
'-extensions',ext,
140143
'-config',req_file]
@@ -175,7 +178,7 @@ def make_cert_key(hostname, sign=False, extra_san='',
175178
defunmake_ca():
176179
shutil.rmtree(TMP_CADIR)
177180

178-
defmake_ca():
181+
defmake_ca(cmdlineargs):
179182
os.mkdir(TMP_CADIR)
180183
withopen(os.path.join('cadir','index.txt'),'a+')asf:
181184
pass# empty file
@@ -192,7 +195,8 @@ def make_ca():
192195
hostname='our-ca-server',
193196
extra_san='',
194197
startdate=startdate,
195-
enddate=enddate
198+
enddate=cmdlineargs.enddate,
199+
days=cmdlineargs.days
196200
)
197201
t.write(req)
198202
t.flush()
@@ -228,8 +232,13 @@ def write_cert_reference(path):
228232

229233

230234
if__name__=='__main__':
235+
parser=argparse.ArgumentParser(description='Make the custom certificate and private key files used by test_ssl and friends.')
236+
parser.add_argument('--days',default=days_default)
237+
parser.add_argument('--enddate',default=enddate_default)
238+
cmdlineargs=parser.parse_args()
239+
231240
os.chdir(here)
232-
cert,key=make_cert_key('localhost',ext='req_x509_extensions_simple')
241+
cert,key=make_cert_key(cmdlineargs,'localhost',ext='req_x509_extensions_simple')
233242
withopen('ssl_cert.pem','w')asf:
234243
f.write(cert)
235244
withopen('ssl_key.pem','w')asf:
@@ -246,24 +255,24 @@ def write_cert_reference(path):
246255
f.write(cert)
247256

248257
# For certificate matching tests
249-
make_ca()
250-
cert,key=make_cert_key('fakehostname',ext='req_x509_extensions_simple')
258+
make_ca(cmdlineargs)
259+
cert,key=make_cert_key(cmdlineargs,'fakehostname',ext='req_x509_extensions_simple')
251260
withopen('keycert2.pem','w')asf:
252261
f.write(key)
253262
f.write(cert)
254263

255-
cert,key=make_cert_key('localhost',sign=True)
264+
cert,key=make_cert_key(cmdlineargs,'localhost',sign=True)
256265
withopen('keycert3.pem','w')asf:
257266
f.write(key)
258267
f.write(cert)
259268

260-
cert,key=make_cert_key('fakehostname',sign=True)
269+
cert,key=make_cert_key(cmdlineargs,'fakehostname',sign=True)
261270
withopen('keycert4.pem','w')asf:
262271
f.write(key)
263272
f.write(cert)
264273

265274
cert,key=make_cert_key(
266-
'localhost-ecc',sign=True,key='param:secp384r1.pem'
275+
cmdlineargs,'localhost-ecc',sign=True,key='param:secp384r1.pem'
267276
)
268277
withopen('keycertecc.pem','w')asf:
269278
f.write(key)
@@ -283,7 +292,7 @@ def write_cert_reference(path):
283292
'RID.1 = 1.2.3.4.5',
284293
]
285294

286-
cert,key=make_cert_key('allsans',sign=True,extra_san='\n'.join(extra_san))
295+
cert,key=make_cert_key(cmdlineargs,'allsans',sign=True,extra_san='\n'.join(extra_san))
287296
withopen('allsans.pem','w')asf:
288297
f.write(key)
289298
f.write(cert)
@@ -300,12 +309,12 @@ def write_cert_reference(path):
300309
]
301310

302311
# IDN SANS, signed
303-
cert,key=make_cert_key('idnsans',sign=True,extra_san='\n'.join(extra_san))
312+
cert,key=make_cert_key(cmdlineargs,'idnsans',sign=True,extra_san='\n'.join(extra_san))
304313
withopen('idnsans.pem','w')asf:
305314
f.write(key)
306315
f.write(cert)
307316

308-
cert,key=make_cert_key('nosan',sign=True,ext='req_x509_extensions_nosan')
317+
cert,key=make_cert_key(cmdlineargs,'nosan',sign=True,ext='req_x509_extensions_nosan')
309318
withopen('nosan.pem','w')asf:
310319
f.write(key)
311320
f.write(cert)

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp